Enterprise Security: Tools, Reviews, Tips and Tricks
In the past, corporations and large organizations were usually the targets of cyber attacks. Today, however, organizations of all sizes need to be mindful of cyber threats lurking in the wild, and need to work towards a goal of impenetrable security.
Along with our Tips category that shares resources for the more strategic side of cybersecurity, our “Enterprise Security” category tackles the risk of unauthorized access and the securing of all entry points.
Enterprise security covers all strategies, techniques and processes that secure digital assets and critical information against malicious attackers trying to gain unauthorized access to an organization's system and networks. This area encompasses the “Technology, People and Processes” involved, with the goal of focusing on the strategic, legal and cultural requirements needed to protect an organization’s information.
In this category, you’ll find in-depth information about different aspects of enterprise security, including common security risks for organizations of all sizes, concepts such as Zero Trust, advanced persistent threats, ransomware attacks, and of course, a bit on the security teams responsible for creating and maintaining the cybersecurity posture of an organization — red teams, blue teams, purple teams, security operations centers, and more.
Intrusion Prevention Systems: Definition, Types, IDS vs. IPS
Every organization with a cybersecurity strategy has the goal of stopping cyber threats before they become real attacks and cause damage. Because of this, most cybersecurity strategies have turned to more proactive approaches, rather than relying only on reactive security measures.
Intrusion Detection Systems: Types, Detection Methods and Challenges
For years now, network security has been one of the main investments organizations of all sizes make to protect their networks, users and data.
JA3 Fingerprinting: Functionality, Pitfalls, and Future Outlook
With challenges as complex as the myriad of technologies involved, the need for accurate representation regarding all things cyber remains an elusive endeavour.
What is the NIST Cybersecurity Framework?
With growing interconnectedness and the amount of information and digital assets organizations store and process, one of today’s biggest challenges is protecting that information.
Incident Response in Cybersecurity: Preparing for a Security Breach
Fueled by changes in how people live and work in the post-COVID world, more and more cyber attacks and data breaches are affecting organizations of all sizes. It’s crucial to be prepared for the worst.
Business Email Compromise (BEC) Attacks: The Most Dangerous Form of Email Scam
Business email compromise attacks will have you doubting any email you receive, whether it’s from your co-worker or even the CEO of your company.
Kerberoasting Attacks Explained: Definition, How They Work and Mitigation Techniques
In 2014, researcher Tim Medin, a senior SANS instructor and content developer, took the Infosec milieu by surprise when he disclosed Kerberoast.
Reactive vs. Proactive Security: Which Is Better?
As networks and technology rapidly evolve, many organizations face the challenges of expanding their attack surface. A truly successful approach to dealing with these challenges involves multiple layers of protection that encompass networks, devices, data and people. And to add more fuel to issues brought on by technology and security sprawl growth, malicious actors are constantly working on new techniques, tools and methods to execute attacks on organizations’ data.
Shadow IT and Its Security Risks - Managing the Unseen
Cloud computing is beneficial. Many organizations already know this and are reaping the benefits cloud adoption has brought them: reduced IT costs, scalability, collaboration efficiency and, above all else, flexibility in accessing storage and software to meet their needs. Users can now more easily engage services and solutions that will make their everyday jobs easier.
Cyber Extortion: Definition, Examples and Prevention
In 2020, Travelex—the world’s largest currency dealer at the time—was caught in the middle of a public and devastating cyber extortion campaign. Attackers exploited a vulnerability in the Pulse Connect Secure VPN (which had a patch available) to extract data, for which they demanded payment of a $6 million ransom in exchange for its release.