Expert analysis Archives - Help Net Security

Expert analysis

Is mandatory password expiration helping or hurting your password security?

October 4, 2022

For decades cybersecurity professionals held tight to the idea that passwords needed to be changed on a regular basis. In recent years, however, organizations such as NIST and …

Detecting fileless malware infections is becoming easier

October 3, 2022

For some analysts, memory analysis is only an optional step in cybersecurity investigations. Their reasons are simple. One: Handling memory and volatile data is a complex …

The holy trifecta for developing a secure API

September 28, 2022

It’s hard to write good API specifications, and since most API gateways use them as IAC, they should be carefully checked for common mistakes. Writing an API that sticks …

3 types of attack paths in Microsoft Active Directory environments

September 28, 2022

A common question we are asked by clients after deploying is, “Are attack paths in Active Directory this bad for everyone?” The answer is usually “Yes,” which doesn’t make …

Making a business case for security in a world of tightening budgets

September 27, 2022

With talk of a possible recession approaching (if one isn’t already upon us), many businesses are already applying a higher level of scrutiny to spending—even for …

3 ways to gauge your company’s preparedness to recover from data loss

September 26, 2022

Use these three questions to assess your company’s preparedness to retrieve lost data. 1. Do you have backups of your data? This fundamental question is the basis of …

Mitigating the cybersecurity crisis for the school year ahead

September 23, 2022

As students head back into the classroom, K-12 district leaders are faced with the difficult task of preventing and mitigating cybersecurity threats against their districts. …

What you need to know about Evil-Colon attacks

September 22, 2022

While novel attacks seem to emerge faster than TikTok trends, some warrant action before they’ve even had a chance to surface. This is the case for an attack we’ll refer to as …

Take cybersecurity out to where employees and data are coming together

September 20, 2022

Every morning, we wake up and chances are, we start immediately accessing and consuming information. Whether it’s accessing personal emails, downloading sales reports, or …

Securing your Apple device front through unified endpoint management

September 19, 2022

Apple has always touted the security and privacy capabilities of their devices. Being responsible for both the hardware and the associated OS has allowed Apple to create a …

How to improve public sector’s security strategy?

September 16, 2022

With international tensions heightened as we enter month eight of the war between Russia and Ukraine, it’s clear that a new era of intensifying state-sponsored attacks …

Q-Day doesn’t equal doomsday: Enacting an enterprise quantum security strategy

September 15, 2022

While Quantum Day, or “Q-Day,” may be five to ten years away, it is arriving faster than we would like. Q-Day represents the day that quantum computers will reliably use the …

Expert analysis

Is mandatory password expiration helping or hurting your password security?

Detecting fileless malware infections is becoming easier

The holy trifecta for developing a secure API

3 types of attack paths in Microsoft Active Directory environments

Making a business case for security in a world of tightening budgets

3 ways to gauge your company’s preparedness to recover from data loss

Mitigating the cybersecurity crisis for the school year ahead

What you need to know about Evil-Colon attacks

Take cybersecurity out to where employees and data are coming together

Securing your Apple device front through unified endpoint management

How to improve public sector’s security strategy?

Q-Day doesn’t equal doomsday: Enacting an enterprise quantum security strategy

Don't miss

What should investing in cybersecurity look like for a technology organization?

Is mandatory password expiration helping or hurting your password security?

Incident responders increasingly seek out mental health assistance

HTTP request smuggling vulnerability in Node.js (CVE-2022-35256)

MS Exchange zero-days: The calm before the storm?