Get started

Get started

Bring yourself up to speed with our introductory content.

• Occupational Safety and Health Administration (OSHA)

  The Occupational Safety and Health Administration (OSHA) is responsible for protecting worker health and safety in the United States. Continue Reading

• phishing

  Phishing is a fraudulent practice in which an attacker masquerades as a reputable entity or person in an email or other form of communication. Continue Reading

• Blockchain security: Everything you should know for safe use

  Despite its reputation, blockchain is subject to many of the same vulnerabilities as other software. It helps to have a clear idea of its inherent strengths and weaknesses. Continue Reading

• PCI compliance

  PCI compliance is adherence to the set of policies and procedures developed to protect credit, debit and cash card transactions and prevent the misuse of cardholders' personal information. Continue Reading

• PCI DSS (Payment Card Industry Data Security Standard)

  The Payment Card Industry Data Security Standard (PCI DSS) is a widely accepted set of policies and procedures intended to optimize the security of credit, debit and cash card transactions and protect cardholders against misuse of their personal ... Continue Reading

• Definitions to Get Started

  • Occupational Safety and Health Administration (OSHA)
  • phishing
  • PCI compliance
  • PCI DSS (Payment Card Industry Data Security Standard)

  • logon (or login)
  • security analytics
  • NICE Framework (National Initiative for Cybersecurity Education Cybersecurity Workforce Framework)
  • application blacklisting (application blocklisting)

  View All Definitions

• Use IoT hardening to secure vulnerable connected devices

  IoT and industrial IoT innovation continue to thrive, but IoT device security continues to be an afterthought. Companies should harden connected devices to remain protected.Continue Reading

• How to calculate cybersecurity ROI with concrete metrics

  Calculating and communicating cybersecurity ROI can help persuade top management to invest. Here's how to use meaningful, concrete metrics.Continue Reading

• logon (or login)

  In computing, a logon is a procedure that enables an entity to access a secure system such as an operating system, application, service, website or other resource.Continue Reading

• security analytics

  Security analytics is a cybersecurity approach that uses data collection, data aggregation and analysis tools for threat detection and security monitoring.Continue Reading

• NICE Framework (National Initiative for Cybersecurity Education Cybersecurity Workforce Framework)

  The NICE Framework (National Initiative for Cybersecurity Education Cybersecurity Workforce Framework) is a reference resource that classifies the typical skill requirements and duties of cybersecurity workers.Continue Reading

• Smart contract benefits and best practices for security

  While smart contracts promise enormous benefits in the enterprise, they also present opportunities for cybercriminals. Explore best practices to keep them secure.Continue Reading

• How to use Wfuzz to find web application vulnerabilities

  By learning how to use Wfuzz for web application fuzz testing, bug bounty hunters can automate vulnerability discovery. Learn more in this excerpt from 'Bug Bounty Bootcamp.'Continue Reading

• How to become a bug bounty hunter: Getting started

  Finding, exploiting and reporting vulnerabilities can be both lucrative and educational. Security researcher Vickie Li explains how to become a bug bounty hunter.Continue Reading

• Incident response: How to implement a communication plan

  Communication is critical to an effective incident response plan. Here are five best practices for communication planning and a free, editable template to get started.Continue Reading

• application blacklisting (application blocklisting)

  Application blacklisting --increasingly called application blocklisting -- is a network or computer administration practice used to prevent the execution of undesirable software programs.Continue Reading

• juice jacking

  Juice jacking is a security exploit in which an infected USB charging station is used to compromise devices that connect to it.Continue Reading

• hypervisor security

  Hypervisor security is the process of ensuring the hypervisor -- the software that enables virtualization -- is secure throughout its lifecycle.Continue Reading

• claims-based identity

  Claims-based identity is a means of authenticating an end user, application or device to another system in a way that abstracts the entity's specific information while providing data that authorizes it for appropriate and relevant interactions.Continue Reading

• Certified Cloud Security Professional (CCSP)

  Certified Cloud Security Professional (CCSP) is an International Information System Security Certification Consortium, or (ISC)2, certification that covers cloud-based cybersecurity best practices.Continue Reading

• How to implement principle of least privilege in Azure AD

  Restricting users' permissions in Microsoft Azure AD to only what they need to complete their job helps secure and reduce the cloud attack surface.Continue Reading

• password manager

  A password manager is a technology tool that helps internet users create, save, manage and use passwords across different online services.Continue Reading

• Hash-based Message Authentication Code (HMAC)

  Hash-based Message Authentication Code (HMAC) is a message encryption method that uses a cryptographic key in conjunction with a hash function.Continue Reading

• Web application firewall (WAF)

  A web application firewall (WAF) is a firewall that monitors, filters and blocks Hypertext Transfer Protocol (HTTP) traffic as it travels to and from a website or web application.Continue Reading

• cloaking

  Cloaking is a technique where a different version of web content is returned to users than to the search engine crawlers.Continue Reading

• TrickBot malware

  TrickBot is sophisticated modular malware that started as a banking Trojan but has evolved to support many different types of attacks, including ransomware.Continue Reading

• How to create an SBOM, with example and template

  SBOMs help organizations inventory every component in their software. This free template, which includes an SBOM example, can help you secure your own software supply chain.Continue Reading

• Common Vulnerability Scoring System (CVSS)

  The Common Vulnerability Scoring System (CVSS) is a public framework for rating the severity of security vulnerabilities in software.Continue Reading

• WPA3

  WPA3, also known as Wi-Fi Protected Access 3, is the third iteration of a security certification standard developed by the Wi-Fi Alliance.Continue Reading

• firewall

  A firewall is a network security device that prevents unauthorized access to a network. It inspects incoming and outgoing traffic using a set of security rules to identify and block threats.Continue Reading

• cloud workload protection

  Cloud workload protection is the safeguarding of workloads spread out across multiple cloud environments. Businesses that use public and private clouds can use cloud workload protection platforms to help defend themselves against cyber attacks.Continue Reading

• How to build a cybersecurity deception program

  In 'The Art of War,' Sun Tzu declared, 'All warfare is based on deception.' Learn how to apply this principle in the enterprise by building a cybersecurity deception program.Continue Reading

• International Information Systems Security Certification Consortium (ISC)2

  (ISC)2, short for International Information Systems Security Certification Consortium, is a nonprofit organization that provides security training and certificates.Continue Reading

• two-step verification

  Two-step verification is a process that involves two authentication steps performed one after the other to verify that someone or something requesting access is who or what they say they are.Continue Reading

• How to use the John the Ripper password cracker

  Password crackers are essential tools in any pen tester's toolbox. This step-by-step tutorial explains how to use John the Ripper, an open source offline password-cracking tool.Continue Reading

• private CA (private PKI)

  A private CA is an enterprise-specific certificate authority that functions like a publicly trusted CA.Continue Reading

• Microsoft Defender for Endpoint (formerly Windows Defender ATP)

  Microsoft Defender for Endpoint -- formerly Microsoft Defender Advanced Threat Protection or Windows Defender ATP -- is an endpoint security platform designed to help enterprise-class organizations prevent, detect and respond to security threats.Continue Reading

• How to create fine-grained password policy in AD

  Fine-grained password policies are a simple and effective way of ensuring password settings meet business requirements.Continue Reading

• How to enable Active Directory fine-grained password policies

  Specifying multiple password policies customized to specific account types adds another layer to an organization's security posture. Using PSOs instead of Group Policy can help.Continue Reading

• How to use a public key and private key in digital signatures

  Ensuring authenticity of online communications is critical to conduct business. Learn how to use a public key and private key in digital signatures to manage electronic documents.Continue Reading

• AWS CloudTrail

  AWS CloudTrail is an application program interface (API) call-recording and log-monitoring service offered by Amazon Web Services (AWS).Continue Reading

• How to prepare for the Microsoft Cybersecurity Architect exam

  Before taking the Microsoft Cybersecurity Architect exam, learn about the knowledge areas covered on the SC-100 test, studying recommendations, prerequisites and more.Continue Reading

• Practice Microsoft SC-100 exam questions with answers

  Use these practice multiple-choice questions, with answers, to assess your knowledge of the Microsoft Cybersecurity Architect exam.Continue Reading

• intrusion prevention system (IPS)

  An intrusion prevention system (IPS) is a cybersecurity tool that examines network traffic to identify potential threats and automatically take action against them.Continue Reading

• Defining policy vs. standard vs. procedure vs. control

  Infosec pros may have -- incorrectly -- heard the terms 'standard' and 'policy' used interchangeably. Examine the differences among a policy, standard, procedure and technical control.Continue Reading

• post-quantum cryptography

  Post-quantum cryptography, also known as quantum encryption, is the development of cryptographic systems for classical computers that can prevent attacks launched by quantum computers.Continue Reading

• deprovisioning

  Deprovisioning is the part of the employee lifecycle in which access rights to software and network services are taken away.Continue Reading

• An intro to the IDMZ, the demilitarized zone for ICSes

  Setting up an IDMZ -- a demilitarized zone between enterprise and industrial networks -- can prevent operational environments from becoming compromised by IT threats.Continue Reading

• PCI DSS 12 requirements

  The PCI DSS 12 requirements are a set of security controls businesses must implement to protect credit card data and comply with the Payment Card Industry Data Security Standard (PCI DSS).Continue Reading

• cardholder data (CD)

  Cardholder data (CD) is any personally identifiable information (PII) associated with a person who has a credit or debit card.Continue Reading

• PCI DSS merchant levels

  Payment Card Industry Data Security Standard (PCI DSS) merchant levels rank merchants based on their number of transactions per year to outline compliance verification requirements.Continue Reading

• CSR (Certificate Signing Request)

  A Certificate Signing Request (CSR) is a specially formatted encrypted message sent from a Secure Sockets Layer (SSL) digital certificate applicant to a certificate authority (CA).Continue Reading

• authentication factor

  An authentication factor is a category of credential that is intended to verify, sometimes in combination with other factors, that an entity involved in some kind of communication or requesting access to some system is who, or what, they are ...Continue Reading

• Vulnerability management vs. risk management, compared

  Vulnerability management seeks out security weaknesses in an organization, while risk management involves looking holistically at how the company is running.Continue Reading

• three-factor authentication (3FA)

  Three-factor authentication (3FA) is the use of identity-confirming credentials from three separate categories of authentication factors -- typically, the knowledge, possession and inherence categories.Continue Reading

• cyber espionage

  Cyber espionage (cyberespionage) is a type of cyber attack that malicious hackers carry out against a business or government entity.Continue Reading

• role-based access control (RBAC)

  Role-based access control (RBAC) is a method of restricting network access based on the roles of individual users within an enterprise.Continue Reading

• FIDO (Fast Identity Online)

  FIDO (Fast Identity Online) is a set of technology-agnostic security specifications for strong authentication.Continue Reading

• Cloud Security Alliance (CSA)

  The Cloud Security Alliance (CSA) is a nonprofit organization that promotes research into best practices for securing cloud computing and the use of cloud technologies to secure other forms of computing.Continue Reading

• quantum supremacy

  Quantum supremacy is the experimental demonstration of a quantum computer's dominance and advantage over classical computers by performing calculations previously impossible at unmatched speeds.Continue Reading

• YubiKey

  YubiKey is a security token that enables users to add a second authentication factor to online services from tier 1 vendor partners, including Google, Amazon, Microsoft and Salesforce.Continue Reading

• antivirus software (antivirus program)

  Antivirus software (antivirus program) is a security program designed to prevent, detect, search and remove viruses and other types of malware from computers, networks and other devices.Continue Reading

• Top 30 incident response interview questions

  Job interviews are nerve-wracking, but preparation can help minimize jitters and position you to land the role. Get started with these incident response interview questions.Continue Reading

• information security (infosec)

  Information security (infosec) is a set of policies, procedures and principles for safeguarding digital data and other kinds of information.Continue Reading

• What is incident response? Plans, teams and tools

  Incident response is an organized, strategic approach to detecting and managing cyber attacks in ways that minimize damage, recovery time and total costs.Continue Reading

• cyberwarfare

  The generally accepted definition of cyberwarfare is a series of cyber attacks against a nation-state, causing it significant harm.Continue Reading

• fuzz testing (fuzzing)

  Fuzz testing (fuzzing) is a quality assurance technique used to discover coding errors or bugs and security loopholes in software, operating systems and networks.Continue Reading

• How to create an incident response playbook

  Working from an incident response playbook can speed organizations' responses to cyber attacks. Find out how to build repeatable playbooks to use for different types of incidents.Continue Reading

• SOAR (security orchestration, automation and response)

  Security orchestration, automation and response, or SOAR, is a stack of compatible software programs that enables an organization to collect data about security threats and respond to security events with little or no human assistance.Continue Reading

• digital signature

  A digital signature is a mathematical technique used to validate the authenticity and integrity of a message, software or digital document.Continue Reading

• How to create a CSIRT: 10 best practices

  The time to organize and train a CSIRT is long before a security incident occurs. Certain steps should be followed to create an effective, cross-functional team.Continue Reading

• sudo (su 'do')

  Sudo is a command-line utility for Unix and Unix-based operating systems such as Linux and macOS.Continue Reading

• Incident management vs. incident response explained

  While even many seasoned cybersecurity leaders use the terms 'incident management' and 'incident response' interchangeably, they aren't technically synonymous.Continue Reading

• Top incident response tools: How to choose and use them

  The OODA loop can help organizations throughout the incident response process, giving insight into which tools are needed to detect and respond to security events.Continue Reading

• How to conduct incident response tabletop exercises

  Have an incident response plan but aren't running incident response tabletop exercises? These simulations are key to knowing if your plan will work during an actual security event.Continue Reading

• E-Sign Act (Electronic Signatures in Global and National Commerce Act)

  The E-Sign Act (Electronic Signatures in Global and National Commerce Act) is a U.S. federal law that specifies that, in the United States, the use of an electronic signature (e-signature) is as legally valid as a traditional signature written in ...Continue Reading

• personally identifiable information (PII)

  Personally identifiable information (PII) is any data that could potentially identify a specific individual.Continue Reading

• Incident response automation: What it is and how it works

  Many of today's security operations teams are understaffed and overwhelmed. Learn how incident response automation can help them work smarter, instead of harder.Continue Reading

• social media policy

  A social media policy is a corporate code of conduct that provides guidelines for employees who post content on the internet either as part of their job or as a private person.Continue Reading

• SOAR vs. SIEM: What's the difference?

  When it comes to the SOAR vs. SIEM debate, it's important to understand their fundamental differences to get the most benefit from your security data.Continue Reading

• passwordless authentication

  Passwordless authentication is signing into a service without using a password.Continue Reading

• incident response team

  An incident response team is a group of IT professionals in charge of preparing for and reacting to any type of organizational emergency.Continue Reading

• crypto wallet (cryptocurrency wallet)

  A crypto wallet (cryptocurrency wallet) is software or hardware that enables users to store and use cryptocurrency.Continue Reading

• reverse brute-force attack

  A reverse brute-force attack is a type of brute-force attack in which an attacker uses a common password against multiple usernames in an attempt to gain access to a network.Continue Reading

• Windows Defender Exploit Guard

  Microsoft Windows Defender Exploit Guard is antimalware software that provides intrusion protection for Windows 10 OS users.Continue Reading

• SOC 3 (System and Organization Controls 3)

  A System and Organization Controls 3 (SOC 3) report outlines information related to a service organization's internal controls for security, availability, processing integrity, confidentiality and privacy.Continue Reading

• tokenization

  Tokenization is the process of replacing sensitive data with unique identification symbols that retain all the essential information about the data without compromising its security.Continue Reading

• messaging security

  Messaging security is a subcategory of unified threat management, or UTM, focused on securing and protecting an organization's communication infrastructure.Continue Reading

• WebAuthn API

  The Web Authentication API (WebAuthn API) is a credential management application program interface (API) that lets web applications authenticate users without storing their passwords on servers.Continue Reading

• How to build an incident response plan, with examples, template

  With cyber threats and security incidents growing by the day, every organization needs a solid incident response plan. Learn how to create one for your company.Continue Reading

• How to use BeEF, the Browser Exploitation Framework

  The open source BeEF pen testing tool can be used by red and blue teams alike to hook web browsers and use them as beachheads to launch further attacks.Continue Reading

• Dridex malware

  Dridex is a form of malware that targets victims' banking information, with the main goal of stealing online account credentials to gain access to their financial assets.Continue Reading

• zero-day (computer)

  A zero-day is a security flaw in software, hardware or firmware that is unknown to the party or parties responsible for patching or otherwise fixing the flaw.Continue Reading

• Ransomware trends, statistics and facts in 2023

  Supply chain attacks, double extortion and RaaS were just a few of the ransomware trends that plagued 2022 and will continue to disrupt businesses in 2023.Continue Reading

• backdoor (computing)

  A backdoor attack is a means to access a computer system or encrypted data that bypasses the system's customary security mechanisms.Continue Reading

• 4 tips to find cyber insurance coverage in 2023

  The cyber insurance industry is settling down but isn't without challenges. Read up on cyber insurance in 2023 and how to get the most from your organization's coverage this year.Continue Reading

• Heartbleed

  Heartbleed was a vulnerability in some implementations of OpenSSL, an open source cryptographic library.Continue Reading

• What is cybersecurity?

  Cybersecurity is the protection of internet-connected systems such as hardware, software and data from cyberthreats.Continue Reading

• Mitre ATT&CK framework

  The Mitre ATT&CK (pronounced "miter attack") framework is a free, globally accessible framework that provides comprehensive and up-to-date cyber threat information to organizations looking to strengthen their cybersecurity strategies.Continue Reading

• What is Triple DES and why is it being disallowed?

  Triple DES no longer provides the encryption strength it once did. Prepare now to transition away from its use to a more security alternative.Continue Reading

• credential theft

  Credential theft is a type of cybercrime that involves stealing a victim's proof of identity.Continue Reading