New & Notable
News
Rapid7 warns of alarming zero-day vulnerability trends
The cybersecurity vendor tracked vulnerabilities that were used by threat actors in mass compromise events and found more than half were exploited as zero days.
News
CyberArk to acquire Venafi from Thoma Bravo for $1.5B
CyberArk said it intends to help enterprises with the growing number of machine identities, which the company said surpasses human identities by a ratio of 40 to 1.
Evaluate
10 risk-related security updates you may have missed at RSA
AI was a prominent theme at RSA Conference, but many security vendors also delivered risk-focused capabilities to help Infosec pros better manage their risk posture.
Evaluate
How AI-driven patching could transform cybersecurity
At RSAC 2024, a Google researcher described how the search giant has already seen modest but significant success using generative AI to patch vulnerabilities.
Trending Topics
-
Data Security & Privacy Evaluate
Lessons learned from high-profile data breaches
Equifax. Colonial Pipeline. Sony. Target. All are high-profile data breaches, and all offer key lessons to learn that prevent your organization from falling victim to an attack.
-
Threats & Vulnerabilities News
Google discloses 2 zero-day vulnerabilities in less than a week
Google released fixed versions to address the two vulnerabilities in its Chrome web browser, but the updates will roll out in stages with no specific dates available.
-
IAM Manage
How to configure sudo privilege and access control settings
Learn how to use the sudo command for access control configurations, from granting full administrative privileges to delegating roles.
-
Analytics & Automation News
IBM sells QRadar SaaS assets to Palo Alto Networks
The deal with Palo Alto Networks comes one year after IBM announced QRadar Suite, an AI-enhanced security platform that combined existing SIEM and XDR products.
-
Network Security News
AI-driven attacks seen as chief cloud security threat
Tried and true cloud security threats are on the rise. But according to a new report from Palo Alto Networks, the specter of generative AI threats has organizations concerned.
-
Operations & Management News
SonicWall CEO talks transformation, security transparency
SonicWall's CEO said that following a string of serious vulnerabilities the company responded to in 2021, product development and quality assurance operations were overhauled.
Topics Covered
Application and platform security
Careers and certifications
Cloud security
Compliance
Data security and privacy
Identity and access management
Network security
Risk management
Security analytics and automation
Security operations and management
Threat detection and response
Threats and vulnerabilities
Featured Authors
Find Solutions For Your Project
-
Evaluate
10 risk-related security updates you may have missed at RSA
AI was a prominent theme at RSA Conference, but many security vendors also delivered risk-focused capabilities to help Infosec pros better manage their risk posture.
-
How AI-driven patching could transform cybersecurity
-
3 reasons Synopsys is selling its app security business
-
Lessons learned from high-profile data breaches
-
-
Problem Solve
How to detect deepfakes manually and using AI
Deepfakes rely on AI to generate realistic but counterfeit content. A variety of automated tools and manual hints can help organizations pinpoint deepfake videos and images.
-
SSPM vs. CSPM: What's the difference?
-
Top 11 cloud security challenges and how to combat them
-
How to conduct security patch validation and verification
-
-
Manage
VM security in cloud computing explained
Cloud computing allows an organization to reduce its risks by having to secure fewer resources. The tradeoff is that cloud creates more attack vectors. Don't let VMs trip you up.
-
How to configure sudo privilege and access control settings
-
What is a cloud security engineer, and how do I become one?
-
How remote work is changing patch management
-
-
E-Handbook | July 2021
Mitigating risk-based vulnerability management challenges
Download -
E-Handbook | June 2021
Security observability tools step up threat detection, response
Download -
E-Handbook | January 2021
SolarWinds supply chain attack explained: Need-to-know info
Download -
E-Handbook | November 2020
Cyber insurance 101: Timely guidance on an essential tool
Download -
E-Zine | November 2020
AI cybersecurity raises analytics' accuracy, usability
Download
Information Security Basics
-
Get Started
out-of-band authentication
Out-of-band authentication is a type of two-factor authentication (2FA) that requires a secondary verification method through a separate communication channel along with the typical ID and password.
-
Get Started
Common Vulnerability Scoring System (CVSS)
The Common Vulnerability Scoring System (CVSS) is a public framework for rating the severity and characteristics of security vulnerabilities in information systems.
-
Get Started
cloud-native application protection platform (CNAPP)
Cloud-native application protection platform, or CNAPP, is a software product that bundles multiple cloud security tools into one package, thereby delivering a holistic approach for securing an organization's cloud infrastructure, its cloud-native ...
Multimedia
-
News
View All -
Threat detection and response
What LockBitSupp charges mean for ransomware investigations
At RSA Conference 2024, Recorded Future's Allan Liska discussed evolving ransomware trends and how authorities recently exposed the LockBit ransomware group ringleader.
-
Security analytics and automation
IBM sells QRadar SaaS assets to Palo Alto Networks
The deal with Palo Alto Networks comes one year after IBM announced QRadar Suite, an AI-enhanced security platform that combined existing SIEM and XDR products.
-
Network security
AI-driven attacks seen as chief cloud security threat
Tried and true cloud security threats are on the rise. But according to a new report from Palo Alto Networks, the specter of generative AI threats has organizations concerned.
Security Definitions
- out-of-band authentication
- Common Vulnerability Scoring System (CVSS)
- cloud-native application protection platform (CNAPP)
- Patch Tuesday
- Pegasus malware
- risk-based patch management (RBPM)
- risk-based vulnerability management (RBVM)
- cloud infrastructure entitlement management (CIEM)