Browse Definitions :

SearchSecurity

SearchSecurity provides immediate access to breaking industry news, virus alerts, new hacker threats and attacks, security certification training resources, security standard compliance, webcasts, white papers, podcasts, Security Schools, a selection of highly focused security newsletters and more -- all at no cost. Nowhere else will you find such a highly targeted combination of resources specifically dedicated to the success of today's IT-security professional.

View the complete archive of Enterprise Information Security news, research and expert advice.

Go to:  SearchSecurity

Recently on  SearchSecurity

Project Zero finds Logitech Options app critically flawed

Tavis Ormandy of Google's Project Zero discovered a serious authentication vulnerability in Logitech's Options application, but the peripheral device maker has yet to address the flaw.

More Highlights
Definitions
  • RSA algorithm (Rivest-Shamir-Adleman)

    The RSA algorithm is the basis of a cryptosystem -- a suite of cryptographic algorithms that are used for specific security services or purposes -- which enables public key encryption and is widely used to secure sensitive data, particularly when it is being sent over an insecure network such as the internet.

  • remote access

    Remote access is the ability to access a computer or a network remotely through a network connection.

  • IP Spoofing

    IP spoofing is the crafting of Internet Protocol (IP) packets with a source IP address that has been modified to impersonate another computer system, or to hide the identity of the sender, or both.

Browse Security Topics

Data security

In an era when data theft and security breaches are daily occurrences, secure data storage is a key component of a security infrastructure. This introduction to enterprise data security and protection strategies offers advice on how to lock down stored data, data backup and recovery, disk and file encryption and database security.

Recent Definitions

  • RSA algorithm (Rivest-Shamir-Adleman)

    The RSA algorithm is the basis of a cryptosystem -- a suite of cryptographic algorithms that are used for specific security services or purposes -- which enables public key encryption and is widely used to secure sensitive data, particularly when it is being sent over an insecure network such as the internet.

  • remote access

    Remote access is the ability to access a computer or a network remotely through a network connection.

  • cipher

    In cryptology, the discipline concerned with the study of cryptographic algorithms, a cipher is an algorithm for encrypting and decrypting data.

Highlights

More Data security Topics

Back to Top

Identity and access management

Identity and access management tools are integral to maintaining data security in the enterprise. Here you'll find information on passwords, authentication and Web access control. Browse the identity management and access control topics below for the latest news, expert advice, learning tools and more.

Recent Definitions

  • RSA algorithm (Rivest-Shamir-Adleman)

    The RSA algorithm is the basis of a cryptosystem -- a suite of cryptographic algorithms that are used for specific security services or purposes -- which enables public key encryption and is widely used to secure sensitive data, particularly when it is being sent over an insecure network such as the internet.

  • remote access

    Remote access is the ability to access a computer or a network remotely through a network connection.

  • smart card

    A smart card is a physical card that has an embedded integrated chip that acts as a security token.

Highlights

More Identity and access management Topics

Back to Top

Network security

Recent Definitions

  • remote access

    Remote access is the ability to access a computer or a network remotely through a network connection.

  • IP Spoofing

    IP spoofing is the crafting of Internet Protocol (IP) packets with a source IP address that has been modified to impersonate another computer system, or to hide the identity of the sender, or both.

  • smart card

    A smart card is a physical card that has an embedded integrated chip that acts as a security token.

Highlights

More Network security Topics

Back to Top

Security training and jobs

The information security careers, training and certification resource center provides the latest news, expert advice and learning tools to help you make informed career choices, learn about CISSP, SANS and CISA certification, and the training required for information security jobs.

Recent Definitions

  • ethical hacker

    An ethical hacker, also referred to as a white hat hacker, is an information security expert who systematically attempts to penetrate a computer system, network, application or other computing resource on behalf of its owners -- and with their permission -- to find security vulnerabilities that a malicious hacker could potentially exploit.

  • Cloud Security Alliance (CSA)

    The Cloud Security Alliance (CSA) is a nonprofit organization that promotes research into best practices for securing cloud computing and the use of cloud technologies to secure other forms of computing.

  • Certified Cloud Security Professional (CCSP)

    The Certified Cloud Security Professional (CCSP) certification is intended for experience IT professionals who have a minimum of five years of experience in the industry with three of those years being in information security and one year in one of the six CCSP domains.

Highlights

More Security training and jobs Topics

Back to Top

Infosec programs

CISOs and information security programs are vital to protecting enterprises against today's cyber threats. In this resource centers, get the latest news and advice about CISO practices, infosec prrogram management and more.

Recent Definitions

  • Secure Shell (SSH)

    SSH, also known as Secure Shell or Secure Socket Shell, is a network protocol that gives users, particularly system administrators, a secure way to access a computer over an unsecured network.

  • honeypot (computing)

    A honeypot is a network-attached system set up as a decoy to lure cyberattackers and to detect, deflect or study hacking attempts in order to gain unauthorized access to information systems.

  • graceful shutdown and hard shutdown

    Graceful shutdown and hard shutdown are two opposing methods of turning off a computer. A graceful shutdown is when a computer is turned off by software function and the operating system (OS) is allowed to perform its tasks of shutting down processes and closing connections. A hard shutdown is when the computer is forcibly shut down by interruption of power.

Highlights

More Infosec programs Topics

Back to Top

Risk management strategies

A risk management program is a key component for enterprise security. This section offers insight on security risk management frameworks and strategies as well as best practices on conducting effective risk assessments, vulnerability assessments, penetration tests and more.

Recent Definitions

  • pen test (penetration testing)

    Penetration testing, also called pen testing or ethical hacking, is the practice of testing a computer system, network or web application to find security vulnerabilities that an attacker could exploit.

  • honeypot (computing)

    A honeypot is a network-attached system set up as a decoy to lure cyberattackers and to detect, deflect or study hacking attempts in order to gain unauthorized access to information systems.

  • buffer underflow

    Buffer underflow, also known as buffer underrun or buffer underwrite, is a threat to data that typically occurs when the temporary holding space during information transfer, the buffer, is fed at a lower rate than it is being read from.

Highlights

More Risk management strategies Topics

Back to Top

Information security threats

Mitigating information security threats is an ongoing battle. Here you'll find information on the latest malware and cyberattacks facing enterprises, from viruses and Trojans to social engineering techniques, as well as news, expert advice and learning tools to address these threats.

Recent Definitions

  • cyber vigilantism

    Cyber vigilantism is a rough approximation of law enforcement or an attempt at achieving justice or accomplishing something online through unauthorized channels.

  • challenge-response authentication

    In information security, challenge-response authentication is a type of authentication protocol where one entity presents a challenge or question, and another entity provides a valid response to be authenticated.

  • honeypot (computing)

    A honeypot is a network-attached system set up as a decoy to lure cyberattackers and to detect, deflect or study hacking attempts in order to gain unauthorized access to information systems.

Highlights

More Information security threats Topics

Back to Top

Network threat detection

Get news, tips and expert advice on network threat detection. This resource will cover the latest trends and technology around network threats and threat detection systems and services. Learn how to uncover, analyze and address network vulnerabilities to mitigate the risk of cyberattacks.

Recent Definitions

  • IP Spoofing

    IP spoofing is the crafting of Internet Protocol (IP) packets with a source IP address that has been modified to impersonate another computer system, or to hide the identity of the sender, or both.

  • honeypot (computing)

    A honeypot is a network-attached system set up as a decoy to lure cyberattackers and to detect, deflect or study hacking attempts in order to gain unauthorized access to information systems.

  • virtual honeypot

    A virtual honeypot is software that emulates a vulnerable system or network to attract intruders and study their behavior. Virtual honeypots contrast with hardware-based honeypots, which are dedicated computers, networks or network segments designed to serve the same purpose. Virtual honeypots, as virtual machines, may exist in multiple configurations on a single computer or appliance to emulate various systems and vulnerabilities.

Highlights

More Network threat detection Topics

Back to Top

Platform security

Get the latest news, advice and best practices for platform security. Here you'll find information on vulnerability and threat management, operating system security fundamentals, virtualization security basics, Web security and more.

Recent Definitions

  • Secure Shell (SSH)

    SSH, also known as Secure Shell or Secure Socket Shell, is a network protocol that gives users, particularly system administrators, a secure way to access a computer over an unsecured network.

  • IoT security (internet of things security)

    IoT security is the technology area concerned with safeguarding connected devices and networks in the internet of things (IoT).

  • Microsoft Windows Defender Credential Guard

    Microsoft Windows Defender Credential Guard is a security feature that isolates users' login information from the rest of the operating system to prevent theft.

Highlights

More Platform security Topics

Back to Top

Security compliance

Get tips from the experts on security audits, compliance and standards. Advice is offered on data privacy and theft, audit planning and management, how to work with auditors, and compliance with standards, regulations and guidelines such as PCI DSS, GLBA, HIPPA, SOX, FISMA, ISO 17799 and COBIT.

Recent Definitions

  • Payload (computing)

    The term payload, when used in the context of networking or telecommunications, is the data carried inside of a packet (or other network protocol data units like frames or segments).

  • security information and event management (SIEM)

    Security information and event management (SIEM) is an approach to security management that seeks to provide a holistic view of organization’s information technology (IT) security. 

  • ingress filtering

    Ingress filtering is a method used by enterprises and internet service providers (ISPs) to prevent suspicious traffic from entering a network.

Highlights

More Security compliance Topics

Back to Top

Software security

Get advice on software application security. Here you'll find information on software vulnerability and threat management, application attacks, software security tools, application firewalls, software patching and more.

Recent Definitions

  • IP Spoofing

    IP spoofing is the crafting of Internet Protocol (IP) packets with a source IP address that has been modified to impersonate another computer system, or to hide the identity of the sender, or both.

  • Secure Shell (SSH)

    SSH, also known as Secure Shell or Secure Socket Shell, is a network protocol that gives users, particularly system administrators, a secure way to access a computer over an unsecured network.

  • denial-of-service attack

    A denial-of-service attack is a security event that occurs when an attacker prevents legitimate users from accessing specific computer systems, devices, services or other IT resources.

Highlights

More Software security Topics

Back to Top

Web security tools

Get news and expert advice on Web security tools and threats. Find out about current threats against Web applications, web security tools, SSL and TLS encryption, Web services, SOA, web access control, web server security, URL filtering, content filtering and browser security.

Recent Definitions

  • pen test (penetration testing)

    Penetration testing, also called pen testing or ethical hacking, is the practice of testing a computer system, network or web application to find security vulnerabilities that an attacker could exploit.

  • digital signature

    A digital signature is a mathematical technique used to validate the authenticity and integrity of a message, software or digital document.

  • denial-of-service attack

    A denial-of-service attack is a security event that occurs when an attacker prevents legitimate users from accessing specific computer systems, devices, services or other IT resources.

Highlights

More Web security tools Topics

Back to Top

Wireless and mobile security

In this guide, get advice on tools, software and tactics for wireless network security and wireless mobile device security. Learn how to build and maintain a secure wireless LAN, how to protect mobile devices, and how to successfully configure, implement and manage a solid wireless network.

Recent Definitions

  • smart card

    A smart card is a physical card that has an embedded integrated chip that acts as a security token.

  • one-time password (OTP)

    A one-time password (OTP) is an automatically generated numeric or alphanumeric string of characters that authenticates the user for a single transaction or login session.

  • Google Play Protect

    Google Play Protect is a malware protection and detection service built into Android devices that use Google Mobile Services.

Highlights

More Wireless and mobile security Topics

Back to Top

-ADS BY GOOGLE

SearchCompliance

  • compliance audit

    A compliance audit is a comprehensive review of an organization's adherence to regulatory guidelines.

  • regulatory compliance

    Regulatory compliance is an organization's adherence to laws, regulations, guidelines and specifications relevant to its business...

  • Whistleblower Protection Act

    The Whistleblower Protection Act of 1989 is a law that protects federal government employees in the United States from ...

SearchSecurity

  • RSA algorithm (Rivest-Shamir-Adleman)

    The RSA algorithm is the basis of a cryptosystem -- a suite of cryptographic algorithms that are used for specific security ...

  • remote access

    Remote access is the ability to access a computer or a network remotely through a network connection.

  • IP Spoofing

    IP spoofing is the crafting of Internet Protocol (IP) packets with a source IP address that has been modified to impersonate ...

SearchHealthIT

SearchDisasterRecovery

  • virtual disaster recovery

    Virtual disaster recovery is a type of DR that typically involves replication and allows a user to fail over to virtualized ...

  • tabletop exercise (TTX)

    A tabletop exercise (TTX) is a disaster preparedness activity that takes participants through the process of dealing with a ...

  • risk mitigation

    Risk mitigation is a strategy to prepare for and lessen the effects of threats faced by a data center.

SearchStorage

  • disk array

    A disk array, also called a storage array, is a data storage system used for block-based storage, file-based storage or object ...

  • enterprise storage

    Enterprise storage is a centralized repository for business information that provides common data management, protection and data...

  • optical storage

    Optical storage is any storage type in which data is written and read with a laser. Typically, data is written to optical media, ...

Close