Security and identity

Digital credentials are a secure way to verify an identity without paper credentials. Examples include digital badges and digital certificates.

Social engineering will always be a problem, but we can all do our part to make scammers' jobs harder.

Privilege escalation is a cyberattack technique in which a threat actor alters or elevates their permissions in a target system.

Biometric authentication uses physical features—like facial features, iris scans or fingerprints—to verify peoples' identities.

Threat intelligence is detailed, actionable threat information for preventing and fighting cyberthreats targeting an organization.

Customer identity and access management (CIAM) manages the digital identities of customers and other external end users.

The Common Vulnerability Scoring System (CVSS) is a widely used framework for classifying and rating software vulnerabilities.

A digital identity is a profile tied to a specific user, machine or other entity in an IT ecosystem. Digital IDs help track activity and stop cyberattacks.

Chinese AI startup DeepSeek is emerging as a competitive player in the generative AI space, but security experts are raising concerns about potential vulnerabilities in its platform. Here's what you need to know.

Tokenization converts sensitive data into a nonsensitive digital replacement that maps back to the original in order to protect sensitive information.

ASPM is a cybersecurity approach that focuses on safeguarding applications against security threats throughout the application lifecycle.

Data sovereignty determines who has authority over data. Data residency refers to the geographical location of data.

Threat hunting is a proactive approach to identifying previously unknown and ongoing threats in an organization's network.

Data detection and response (DDR) is a cybersecurity technology that monitors and protects data in any format and location across multicloud environments.

At the end of 2024, we've reached a moment in AI development where government involvement can help shape the trajectory of this pervasive technology.

Apple Intelligence promises unparalleled convenience and personalization — while also highlighting the inherent risks of entrusting critical processes to AI.

Adobe has released a security bulletin (APSB24-107) addressing an arbitrary file system read vulnerability in ColdFusion, a web application server. The vulnerability, identified as CVE-2024-53961, can be exploited to read arbitrary files on the system, potentially leading to unauthorized access and data exposure.

Rhode Island ransomware attack exposes residents' personal data from Medicaid and SNAP. Discover the breach's impact and recovery steps.

Secrets management is the protection of credentials—including certificates, passwords and tokens—for nonhuman users, such as apps, servers and workloads.

CISA and the FBI announced that a cyber espionage campaign from the People's Republic of China is targeting commercial telecommunications infrastructure.

With cybersecurity a top focus for many businesses in 2025, cybersecurity is likely to be a top-line item on many budgets heading into the New Year.

A cloud-native application protection platform (CNAPP) is comprehensive cybersecurity software that integrates cloud security solutions (CIEM, CWPP, CSPM) into a single, unified platform.

With the AI landscape rapidly evolving, it's worth looking back before moving forward. These are our top five AI security stories for 2024.

Identity threat detection and response are designed to detect these five types of identity-based risks that SIEM and UBA often fail to address.

Data poisoning occurs when threat actors manipulate or corrupt the training data used to develop artificial intelligence (AI) and machine learning (ML) models.

What is it about being an incident responder that makes people want to step up for this crucial cybersecurity role? IBM's Dave Bales shares his insights.

Security posture is an indicator of an organization’s security status. Its strength is determined by the security controls and security policies in place.

The surge in attacks on internet-facing management interfaces such as Palo Alto Networks' Next-Generation Firewalls highlights an evolving threat landscape.

From HackerOne's Global Bug Bounty to a few of TikTok's top cybersecurity creators, you may be surprised by how the app is promoting cybersecurity.

The cost of stolen cloud credentials on the dark web has steadily decreased since 2022. Have cyber criminals finally oversaturated the market?