Browse Definitions:

SearchSecurity

SearchSecurity provides immediate access to breaking industry news, virus alerts, new hacker threats and attacks, security certification training resources, security standard compliance, webcasts, white papers, podcasts, Security Schools, a selection of highly focused security newsletters and more -- all at no cost. Nowhere else will you find such a highly targeted combination of resources specifically dedicated to the success of today's IT-security professional.

View the complete archive of Enterprise Information Security news, research and expert advice.

Go to:  SearchSecurity

Recently on  SearchSecurity

Microsoft Patch Tuesday February release delayed by a month

News roundup: Microsoft Patch Tuesday was canceled in February without a clear reason. Plus, APT28 is linked to new Mac malware; Lazarus targets more banks and more.

More Highlights
Definitions
  • email spam

    Email spam, or junk email, is unsolicited bulk messages sent through email with commercial, fraudulent or malicious intent.

  • distributed denial of service (DDoS) attack

    A distributed denial-of-service attack occurs when an attack originates from multiple computers or devices, usually from multiple different locations or networks.

  • application whitelisting

    Application whitelisting is the practice of identifying applications that have been deemed safe for execution and restricting all other applications from running.

Browse Security Topics

Application and Platform Security

Get advice on application and platform security. Here you'll find information on vulnerability and threat management, operating system security and storage security, application firewalls, email protection, IM security, Web security and more.

Recent Definitions

  • runtime application self-protection (RASP)

    Runtime application self-protection (RASP) is security software that monitors application inputs and behavior and takes action to deal with suspicious events automatically or, if necessary, alert an administrator.

  • distributed denial of service (DDoS) attack

    A distributed denial-of-service attack occurs when an attack originates from multiple computers or devices, usually from multiple different locations or networks.

  • behavior blacklisting

    Behavior blacklisting is a security method based on detecting specified suspicious actions on the part of software or human agents and blocking access accordingly.

Highlights

More Application and Platform Security Topics

Back to Top

Enterprise Data Protection

In an era when data theft and security breaches are daily occurrences, secure data storage is a key component of a security infrastructure. This introduction to enterprise data protection offers advice on how to lock down stored data, data backup and recovery, disk and file encryption and database security.

Recent Definitions

  • security

    Security, in information technology (IT), is the defense of digital information and IT assets against internal and external, malicious and accidental threats.

  • memory dump attack

    A memory dump attack is the capture and use of RAM content that was written to a storage drive during an unrecoverable error, which was typically triggered by the attacker.

  • CISO (chief information security officer)

    The CISO (chief information security officer) is a senior-level executive responsible for developing and implementing an information security program, which includes procedures and policies designed to protect enterprise communications, systems and assets from both internal and external threats.

Highlights

More Enterprise Data Protection Topics

Back to Top

Enterprise Identity and Access Management

Identity management and access control are integral in maintaining data security. Here you'll find information on passwords, authentication and Web access control. Browse the identity management and access control topics below for the latest news, expert advice, learning tools and more.

Recent Definitions

  • access governance (AG)

    Access governance (AG) is an aspect of information technology (IT) security management that seeks to reduce the risks associated with excessive access rights, inactive users and orphan accounts.

  • single sign-on (SSO)

    Single sign-on is a session and user authentication process in which a user can access multiple applications with one name and password.

  • Certificate Revocation List (CRL)

    A Certificate Revocation List (CRL) is a list of digital certificates that have been revoked by the issuing Certificate Authority and should not be trusted. Web browsers use CRLs to determine whether a website's digital certificate is still valid and trustworthy.

Highlights

More Enterprise Identity and Access Management Topics

Back to Top

Enterprise Network Security

Network security is a critical aspect of enterprise security. Here you'll find network security solution for several areas, such as, network architecture, software and policies, VPNs, device management, network prevention and intrusion detection and wireless security. Browse the network security topics below to find the latest news, expert advice, learning tools and more.

Recent Definitions

  • Secure Sockets Layer (SSL)

    Secure Sockets Layer (SSL) is a computer networking protocol for securing connections between network application clients and servers over an insecure network, such as the internet.

  • security event

    A security event is a change in the everyday operations of a network or IT service, indicating that an security policy may have been violated or a security safeguard may have failed.

  • information security (infosec)

    Information security is the set of business processes that protects information assets from being compromised, replicated or destroyed, regardless of its format.

Highlights

More Enterprise Network Security Topics

Back to Top

Government IT security

Government IT security management news and analysis covering information security in the federal government and its agencies as well as state and local governments, national initiatives to secure cyberspace, public-private cooperation and the government's role in helping enterprises protect the data of U.S. citizens.

Recent Definitions

  • Office of Personnel Management (OPM)

    The Office of Personnel Management (OPM) is an independent agency of the United States government that is tasked with the oversight of civil service hirings.

  • Cybersecurity Information Sharing Act (CISA)

    Cybersecurity Information Sharing Act (CISA) is proposed legislation that will allow United States government agencies and non-government entities to share information with each other as they investigate cyberattacks.

  • EINSTEIN

    EINSTEIN monitors and analyzes Internet traffic when it moves in and out of U.S. federal computer networks.

Highlights

Back to Top

Information Security Careers, Training and Certifications

The information security careers, training and certification resource center provides the latest news, expert advice and learning tools to help you make informed career choices, learn about CISSP, SANS and CISA certification, and the training required for information security jobs.

Recent Definitions

  • CISO (chief information security officer)

    The CISO (chief information security officer) is a senior-level executive responsible for developing and implementing an information security program, which includes procedures and policies designed to protect enterprise communications, systems and assets from both internal and external threats.

  • Certified Information Systems Security Professional (CISSP)

    Certified Information Systems Security Professional (CISSP) is an information security certification developed by the International Information Systems Security Certification Consortium, also known as (ISC)².

  • Certified Information Systems Auditor (CISA)

    Certified Information Systems Auditor is a credential that demonstrates an IT professional's ability to assess risk and institute technology controls. The certification is intended for IT auditors, audit managers, consultants and security professionals.

Highlights

More Information Security Careers, Training and Certifications Topics

Back to Top

Information Security Management

Conquer the challenges of enterprise information security management with helpful information on regulatory compliance, risk management, information security standards, security frameworks, disaster recovery and more. Browse the security management topics below for news, expert advice and online learning seminars.

Recent Definitions

  • email spam

    Email spam, or junk email, is unsolicited bulk messages sent through email with commercial, fraudulent or malicious intent.

  • security

    Security, in information technology (IT), is the defense of digital information and IT assets against internal and external, malicious and accidental threats.

  • adaptive security

    Adaptive security is an approach to safeguarding systems and data by recognizing threat-related behaviors rather than the files and code used by virus definitions.

Highlights

More Information Security Management Topics

Back to Top

Information Security Threats

Mitigating information security threats is an ongoing battle. Here you'll find information on ID theft, data security breaches, viruses, email threats, Web threats, hacking tools and more. Browse the information security threats topics below for news, expert advice and learning tools.

Recent Definitions

  • romance scam

    A romance scam is a fraudulent scheme in which a swindler pretends romantic interest in a target, establishes a relationship and then attempts to get money or sensitive information from the target under various false pretenses.

  • Facebook cloning

    Facebook cloning is a scam in which the attacker copies the profile picture of an authorized user, creates a new account using that person’s name and sends friend requests to people on the user’s list.

  • hacking as a service (HaaS)

    Hacking as a service (HaaS) is the commercialization of hacking skills, in which the hacker serves as a contractor. HaaS makes advanced code-breaking skills available to anyone with a web browser and a credit card.

Highlights

More Information Security Threats Topics

Back to Top

Security Audit, Compliance and Standards

Get tips from the experts on security audits, compliance and standards. Advice is offered on data privacy and theft, audit planning and management, how to work with auditors, and compliance with standards, regulations and guidelines such as PCI DSS, GLBA, HIPPA, SOX, FISMA, ISO 17799 and COBIT.

Recent Definitions

  • compensating control (alternative control)

    A compensating control, also called an alternative control, is a mechanism that is put in place to satisfy the requirement for a security measure that is deemed too difficult or impractical to implement at the present time.

  • single sign-on (SSO)

    Single sign-on is a session and user authentication process in which a user can access multiple applications with one name and password.

  • strong cryptography

    Strong cryptography is used by most governments around the world to protect communications. It involves secreted and encrypted communication that is not amenable to cryptographic analysis.

Highlights

More Security Audit, Compliance and Standards Topics

Back to Top

-ADS BY GOOGLE

SearchCompliance

  • PCAOB (Public Company Accounting Oversight Board)

    The Public Company Accounting Oversight Board (PCAOB) is a Congressionally-established nonprofit that assesses audits of public ...

  • cyborg anthropologist

    A cyborg anthropologist is an individual who studies the interaction between humans and technology, observing how technology can ...

  • RegTech

    RegTech, or regulatory technology, is a term used to describe technology that is used to help streamline the process of ...

SearchSecurity

  • email spam

    Email spam, or junk email, is unsolicited bulk messages sent through email with commercial, fraudulent or malicious intent.

  • distributed denial of service (DDoS) attack

    A distributed denial-of-service attack occurs when an attack originates from multiple computers or devices, usually from multiple...

  • application whitelisting

    Application whitelisting is the practice of identifying applications that have been deemed safe for execution and restricting all...

SearchHealthIT

  • athenahealth Inc.

    Based in Watertown, Mass., athenahealth Inc. is a leading vendor of cloud-based EHRs for small to medium-sized physician ...

  • Affordable Care Act (ACA or Obamacare)

    The Affordable Care Act (ACA) is legislation passed in 2010 that changed how uninsured Americans enroll in and receive healthcare...

  • HIPAA Privacy Rule

    The Standards for Privacy of Individually Identifiable Health Information, commonly known as the HIPAA Privacy Rule, establishes ...

SearchDisasterRecovery

  • disaster recovery as a service (DRaaS)

    One approach to a strong disaster recovery plan is DRaaS, where companies offload data replication and restoration ...

  • data recovery

    Data recovery restores data that has been lost, accidentally deleted, corrupted or made inaccessible. Learn how data recovery ...

  • disaster recovery plan (DRP)

    A company's disaster recovery policy is enhanced with a documented DR plan that formulates strategies, and outlines preparation ...

SearchStorage

  • yottabyte (YB)

    A yottabyte is a measure of theoretical storage capacity and is 2 to the 80th power bytes, or, in decimal, approximately 1,000 ...

  • Kilo, mega, giga, tera, peta, exa, zetta and all that

    Kilo, mega, giga, tera, peta, exa, zetta are among the list of prefixes used to denote the quantity of something, such as a byte ...

  • brontobyte

    A brontobyte is a measure of memory or data storage that is equal to 10 to the 27th power of bytes.

SearchSolidStateStorage

  • SSD caching

    SSD caching, also known as flash caching, is the temporary storage of data on NAND flash memory chips in a solid-state drive so ...

  • NVDIMM (Non-Volatile Dual In-line Memory Module)

    An NVDIMM (non-volatile dual in-line memory module) is hybrid computer memory that retains data during a service outage.

  • NAND mirroring

    NAND mirroring has been proposed to break the security in certain portable devices that use NAND flash memory for encryption.

SearchCloudStorage

  • RESTful API

    A RESTful application program interface breaks down a transaction to create a series of small modules, each of which addresses an...

  • cloud storage infrastructure

    Cloud storage infrastructure is the hardware and software framework that supports the computing requirements of a private or ...

  • Zadara VPSA and ZIOS

    Zadara Storage provides block, file or object storage with varying levels of compute and capacity through its ZIOS and VPSA ...

Close