How-Tos 

Incident Response: How to Prepare for Attacks and Breaches

Make sure your organization is prepared for attacks and breaches by putting together an incident response plan and incident response team.

IaaS Security: Threats and Protection Methodologies

Cloud infrastructure services face unique security threats that require a variety of different protection methodologies.

How to Stop Ransomware

Ransomware is a fast-growing security threat. Here's how to prevent it - or get rid of it if you have it.

Securing MySQL DBMS

These steps can help you secure your deployment of the open source MySQL Community Server.

Considerations for Adding FIDO U2F to Your Security Protocol

If you're considering using the FIDO U2F protocol, here's what you need to know.

Top 5 Rootkit Threats and How to Root Them out

Rootkits are tough to detect and tough to eradicate, making them an especially tricky security threat.

5 Essential IoT Security Best Practices

With IoT security top of mind in the wake of recent IoT-based attacks, here are four tips on improving your Internet of Things security measures.

How to Hire an Ethical Hacker

An ethical hacker can help you find application security vulnerabilities. So how do you hire an ethical hacker?

2 Do's and 2 Don'ts of Incident Response and Anomaly Detection

Anomaly detection is growing in popularity as organizations get proactive about incident response. These practices help you get the most out of anomaly detection.

3 Ways CISOs Can Partner with Chief Data Officers

The CISO and the chief data officer must work well together, given the importance of secure data access. Here are tips for fostering a C-suite partnership.

5 Tips on Using OAuth 2.0 for Secure Authorization

OAuth 2.0 can be an effective authorization method. Here we offer tips on implementing and using an OAuth 2.0 authorization server using the OWIN framework.

Which Threat Risk Model Is Right for Your Organization?

Which threat risk model is right for you? We compare strengths and weaknesses of three popular ones: STRIDE, DREAD and CVSS.

How to Protect Bank Cards in E-Commerce Apps

Rapid growth of e-commerce applications mean security is sometimes lacking. How can developers secure e-commerce apps?

Must You Use Microsoft's In-Box DNS?

Active Directory does not require Microsoft DNS to function properly. In fact, organizations can enjoy security benefits by using non-Microsoft DNS.

7 Database Security Best Practices

Database security has never been more important, given the high value hackers place on data. These database security best practices will help protect your data.

How to Mitigate Fourth-Party Security Risks

What do you know about your vendors' vendors? Fourth-party security risks can be serious. How can you mitigate them?

What Citizen Developers Should Know About Mobile Security

The rise of citizen developers creates more mobile security concerns. What can enterprises do to ensure mobile apps are secure?

5 Freaky but Real Application Security Threats

There are some new application security threats in town, and they are pretty scary.

3 Best Practices for Protecting Data Better than Hillary Did

Hillary Clinton's email scandal offers a reminder of the importance of data protection best practices, like the three we cover here.

3 Data Protection Tips, in Light of Proposed Cybersecurity Laws

Proposed cybersecurity legislation is making business owners nervous – with good reason. These tips will help you be prepared no matter what Congress does.

How to Encrypt a Flash Drive Using VeraCrypt

Many security experts prefer open source software like VeraCrypt, which can be used to encrypt flash drives, because of its readily available source code.

Ransomware Is on a Roll – So How Can You Stop It

Ransomware is a favored tool for hackers. Three tips can help you proactively remove ransomware attack vectors.

What Is SQL Injection and How Can It Hurt You?

Using SQL injection hackers can wreak havoc on databases and data-driven applications. Fortunately there are ways to reduce SQL injection risk.

5 Ways to Defuse Data Threat from Departing Employees

Departing employees who take sensitive data with them present a huge security threat. Protection begins with data discovery and classification.

6 Questions to Ask Yourself about Your Cloud Security

While companies are more at ease with the cloud, they still have concerns about cloud security. Asking these questions will help improve cloud security postures.