Browse Definitions :

SearchSecurity

SearchSecurity provides immediate access to breaking industry news, virus alerts, new hacker threats and attacks, security certification training resources, security standard compliance, webcasts, white papers, podcasts, Security Schools, a selection of highly focused security newsletters and more -- all at no cost. Nowhere else will you find such a highly targeted combination of resources specifically dedicated to the success of today's IT-security professional.

View the complete archive of Enterprise Information Security news, research and expert advice.

Go to:  SearchSecurity

Recently on  SearchSecurity

McAfee CEO Chris Young steps down, Peter Leav to take over

Chris Young has stepped down as McAfee CEO, and Peter Leav is taking his place. Young led the company's spin-out from Intel in 2016 after joining the chip maker two years earlier.

More Highlights
Definitions
  • cybersecurity insurance (cybersecurity liability insurance)

    Cybersecurity insurance, also called cyber liability insurance or cyber insurance, is a contract that an entity can purchase to help reduce the financial risks associated with doing business online.

  • phishing

    Phishing is a form of fraud in which an attacker masquerades as a reputable entity or person in email or other communication channels.

  • cybercrime

    Cybercrime is any criminal activity that involves a computer, networked device or a network.

Browse Security Topics

Data security

In an era when data theft and security breaches are daily occurrences, secure data storage is a key component of a security infrastructure. This introduction to enterprise data security and protection strategies offers advice on how to lock down stored data, data backup and recovery, disk and file encryption and database security.

Recent Definitions

  • NIST Cybersecurity Framework

    The NIST Cybersecurity Framework (NIST CSF) is a policy framework surrounding IT infrastructure security.

  • spyware

    Spyware is a type of malicious software -- or malware -- that is installed on a computing device without the end user's knowledge.

  • encryption

    Encryption is the method by which information is converted into secret code that hides the information's true meaning. The science of encrypting and decrypting information is called cryptography.

Highlights

More Data security Topics

Back to Top

Identity and access management

Identity and access management tools are integral to maintaining data security in the enterprise. Here you'll find information on passwords, authentication and Web access control. Browse the identity management and access control topics below for the latest news, expert advice, learning tools and more.

Recent Definitions

  • identity provider

    An identity provider is a system component that is able to provide an end user or internet-connected device with a single set of login credentials that will ensure the entity is who or what it says it is across multiple platforms, applications and networks. When a third-party website prompts end users to log in with their Google Account, for example, Google Sign-In is the identity provider.

  • unique identifier (UID)

    A unique identifier (UID) is a numeric or alphanumeric string that is associated with a single entity within a given system.

  • Single Sign-On (SSO)

    Single sign-on (SSO) is a session and user authentication service that permits a user to use one set of login credentials (e.g., name and password) to access multiple applications.

Highlights

More Identity and access management Topics

Back to Top

Network security

Recent Definitions

  • phishing

    Phishing is a form of fraud in which an attacker masquerades as a reputable entity or person in email or other communication channels.

  • DMZ (networking)

    In computer networks, a DMZ (demilitarized zone), also sometimes known as a perimeter network or a screened subnetwork, is a physical or logical subnet that separates an internal local area network (LAN) from other untrusted networks -- usually the internet.

  • spyware

    Spyware is a type of malicious software -- or malware -- that is installed on a computing device without the end user's knowledge.

Highlights

More Network security Topics

Back to Top

Security training and jobs

The information security careers, training and certification resource center provides the latest news, expert advice and learning tools to help you make informed career choices, learn about CISSP, SANS and CISA certification, and the training required for information security jobs.

Recent Definitions

  • Certified Information Systems Auditor (CISA)

    Certified Information Systems Auditor (CISA) is a certification issued by ISACA to people in charge of ensuring that an organization's IT and business systems are monitored, managed and protected; the certification is presented after completion of a comprehensive testing and application process.

  • Computer Emergency Response Team (CERT)

    A Computer Emergency Response Team (CERT) is a group of information security experts responsible for the protection against, detection of and response to an organization’s cybersecurity incidents.

  • Security Operations Center (SOC)

    A security operations center (SOC) is a command center facility for a team of IT professionals with expertise in information security that is responsible for monitoring, analyzing and protecting an organization from cyber attacks.

Highlights

More Security training and jobs Topics

Back to Top

Infosec programs

CISOs and information security programs are vital to protecting enterprises against today's cyber threats. In this resource centers, get the latest news and advice about CISO practices, infosec prrogram management and more.

Recent Definitions

Highlights

More Infosec programs Topics

Back to Top

Risk management strategies

A risk management program is a key component for enterprise security. This section offers insight on security risk management frameworks and strategies as well as best practices on conducting effective risk assessments, vulnerability assessments, penetration tests and more.

Recent Definitions

  • cybersecurity insurance (cybersecurity liability insurance)

    Cybersecurity insurance, also called cyber liability insurance or cyber insurance, is a contract that an entity can purchase to help reduce the financial risks associated with doing business online.

  • phishing

    Phishing is a form of fraud in which an attacker masquerades as a reputable entity or person in email or other communication channels.

  • Wi-Fi Pineapple

    A Wi-Fi Pineapple is a wireless auditing platform from Hak5 that allows network security administrators to conduct penetration tests.

Highlights

More Risk management strategies Topics

Back to Top

Information security threats

Mitigating information security threats is an ongoing battle. Here you'll find information on the latest malware and cyberattacks facing enterprises, from viruses and Trojans to social engineering techniques, as well as news, expert advice and learning tools to address these threats.

Recent Definitions

  • phishing

    Phishing is a form of fraud in which an attacker masquerades as a reputable entity or person in email or other communication channels.

  • Malware Analysis Report (MAR)

    Malware Analysis Report (MAR) is a document that relates the functionality and effects of a given piece of malware.

  • cybercrime

    Cybercrime is any criminal activity that involves a computer, networked device or a network.

Highlights

More Information security threats Topics

Back to Top

Network threat detection

Get news, tips and expert advice on network threat detection. This resource will cover the latest trends and technology around network threats and threat detection systems and services. Learn how to uncover, analyze and address network vulnerabilities to mitigate the risk of cyberattacks.

Recent Definitions

  • messaging security

    Messaging security is a subcategory of unified threat management (UTM) focused on securing and protecting an organization’s communication infrastructure.

  • Computer Security Incident Response Team (CSIRT)

    A Computer Security Incident Response Team (CSIRT) is a group of IT professionals that provides an organization with services and support surrounding the prevention, management and coordination of potential cybersecurity-related emergencies.

  • endpoint detection and response (EDR)

    Endpoint detection and response (EDR) is a category of tools and technology used for protecting computer hardware devices–called endpoints—from potential threats.

Highlights

More Network threat detection Topics

Back to Top

Platform security

Get the latest news, advice and best practices for platform security. Here you'll find information on vulnerability and threat management, operating system security fundamentals, virtualization security basics, Web security and more.

Recent Definitions

  • quantum supremacy

    Quantum supremacy is the experimental demonstration of a quantum computer's dominance and advantage over classic computers by performing calculations that were previously impossible at unmatched speeds.

  • application whitelisting

    Application whitelisting is the practice of specifying an index of approved software applications or executable files that are permitted to be present and active on a computer system.

  • WebAuthn API

    The Web Authentication API (WebAuthn API) is a credential management application program interface (API) that lets web applications authenticate users without storing their passwords on servers.

Highlights

More Platform security Topics

Back to Top

Security compliance

Get tips from the experts on security audits, compliance and standards. Advice is offered on data privacy and theft, audit planning and management, how to work with auditors, and compliance with standards, regulations and guidelines such as PCI DSS, GLBA, HIPPA, SOX, FISMA, ISO 17799 and COBIT.

Recent Definitions

  • COBIT

    COBIT is a framework for developing, implementing, monitoring and improving information technology (IT) governance and management best practices.

  • Australian Assistance and Access Bill

    The Australian Assistance and Access Bill is legislation introduced and passed in 2018 by the Parliament of Australia to support law enforcement and security agencies in their ability to collect evidence from electronic devices.

  • Single Sign-On (SSO)

    Single sign-on (SSO) is a session and user authentication service that permits a user to use one set of login credentials (e.g., name and password) to access multiple applications.

Highlights

More Security compliance Topics

Back to Top

Software security

Get advice on software application security. Here you'll find information on software vulnerability and threat management, application attacks, software security tools, application firewalls, software patching and more.

Recent Definitions

  • debugging

    Debugging, in computer programming and engineering, is a multistep process that involves identifying a problem, isolating the source of the problem, and then either correcting the problem or determining a way to work around it.

  • Web application firewall (WAF)

    A web application firewall (WAF) is a firewall that monitors, filters and blocks data packets as they travel to and from a website or web application.

  • application whitelisting

    Application whitelisting is the practice of specifying an index of approved software applications or executable files that are permitted to be present and active on a computer system.

Highlights

More Software security Topics

Back to Top

Web security tools

Get news and expert advice on Web security tools and threats. Find out about current threats against Web applications, web security tools, SSL and TLS encryption, Web services, SOA, web access control, web server security, URL filtering, content filtering and browser security.

Recent Definitions

  • API management

    API management is the process of overseeing application program interfaces (APIs) in a secure, scalable environment.

  • Web server

    A Web server is a program that uses the client/server model and the Hypertext Transfer Protocol (HTTP) to serve the files that form Web pages to users, whose computers contain HTTP clients that forward their requests.

  • Web application firewall (WAF)

    A web application firewall (WAF) is a firewall that monitors, filters and blocks data packets as they travel to and from a website or web application.

Highlights

More Web security tools Topics

Back to Top

Wireless and mobile security

In this guide, get advice on tools, software and tactics for wireless network security and wireless mobile device security. Learn how to build and maintain a secure wireless LAN, how to protect mobile devices, and how to successfully configure, implement and manage a solid wireless network.

Recent Definitions

  • Wi-Fi Pineapple

    A Wi-Fi Pineapple is a wireless auditing platform from Hak5 that allows network security administrators to conduct penetration tests.

  • spyware

    Spyware is a type of malicious software -- or malware -- that is installed on a computing device without the end user's knowledge.

  • GPS jamming

    GPS jamming is the process of using a frequency transmitting device to block or interfere with radio communications.

Highlights

More Wireless and mobile security Topics

Back to Top

-ADS BY GOOGLE

SearchCompliance

  • risk management

    Risk management is the process of identifying, assessing and controlling threats to an organization's capital and earnings.

  • compliance as a service (CaaS)

    Compliance as a Service (CaaS) is a cloud service service level agreement (SLA) that specified how a managed service provider (...

  • data protection impact assessment (DPIA)

    A data protection impact assessment (DPIA) is a process designed to help organizations determine how data processing systems, ...

SearchSecurity

  • cybersecurity insurance (cybersecurity liability insurance)

    Cybersecurity insurance, also called cyber liability insurance or cyber insurance, is a contract that an entity can purchase to ...

  • phishing

    Phishing is a form of fraud in which an attacker masquerades as a reputable entity or person in email or other communication ...

  • cybercrime

    Cybercrime is any criminal activity that involves a computer, networked device or a network.

SearchHealthIT

SearchDisasterRecovery

  • business continuity plan (BCP)

    A business continuity plan (BCP) is a document that consists of the critical information an organization needs to continue ...

  • disaster recovery team

    A disaster recovery team is a group of individuals focused on planning, implementing, maintaining, auditing and testing an ...

  • cloud insurance

    Cloud insurance is any type of financial or data protection obtained by a cloud service provider. 

SearchStorage

  • NVMe over Fabrics (NVMe-oF)

    NVMe over Fabrics, also known as NVMe-oF and non-volatile memory express over fabrics, is a protocol specification designed to ...

  • logical unit number (LUN)

    A logical unit number (LUN) is a unique identifier for designating an individual or collection of physical or virtual storage ...

  • CIFS (Common Internet File System)

    CIFS (Common Internet File System) is a protocol that gained popularity around the year 2000, as vendors worked to establish an ...

Close