The latest best practices and technologies for securing endpoints.

  • IT Buyers Don’t Take Security Seriously Enough: HP

    Given the insane security environment we are in, it may seem weird to suggest that a tech company is too good at security. How can you be too good at something that is critical to the safety and operational resilience of companies and nations? Security is weird that way. I grew up in the security… Read more

  • Why You Need to Tune EDR to Secure Your Environment

    Endpoint detection and response (EDR) solutions typically deploy in a standard configuration meant to deliver the least number of false positive alerts in a generic environment. This allows EDR to deploy very quickly, but it also allows for a number of security vulnerabilities. Here we’ll discuss why EDR vendors choose these configurations, and how organizations… Read more

  • How Hackers Evade Detection

    Bypassing detection tools is part of a hacker’s routine these days. Despite the incredible evolution of defensive technologies, attackers often remain undetected for weeks or months, earning the label advanced persistent threat (APT). Classic security tools are necessary but less and less sufficient. That’s why most security companies are now focusing on behavioral analysis and… Read more

  • Latest MITRE Endpoint Security Results Show Some Familiar Names on Top

    MITRE Engenuity has released the latest round of its ATT&CK endpoint security evaluations, and the results show some familiar names leading the pack with the most detections. The MITRE evaluations are unique in that they emulate advanced persistent threat (APT) and nation-state hacking techniques, making them different from tests that might look at static malware… Read more

  • Addressing Remote Desktop Attacks and Security

    The Remote Desktop Protocol (RDP) has long been essential for IT service management and remote access. Still, in the wrong hands, RDP attacks and vulnerabilities related to remote desktop software are a severe threat. Recent years presented a torrent of research showing how vulnerable RDP systems are for organizations not taking additional cybersecurity precautions. Because… Read more

  • Hiding Devices Using Port Knocking or Single-Packet Authorization (SPA)

    Invisibility sounds like something out of a fantasy novel, but if done properly, we can use it to hide computers, gateways, or individual PCs by implementing specific firewall techniques like port knocking or single-packet authorization (SPA). The effectiveness of the technique has a lot in common with the traditional fantasy concept of invisibility and will be… Read more

  • Zero-Click Attacks a Growing Threat

    Most attacks make would-be victims click to install malware or redirect them to a phishing page to steal their credentials. Zero-click attacks remove this hurdle. They can compromise the targeted device despite a victim’s good security hygiene and practices. There is no need for social engineering, as the program can implant backdoors directly without forced… Read more

  • Malwarebytes vs Bitdefender Comparison: Which One is Best?

    Malwarebytes and Bitdefender are two of the most recognized names in the cybersecurity market for the latest antivirus software, endpoint detection and response (EDR), and endpoint protection platforms (EPP). Both vendors share a number of the same solution capabilities for potential clients, meaning there’s plenty to compare in terms of malware detection and analysis, supported… Read more

  • Becoming an MSSP: Tools, Services & Tips for Managed Security Services

    The next few years will see a surge in channel spending. According to Jay McBain, an analyst at Forrester Research, spending on IT and telecommunications will be worth about $7 trillion by 2030. The channel is destined to land at least a third of that. Competition is fierce. With about half a million VARs currently… Read more

  • 5 Trends in Patch Management

    The profile of patch management has risen considerably in the last year due to the number of major breaches that have taken place where basic patches had been overlooked. News stories repeatedly note that the organizations impacted by breaches had often failed to install high-priority security patches from the likes of Microsoft Exchange, Fortinet, and… Read more

Top Cybersecurity Companies

Top 10 Cybersecurity Companies

See full list

Get the Free Newsletter!

Subscribe to Cybersecurity Insider for top news, trends & analysis