How-Tos 

Today's Top 5 Malware Threats

To fight malware, security teams must understand it. Here are five especially nasty forms of malware.

The Internet of Things: 3 Security Requirements

As the Internet of Things proliferates, so too do IoT-based vulnerabilities and attacks. These three tips will help secure your IoT-enabled network.

Is Shellshock a Feature, not a Bug?

The Shellshock flaw highlights a major security issue. Software created before mass adoption of the Internet is highly susceptible to today's security risks.

7 Cyber Defense Best Practices for SMBs

With cyber criminals increasingly choosing to target smaller companies, SMBs need to up their security game.

No Easy Fix for Point-of-Sale Security

Why is securing point-of-sale systems so hard, and what can retailers do to improve their PoS security postures?

Enforcing Password Complexity without Alienating Users

Protecting passwords from compromise is a challenge for IT managers, who must deal with attacks that aim to compromise systems while giving users the simplicity they want.

Want to Beat Social Engineering? Training Is Key

Social engineering is an insidious – and highly successful – method of data theft. Training users to spot it is the key to beating it.

An Open Source Solution to Shellshock

An open source tool can mitigate risks associated with Bash shell attack.

Sysinternals and Microsoft Windows: An Overview

Sysinternals' new Sysmon tool adds logging functionality to Microsoft's security toolbox. Other tools give IT administrators deep insight into the inner workings of Windows.

9 Resources to Stay Current on Security Threats

These nine online resources will keep security pros informed about the latest threats.

How to Build Security into Your Software Development Lifecycle

Employing the right methodology and tools are two keys to effective application security testing.

Free Tool Fights Advanced Evasion Techniques

AETs are designed to evade next generation firewalls. A free tool can help security admins identify potential weaknesses in firewalls.

Using PowerShell and JEA to Secure Windows Server Systems

Microsoft Windows PowerShell and JEA simplify the process of moving from global administrator accounts to limited local accounts, a best practice in securing Windows Server-based systems.

Big Data Overwhelms Security Teams

Experts say increased automation and better analytics will help security teams overwhelmed by Big Data.

How to Detect SSL Leakage in Mobile Apps

LinkedIn researchers find piles of SSL configuration flaws in mobile apps and so can you.

Using Military Strategy to Fight Cyber Battles

What does the Library of Sparta have to do with modern IT security? Military strategies are increasingly common in cybersecurity – and with good reason.

SaaS Security Risks: It's the Users, Stupid

Black Hat workshop to discuss security concerns of software-as-a-service applications. Not surprisingly, uninformed users pose some of the biggest risks.

How to Minimize Enterprise File Sharing Risks

File sharing and sync (FSS) services like Dropbox can expose sensitive corporate data. Luckily, there are enterprise-grade FSS alternatives.

How Microsoft Handles BYOD

While BYOD still worries infosec pros, vendors like Microsoft are easing concerns by offering authentication and management capabilities.

How to Reduce Use-After-Free Memory Risk

Use-after-free memory errors often crop up in software application code.

User Education Key in Fighting Mobile Malware

Train users to read and heed mobile application permissions, says McAfee Labs.

Security Compliance Primer and Buying Guide

Security compliance is a complex and sometimes onerous task. Here we offer advice on best practices that can help, along with a guide to available tools.

5 Free Tools for Compliance Management

Most IT pros consider compliance a hassle. Yet the tools of compliance can empower security technologies and simplify risk management. Better yet, some of those tools are free.

Managed Security Services' Role in Cloud Security

A managed security service provider (MSSP) is a good option for cloud security, say experts.

Application Performance Management Offers Security Benefits

Administrators use application performance management (APM) tools to meet ebbs and flows of demand. But few leverage the security benefits offered by APM solutions.