New & Notable
News
Russian hackers exploit Firefox, Windows zero-days in wild
RomCom threat actors chain two Firefox and Windows zero-day vulnerabilities together in order to execute arbitrary code in vulnerable Mozilla browsers.
News
AWS CISO details automated cybersecurity tools for customers
Chris Betz, CISO at AWS, discusses how three internal tools are designed to automatically identify and mitigate threats for the cloud giant's customers.
News
Volexity details Russia's novel 'Nearest Neighbor Attack'
The security company warned that the new attack style highlights the importance of securing Wi-Fi networks, implementing MFA and patching known vulnerabilities.
News
Cyber insurers address ransom reimbursement policy concerns
In a recent op-ed for The Financial Times, U.S. Deputy National Security Advisor Anne Neuberger wrote that reimbursing ransom payments is a 'troubling practice that must end.'
Trending Topics
-
Data Security & Privacy News
Risk & Repeat: China hacks major telecom companies
The FBI and CISA confirmed reports that Salt Typhoon breached several major telecom companies and accessed data related to law enforcement requests.
-
Threats & Vulnerabilities News
Russian hackers exploit Firefox, Windows zero-days in wild
RomCom threat actors chain two Firefox and Windows zero-day vulnerabilities together in order to execute arbitrary code in vulnerable Mozilla browsers.
-
IAM Get Started
4 types of access control
Access management is the gatekeeper, making sure a device or person can gain entry only to the systems or applications to which they have been granted permission.
-
Analytics & Automation News
AWS CISO details automated cybersecurity tools for customers
Chris Betz, CISO at AWS, discusses how three internal tools are designed to automatically identify and mitigate threats for the cloud giant's customers.
-
Network Security News
Volexity details Russia's novel 'Nearest Neighbor Attack'
The security company warned that the new attack style highlights the importance of securing Wi-Fi networks, implementing MFA and patching known vulnerabilities.
-
Operations & Management Evaluate
User provisioning and deprovisioning: Why it matters for IAM
Overprivileged and orphaned user identities pose risks. Cybersecurity teams should be sure user profiles grant only appropriate access -- and only for as long as necessary.
Sponsored Sites
-
Cybersecurity
Kaspersky Next: Cybersecurity Redefined
-
Cloud Workloads
VMware vSphere Foundation and VMware Cloud Foundation powered by Intel technology results in a unified software-defined Data Center platform for running and managing private cloud, multi-cloud, and edge containerized workloads. Built-in inferencing enables customers to efficiently turn data into insight on a flexible hybrid cloud environment.
-
IT Workflows
Transform Your Organization With Modern and Resilient IT Services
Learn how ServiceNow’s IT solutions can help your organization seize the upside of operational resilience and raise employee agility.
Topics Covered
Application and platform security
Careers and certifications
Cloud security
Compliance
Data security and privacy
Identity and access management
Network security
Risk management
Security analytics and automation
Security operations and management
Threat detection and response
Threats and vulnerabilities
Featured Authors
Find Solutions For Your Project
-
Evaluate
U.S. data privacy protection laws: 2025 guide
Growing concerns over the processing, storage and protection of personal data, plus the GenAI effect, are leading to the passage of new local and regional privacy regulations.
-
User provisioning and deprovisioning: Why it matters for IAM
-
SIEM vs. SOAR vs. XDR: Evaluate the key differences
-
EDR vs. XDR vs. MDR: Key differences and benefits
-
-
Problem Solve
Biometric privacy and security challenges to know
Fingerprints and facial scans can make identity access more convenient than passwords, but biometric tools present significant ethical and legal challenges.
-
How to identify and prevent insecure output handling
-
DDoS mitigation: How to stop DDoS attacks
-
Threat intelligence vs. threat hunting: Better together
-
-
Manage
What CISOs need to know to build an OT cybersecurity program
More companies are tasking CISOs with operational technology security. But this oversight means a new strategy for those unfamiliar with building an effective OT security program.
-
How to create an enterprise cloud security budget
-
API security testing checklist: 7 key steps
-
Insider threat hunting best practices and tools
-
Information Security Basics
-
Get Started
What is IPsec (Internet Protocol Security)?
IPsec (Internet Protocol Security) is a suite of protocols and algorithms for securing data transmitted over the internet or any public network.
-
Get Started
What is Extensible Authentication Protocol (EAP)?
Extensible Authentication Protocol (EAP) is a protocol for wireless networks that expands the authentication methods used by Point-to-Point Protocol (PPP), a protocol often used when connecting a computer to the internet.
-
Get Started
What is endpoint detection and response (EDR)?
Endpoint detection and response (EDR) is a system that gathers and analyzes security threat-related information from computer workstations and other endpoints.
Multimedia
-
News
View All -
Compliance
New York fines Geico, Travelers $11.3M over data breaches
The two insurance giants were fined millions by New York state regulators and are required to enhance security protocols around authentication and penetration testing.
-
Threats and vulnerabilities
Russian hackers exploit Firefox, Windows zero-days in wild
RomCom threat actors chain two Firefox and Windows zero-day vulnerabilities together in order to execute arbitrary code in vulnerable Mozilla browsers.
-
Security analytics and automation
AWS CISO details automated cybersecurity tools for customers
Chris Betz, CISO at AWS, discusses how three internal tools are designed to automatically identify and mitigate threats for the cloud giant's customers.
Search Security Definitions
- What is Extensible Authentication Protocol (EAP)?
- What is IPsec (Internet Protocol Security)?
- What is endpoint detection and response (EDR)?
- What is Common Vulnerabilities and Exposures (CVE)?
- What is a spam trap?
- What is a whaling attack (whaling phishing)?
- What is identity governance and administration (IGA)?
- What is machine identity management?