Category: esecurityplanet

Only cloud service providers are getting cybersecurity right, and the implications for the future of IT are enormous. The post Zero Trust: Can It Be Implemented Outside the Cloud? appeared first on eSecurityPlanet. This article has been indexed from eSecurityPlanet…

Read more →

Update: In a statement on the extent of the data breach disclosed last month, Western Digital said it has control of its digital certificate infrastructure and is “equipped to revoke certificates as needed.” “Regarding reports of the potential to fraudulently…

Read more →

Microsoft’s Patch Tuesday for May 2023 fixes two actively exploited vulnerabilities, including a Secure Boot bypass and system-level takeover. The post Microsoft Flaws Include Secure Boot Bypass, System-Level Takeovers appeared first on eSecurityPlanet. This article has been indexed from eSecurityPlanet…

Read more →

Passkeys are revolutionizing the way we log in to apps and websites. Learn how they work and their benefits now. The post What Is a Passkey? The Future of Passwordless Authentication appeared first on eSecurityPlanet. This article has been indexed…

Read more →

Web application firewalls (WAFs) are critical for robust application security. Compare the best WAF solutions now. The post Top 12 Web Application Firewall (WAF) Solutions in 2023 appeared first on eSecurityPlanet. This article has been indexed from eSecurityPlanet Read the…

Read more →

Patch Management tools enable IT teams to detect, install, and update patches on endpoint devices. Find the best Patch Management solutions in 2023 The post Best Patch Management Software & Tools for 2023 appeared first on eSecurityPlanet. This article has…

Read more →

Passkeys are a promising technology for passwordless authentication, and Google is leading the way. The post Google Launches Passkeys in Major Push for Passwordless Authentication appeared first on eSecurityPlanet. This article has been indexed from eSecurityPlanet Read the original article:…

Read more →

IT Asset Management is the process of tracking and managing IT assets. Learn more about ITAM, its benefits, and best practices. The post What is IT Asset Management (ITAM)? Definition, Benefits & Types appeared first on eSecurityPlanet. This article has…

Read more →

Find the best security information and event management (SIEM) tool for your organization. Compare the top solutions now. The post 5 Best SIEM Tools & Software for 2023 appeared first on eSecurityPlanet. This article has been indexed from eSecurityPlanet Read…

Read more →

Learn how automated patch management works, best practices, the top tools, and how automated patching can help improve network security. The post Automated Patch Management: Definition, Tools & How It Works appeared first on eSecurityPlanet. This article has been indexed…

Read more →

Learn about the similarities and differences between patch and vulnerability management and what to look for in a solution. The post Patch Management vs Vulnerability Management: What’s the Difference? appeared first on eSecurityPlanet. This article has been indexed from eSecurityPlanet…

Read more →

GPT-4 has many of ChatGPT’s malicious capabilities, in some cases even enhancing them. The post ChatGPT Security and Privacy Issues Remain in GPT-4 appeared first on eSecurityPlanet. This article has been indexed from eSecurityPlanet Read the original article: ChatGPT Security…

Read more →

Password managers provide an advanced level of security for business accounts. Compare top password managers now. The post 8 Best Password Managers for Business & Enterprises in 2023 appeared first on eSecurityPlanet. This article has been indexed from eSecurityPlanet Read…

Read more →

Compare the top cloud access security broker (CASB) solutions to ensure your cloud environments are secure. The post Top 10 Cloud Access Security Broker (CASB) Solutions for 2023 appeared first on eSecurityPlanet. This article has been indexed from eSecurityPlanet Read…

Read more →

Development teams are exposing critical data and secrets online. Here’s what to do about it. The post Misconfigured Registries: Security Researchers Find 250 Million Artifacts Exposed appeared first on eSecurityPlanet. This article has been indexed from eSecurityPlanet Read the original…

Read more →

SPanel is a web hosting environment that takes website security seriously. Learn more about the platform now. The post SPanel: Taking Website Security to the Next Level appeared first on eSecurityPlanet. This article has been indexed from eSecurityPlanet Read the…

Read more →

In December of last year, Microsoft worked with SentinelOne, Mandiant, and Sophos to respond to an issue in which drivers certified by Microsoft’s Windows Hardware Developer Program were being used to validate malware. Unfortunately, the problem hasn’t gone away. In…

Read more →

Databases contain some of an organization’s most sensitive data, so following database security best practices is critical for protecting that data from cyberattacks and insider data theft. Effective database security encloses sensitive information within layers of controls that decrease the…

Read more →

Learn what a vulnerability assessment is, how to perform a vulnerability scan, & the best practices for vulnerability management. The post What Is a Vulnerability Assessment? Types, Steps & Benefits appeared first on eSecurityPlanet. This article has been indexed from…

Read more →

Portnox Cloud offers network access control (NAC) as a cloud-hosted SaaS solution that enables rapid deployment of basic NAC capabilities. Although the capabilities are more limited than some NAC competitors, the quick deployment and reduced IT labor costs make Portnox…

Read more →

Explore the top NAC solutions to ensure your network is only accessed by trusted users and avoid unwanted risks. The post 9 Top Network Access Control (NAC) Solutions for 2023 appeared first on eSecurityPlanet. This article has been indexed from…

Read more →

OPSWAT continues to build out the capabilities of MetaAccess, their network access control (NAC) solution, and offers an attractive trial of up to 50 licenses for an unlimited duration. MetaAccess focuses on delivery of a virtual appliance that can be…

Read more →

Bot protection solutions help protect your business from malicious bots. Compare the best solutions now. The post 5 Best Bot Protection Solutions and Software for 2023 appeared first on eSecurityPlanet. This article has been indexed from eSecurityPlanet Read the original…

Read more →

A massive cyber attack targeting drive maker Western Digital Corp. (WDC) could potentially have serious and long-term implications. One of the hackers apparently disclosed the extent of the cyber attack to TechCrunch this week. Hackers accessed a range of company…

Read more →

As a spinoff of the network infrastructure leader, Juniper Networks, Ivanti’s Policy Secure provides effective network access control built on a foundation of deep understanding of networks. However, with three rebrandings since 2014, many potential customers may not recognize the…

Read more →

EDR solutions ensure an organization’s endpoints are running properly by monitoring and troubleshooting tech on the network. Compare the top tools now. The post Top Endpoint Detection and Response (EDR) Solutions in 2023 appeared first on eSecurityPlanet. This article has…

Read more →

Compression is a great way for hackers to hide malware and render it undetectable. Here’s what to do about that. The post How UPX Compression Is Used to Evade Detection Tools appeared first on eSecurityPlanet. This article has been indexed…

Read more →

A vulnerability assessment is one of the most important pieces of an enterprise’s vulnerability management lifecycle because you can’t fix security vulnerabilities you know nothing about. Through the vulnerability assessment process, networks and assets are scanned and newly discovered vulnerabilities…

Read more →

Microsoft’s Patch Tuesday for April 2023 targets 97 vulnerabilities, seven of them rated critical – as well as one that’s currently being exploited in the wild. The one flaw that’s currently being exploited, CVE-2023-28252, is an elevation of privilege vulnerability…

Read more →

Check Point and Palo Alto Networks are two of the top next-generation firewall vendors (NGFWs) and both appear on eSecurity Planet’s list of the top NGFW products and the top cybersecurity companies too. Security buyers in the market for NGFWs…

Read more →

As a pioneer in the network access control (NAC) market, Forescout understands that their customers will need to detect and control a wide variety of endpoints and applications. Forescout’s Platform not only enables robust NAC capabilities, but also offers options…

Read more →

Kali Linux turns 10 this year, and to celebrate, the Linux penetration testing distribution has added defensive security tools to its arsenal of open-source security tools. It remains to be seen if Kali Purple will do for defensive open source…

Read more →

Network security creates shielded, monitored, and secure communications between users and assets. Despite the rapid evolution of what constitutes the users, assets, and connections, the fundamentals of networking security remain the same: block external threats, protect internal network communications, monitor…

Read more →

A DMZ network, or a demilitarized zone, is a subnetwork in an enterprise networking environment that contains public-facing resources — such as web servers for company websites — in order to isolate them from an enterprise’s private local area network…

Read more →

Open-source penetration testing tools are freely available software that help pentest teams identify areas of weakness in their systems. Teams often need a variety of tools to perform a full penetration test, so using the wide range of open-source pentesting…

Read more →

Ransomware is a type of malicious program, or malware, that encrypts files, documents and images on a computer or server so that users cannot access the data. Ransomware is the most feared cybersecurity threat and with good reason: Its ability…

Read more →

As a leader in wireless and wired large area network (LAN) infrastructure, Extreme Networks deeply understands the operational requirements for networks and the IT teams managing them. To aid in reducing IT labor requirements and to improve security, Extreme Networks…

Read more →

Effective vulnerability management is about knowing what you own and prioritizing what you need to fix. A new research report shows that millions of organizations are failing at those critical cybersecurity practices. Researchers at cybersecurity firm Rezilion found more than…

Read more →

LastPass is a popular cloud-based password manager that allows users to secure, manage, and retrieve their passwords and other confidential information. One of our picks for the best password managers, LastPass offers features such as password autofill, automatic password generation,…

Read more →

Keep up with the latest cybersecurity news and trends. Check out our list of the top cybersecurity Twitter accounts to follow now. The post Top 26 Cybersecurity Experts & Accounts to Follow on Twitter appeared first on eSecurityPlanet. This article…

Read more →

Discover the 70 hottest cybersecurity startups to watch in 2023. Learn more about their products, services, and more. The post Top 60 Cybersecurity Startups to Watch appeared first on eSecurityPlanet. This article has been indexed from eSecurityPlanet Read the original…

Read more →

  Originally designed as a network access control (NAC) solution, Aruba ClearPass continues to evolve into a portfolio of network security tools. Even as the capabilities expand, ClearPass continues to deliver on its central purpose of controlling network access at…

Read more →

Enterprise IT, network and security product vulnerabilities were among those actively exploited in zero-day attacks last year, according to a recent Mandiant report. Mandiant tracked 55 zero-day vulnerabilities that were actively exploited in 2022. That’s fewer than the 81 zero-days…

Read more →

User and entity behavior analytics (UEBA) tools are a relatively recent offering that help businesses better understand cybersecurity threats. Similar terms for the technology include user behavior analytics (UBA), threat analytics, and security analytics. Many others have simply packaged UEBA…

Read more →

Sophos and Fortinet both appear on our list of the top next-generation firewalls (NGFWs), and while both offer very good security at their price points, they serve very different markets. What follows is a look at the key features and…

Read more →

Networks connect devices to each other so that users can access assets such as applications, data, or even other networks such as the internet. Network security protects and monitors the links and the communications within the network using a combination…

Read more →

From the very beginning of the cloud computing era, security has been the biggest concern among enterprises considering cloud services. For many organizations, the idea of storing data or running applications on infrastructure that they do not manage directly seems…

Read more →

Whether you’re operating a global enterprise network or a small family business, your network’s security needs to be optimized with tools, teams, and processes to protect customer data and valuable business assets. Network security is an umbrella term for all…

Read more →

Compare the Best Cyber Insurance Companies for 2023. Protect your business from cyber threats with the right coverage. The post Top 5 Cyber Insurance Companies for 2023 appeared first on eSecurityPlanet. This article has been indexed from eSecurityPlanet Read the…

Read more →

Microsoft’s Patch Tuesday for March 2023 includes patches for more than 70 vulnerabilities, including zero-day flaws in Outlook and in Windows SmartScreen. According to Crowdstrike researchers, 40 percent of the patched vulnerabilities are remote code execution flaws, down from 48…

Read more →

Network security threats weaken the defenses of an enterprise network, endangering proprietary data, critical applications, and the entire IT infrastructure. Because businesses face an extensive array of threats, they should carefully monitor and mitigate the most critical threats and vulnerabilities.…

Read more →

Network security creates shielded, monitored, and secure communications between users and assets. Despite the rapid evolution of what constitutes the users, assets, and connections, the fundamentals of networking security remain the same: block external threats, protect internal network communications, monitor…

Read more →

HYAS researchers recently developed proof-of-concept (PoC) malware that leverages AI both to eliminate the need for command and control (C2) infrastructure and to generate new malware on the fly in order to evade detection algorithms. The malware, dubbed “BlackMamba,” is…

Read more →

Compare the best commercial and open source web and app vulnerability scanners for website and application DevOps. The post Best DevOps, Website, and Application Vulnerability Scanning Tools appeared first on eSecurityPlanet. This article has been indexed from eSecurityPlanet Read the…

Read more →

Compare vulnerability scanners tailored for the special needs of MSPs, MSSPs, and their customers. The post Best MSP/MSSP Vulnerability Scanning Tool Options appeared first on eSecurityPlanet. This article has been indexed from eSecurityPlanet Read the original article: Best MSP/MSSP Vulnerability…

Read more →

Compare the enterprise-ready vulnerability scanners for broad IT needs: networks, cloud, containers, and apps. The post Best Enterprise Vulnerability Scanning Vendors appeared first on eSecurityPlanet. This article has been indexed from eSecurityPlanet Read the original article: Best Enterprise Vulnerability Scanning…

Read more →

Compare the best IT infrastructure and application vulnerability scanners for resource-constrained SMBs. The post Best Small and Medium-sized Business (SMB) Vulnerability Scanning Tools appeared first on eSecurityPlanet. This article has been indexed from eSecurityPlanet Read the original article: Best Small…

Read more →

Compare specialty vulnerability scanning tools for modern cloud, container, and data lake infrastructure. The post Best 3 Cloud, Container and Data Lake Vulnerability Scanning Tools appeared first on eSecurityPlanet. This article has been indexed from eSecurityPlanet Read the original article:…

Read more →

Vulnerability scanning tools are essential for keeping your site secure. Compare the best vulnerability scanners now. The post The 8 Best Vulnerability Scanner Tools for 2023 appeared first on eSecurityPlanet. This article has been indexed from eSecurityPlanet Read the original…

Read more →

Penetration tests are simulated cyber attacks executed by white hat hackers on systems and networks. The goal of these simulations is to detect vulnerabilities, misconfigurations, errors, and other weaknesses that real attackers could exploit. Pentesters work closely with the organization…

Read more →

Most of us connect our mobile devices to a Wi-Fi router for internet access, but this connection can leave our network and data vulnerable to cyber threats. To protect against those threats, a Wi-Fi Protected Access (WPA) encryption protocol is…

Read more →

The White House’s National Cybersecurity Strategy unveiled yesterday is an ambitious blueprint for improving U.S. cybersecurity and threat response, but some of the more ambitious items will take time to implement, and could face opposition from Congress. President Biden came…

Read more →

As enterprise networks continue to grow in size and complexity, so have the misconfigurations and vulnerabilities that could expose those networks to devastating cyber attacks and breaches. Vulnerability management is the process of prioritizing and minimizing those risks. When you…

Read more →

Wireless security is the protection of wireless networks, devices and data from unwanted access and breaches. It involves a variety of strategies and practices designed to preserve the confidentiality, integrity and availability of wireless networks and their resources. Wireless security…

Read more →

Ransomware has become a potent tool for cybercriminals looking to exploit companies’ sensitive data for profit. Ransomware attacks have affected businesses across all sizes, locations, and industries, from banking and financial services to utilities to education. When trying to keep…

Read more →

The Microsoft Detection and Response Team (DART) recently warned that attackers are increasingly using token theft to circumvent multi-factor authentication (MFA). “By compromising and replaying a token issued to an identity that has already completed multifactor authentication, the threat actor…

Read more →

Despite all of our investments in security tools, the codebase can be the weakest link for any organization’s cybersecurity. Sanitizing and validating inputs is usually the first layer of defense. Attackers have been using classic flaws for years with a…

Read more →

Everyone needs effective patch management. This critical but tedious process secures organizations of all sizes by eliminating vulnerabilities and delivering product upgrades. Patching requires urgency. Attackers begin to reverse engineer patches immediately to exploit unpatched systems, even as organizations can…

Read more →

Patch management is the consistent and repeatable process of distributing and implementing updates to software, typically to address security and functionality issues. While difficult to get right, patch management is one of the most critical cybersecurity practices, and thus worth…

Read more →

A rootkit is a dangerous and stealthy malware type that enables hackers to take control of your system without your knowledge. Individuals and small businesses employ rootkit scanners to detect and remove rootkit malware. As “root” refers to operating system-level…

Read more →

Compare the best next-generation firewall solutions. Get the most comprehensive list of features and pricing now. The post 9 Best Next-Generation Firewall (NGFW) Solutions for 2023 appeared first on eSecurityPlanet. This article has been indexed from eSecurityPlanet Read the original…

Read more →

Red, blue and purple teams simulate cyberattacks and incident responses to test an organization’s cybersecurity readiness. Understanding how these teams operate is important for an organization that wants to test its cybersecurity defenses realistically — before an adversary does. The…

Read more →

As attackers continue to evolve their tactics, protecting exposed data with encryption remains a critical security practice. However, the type of encryption tool an organization needs depends upon its sophistication and use cases. While banks and government agencies might be…

Read more →

Protect your data with the best disk encryption software. Compare the top solutions now. The post Top 10 Full Disk Encryption Software Products appeared first on eSecurityPlanet. This article has been indexed from eSecurityPlanet Read the original article: Top 10…

Read more →

Cybersecurity podcasts are an easy way to immerse yourself in the world of SecOps. Depending on what you’re looking for, you can catch up on the latest news and hear analysis from experts in the field or take a deep…

Read more →

Penetration tests find security vulnerabilities before hackers do and are critical for keeping organizations safe from cyber threats. You can either create your own pentesting program or hire an outside firm to do it for you. Penetration test services have…

Read more →

Business antivirus software is critical for any organization with devices, applications, and networks to protect. These products, largely designed for smaller organizations, range from standard business-level antivirus tools to full-fledged anti-ransomware protection. Some of these solutions have more features than…

Read more →

Threat hunting starts with a pretty paranoid premise: That your network may have already been breached and threat actors may be inside waiting for an opportunity to strike. Sadly, that turns out to be true in many cases. You can’t…

Read more →

Next-generation firewalls (NGFWs) are a core cybersecurity product, a foundational security tool every organization needs to protect their network from intruders. As defending data and applications become more complicated, the security products built to withstand evolving threats also grow more…

Read more →

Managed detection and response (MDR) goes beyond other managed security services by essentially giving organizations their own expert security analyst team to help identify and respond to cyber threats. The emergence of MDR was in many ways inevitable. Security has…

Read more →

Cloudflare mitigated dozens of hyper-volumetric DDoS attacks last weekend, most of them ranging from 50 to 70 million requests per second (RPS) – and the largest one exceeding 71 million RPS. “This is the largest reported HTTP DDoS attack on…

Read more →

Andrej Karpathy is a former research scientist and founding member of OpenAI. He was also the senior director of AI at Tesla. Lately, he has been using Copilot, which leverages GPT-3 to generate code. He tweeted this about it: “Nice…

Read more →

Like many cybersecurity vendors, ESET continuously innovates to stay competitive as illustrated by the constant improvements to their flagship cloud-based endpoint protection platform, ESET PROTECT. The company and this product have earned their mention on our lists of top endpoint…

Read more →

Microsoft’s February 2023 Patch Tuesday fixes 75 vulnerabilities, nine of them rated critical, and three (all rated important) that are being exploited. “This is only the second Patch Tuesday of the year, and we have already tripled the number of…

Read more →

In 2013, Adam Markowitz founded Portfolium, an edtech startup that matched college students and graduates with employers. “I remember the first time we were asked for a SOC 2 report, which quickly became the minimum bar requirement in our industry…

Read more →

Virtual patching uses policies, rules and security tools to block access to a vulnerability until it can be patched. Zero-day threats and legacy systems are two ways that vulnerabilities can be created for which no patch may exist for some…

Read more →

Application security is the practice of securing software and data from hackers, whether that application comes from a third party or was developed in house, regardless of where it resides or how it’s accessed. As that definition spans the cloud…

Read more →

Vulnerability scanning is the process of scanning IT networks and systems to identify security vulnerabilities in hardware and software. As enterprise IT environments have grown more complex, the ways hackers can attack them have grown too. The edge, cloud computing,…

Read more →

Threat intelligence platforms (TIPs) process external threat feeds and internal log files to create a prioritized and contextualized feed of alerts for a security team. TIPs also enhance security tools with consolidated and improved threat feeds. Our editorial team analyzed…

Read more →

ChatGPT has raised alarm among cybersecurity researchers for its unnerving ability in composing everything from sophisticated malware to phishing lures – but it’s important to keep in mind that the tool can help support cybersecurity defenses as well. Shiran Grinberg,…

Read more →

At the time it was acquired by Palo Alto Networks in late 2018, Twistlock was in use by 25% of the Fortune 100. Its automated and scalable container cybersecurity platform has now been incorporated into Palo Alto’s Prisma Cloud. Since…

Read more →

The LookingGlass scoutPrime threat intelligence platform (TIP) integrates enterprise-grade external security threat information with information on internal architecture and security information to create actionable, prioritized risk scores for threats. The TIP provides security professionals with accelerated analysis of how threats…

Read more →

The widespread adoption of cloud and hybrid IT environments has created a need for new cybersecurity paradigms that address the expanded attack surface and new attack vectors that cloud computing brings. Ensuring the security of your cloud-based services — and…

Read more →

Vulnerability scanning is the process of scanning IT networks and systems to identify security vulnerabilities in hardware and software. As enterprise IT environments have grown more complex, the ways hackers can attack them have grown too. The edge, cloud computing,…

Read more →

The Anomali ThreatStream threat intelligence platform (TIP) integrates hundreds of threat information feeds with the analytics a security professional needs to understand how a specific threat might impact the organization. This article provides more in-depth information on the product and…

Read more →

ChatGPT has raised alarm among cybersecurity researchers for its unnerving ability in composing everything from sophisticated malware to phishing lures – but it’s important to keep in mind that the tool can help support cybersecurity defenses as well. Shiran Grinberg,…

Read more →

SolarWinds lacks the full security suite presence of some competitors, but is well-integrated across a variety of bonus IT operation capabilities such as threat intelligence platform capabilities, privileged access management, USB security, and botnet detection. These additional capabilities make  the…

Read more →

Fortinet and Palo Alto Networks are two of the top cybersecurity companies and compete in a number of security markets, among them EDR and firewalls. Security buyers in the market for next-generation firewalls (NGFWs) often compare the two, and with good reason, as both…

Read more →

The top-ranked IBM X-Force Exchange threat intelligence platform (TIP) integrates enterprise-grade external security threat information with the tools a security professional needs to analyze how the threat might impact the organization. This article provides more in-depth information on the product…

Read more →

The top-ranked IBM X-Force Exchange threat intelligence platform (TIP) integrates enterprise-grade external security threat information with the tools a security professional needs to analyze how the threat might impact the organization. This article provides more in-depth information on the product…

Read more →