Management, compliance & auditing

Portions of this article, including many of the definitions and terminology, have been sourced and summarized from ISACA.org and course materials published...

Threat modeling is a process for threat discovery and risk management. Any system carries potential risk, and a clear understanding of these risks is essential...

Threat modeling is an exercise designed to identify the potential threats and attack vectors that exist for a system. Based upon this information, it is possible...

IT management is a competitive career opportunity. Some companies hire from within, but you can still find job opportunities from IT firms looking for qualified...

Risk-based authentication (RBA) has to become part of the enterprise lexicon for a good reason. The authentication measures used to protect access to resources...

Threat modeling is an exercise designed to help an organization identify potential threats and cybersecurity risks within their organization and systems....

Endpoint detection and response is a type of security solution that provides real-time visibility into endpoint activities by monitoring and recording endpoint...

Threat modeling is an exercise designed to identify the potential cybersecurity threats and attack surface of an application. By working through the threat...

On election day 2020, Californians did more than vote for a president. They also passed the California Privacy Rights Act (CPRA), which clarified the California...

Continuing Infosec’s series on threat modeling, we are going to explore some of the biggest benefits organizations can realize from performing this important...