Find out how SIEMs with threat escalation, centralization, diverse integrations, and collaboration with network monitoring tools can help clear the line of sight.

What Is CVSS?The common vulnerability scoring system (CVSS) is open and free to industry for evaluating the seriousness of the software security vulnerabilities and is used in vulnerability management software. CVSS gives scores to vulnerabilities per the seriousness of the threat. Scores are computed considering several metrics. Scores are given between 0-10, with most severe score being 10.First...

About CVE (Common Vulnerability Exposures/Enumeration)Common vulnerabilities and exposure gives common names to openly known security issues or vulnerabilities. The objective of CVE is to make it simpler to impart information over different databases and make available a common platform to evaluate security tools.What is a CVE scan?CVE depends on freely accessible data. For the duration of the...

Certified Information Systems Auditor (CISA)A CISA, or Certified Information Systems Auditor is someone that is certified to audit information systems (computers and networks) and the internal controls that a company has put around them to protect them from attack and subsequent compromise.What is a CISA Designation?The CISA designation is assigned to those individuals that have passed a rigorous...

Frequently Asked QuestionsWhat is SQL injection?What is SQL?How common are SQL injections?Am I at Risk for an SQL Injection Attack?What is SQL Injection?SQL injection is currently the most common form of website attack in that web forms are very common, often they are not coded properly and the hacking tools used to find weaknesses and take advantage of them are commonly available online. This...

Learn why network monitoring software is critical for the Internet of Medical Things (IoMT) and keeping healthcare facilities and hospital networks healthy.

A corporate data security policy that sets out how valuable information should be handled will be ineffective unless it’s consistently and accurately enforced. Organizations often have a written policy that’s available on their company intranet and handed to new starters. In practice, however, employees are rarely sure how to apply it to their daily...

What are Cyber Threats?A cyber threat is basically any type of threat that is computer related in nature. To be clear, a computer could be a desktop computer, a laptop, a tablet or even a smartphone. All of these devices have particular types of threats that they can be exposed to that users need to be aware of to ensure that they can protect themselves and their confidential information.Types...

Running a comprehensive and cost-efficient compliance program whether HIPAA, NIST, FFIEC, PCI, GDPR, or Sarbanes Oxley (to mention a few) is a major headache for most Compliance Teams. Digital Defense offers industry leading vulnerability management and assessment, along with best practice compliance guidance to organizations across all verticals and sizes.With predictions from a recent survey by...

This article was originally published on Help Net Security on August 1 , 2019.Microsoft has recently come out and said that mandatory password changing is ancient and obsolete. This goes directly against everything we were trained to think for the last couple of decades, and against most compliance directives including some of the most dominant security standards. And it is correct.If anything,...

What is IPSEC?In the world of VPNs, there are typically two types that an organization can choose from, IPSEC or OpenSSL. While many people have migrated to OpenSSL mode because of its new relative ease of deployment, there are still companies that deploy IPSEC-based VPNs because of the additional layers of security they provide that are not available in OpenSSL-based VPNs.Why Choose an IPSEC VPN...