Bookshelf

• Case study: Why it's difficult to attribute nation-state attacks

  If two attacks look similar, don't assume they're from the same attacker. It's difficult to attribute nation-state attacks, as evidenced by the notorious 2016 Odinaff malware.  Continue Reading

• Tips for using a threat profile to prevent nation-state attacks

  Is your organization concerned about state-sponsored attacks? Threat profiling can help prevent nation-state attacks. Get advice on how to create an effective threat profile.  Continue Reading

• Rethinking asynchronous communication in remote work

  Remote work carries different expectations for communication. Learn how to shift to asynchronous communication to create more equitable collaboration among remote employees.  Continue Reading

• Remote work effectiveness requires adjusting expectations

  Author James Stanier discusses the lessons from 'Effective Remote Work' in adapting to asynchronous communication and preparing for the hybrid workplace.  Continue Reading

• How to conduct Linux privilege escalations

  Learn how to conduct Linux kernel exploitation with Metasploit and manually, as well as how to identify vulnerabilities on Linux using enumeration scripts.  Continue Reading

• Why companies should focus on preventing privilege escalation

  If attackers can elevate privileges once inside a system, their access can be unlimited. Discover common privilege escalation techniques and how to mitigate them.  Continue Reading

• An introduction to binary diffing for ethical hackers

  Binary diffing is a useful tool in the ethical hacker's arsenal. This excerpt teaches aspiring penetration testers and red teamers how to get started.  Continue Reading

• Unethical vulnerability disclosures 'a disgrace to our field'

  The cybersecurity field needs more people who use their powers for good, the lead author of Gray Hat Hacking: The Ethical Hacker's Handbook, Sixth Edition says.  Continue Reading

• Sound business process architecture requires key traits

  Business processes require a coherent enterprise-level architecture. In this excerpt from his new book, Roger Burlton identifies key traits business processes should share.  Continue Reading

• Stochastic processes have various real-world uses

  The breadth of stochastic point process applications now includes cellular networks, sensor networks and data science education. Data scientist Vincent Granville explains how.  Continue Reading

• Stochastic point processes and their practical value

  Data scientists learn and utilize stochastic point processes for myriad pragmatic uses. Data scientist Vincent Granville explains this in his new book.  Continue Reading

• How to implement OpenID Connect for single-page applications

  The OpenID Connect authentication protocol can be used to secure a variety of applications. This excerpt teaches developers how it works with single-page applications.  Continue Reading

• How to use OpenID Connect for authentication

  OpenID Connect has become a trusted protocol to connect with identity providers. Explore how to use it for IAM, common threats to be aware of and how to connect to multiple IdPs.  Continue Reading

• The importance of HR's role in cybersecurity

  HR teams must keep security top of mind when hiring and onboarding employees and enforcing data privacy policies. Get advice on the procedures and mechanisms to do so.  Continue Reading

• Why CISOs need to understand the business

  While CISOs need technical skills, business skills help them push their team's agenda and get the support and funding they need to protect their company.  Continue Reading

• The role of NVMe network storage for the future

  This chapter excerpt from 'Building a Future-Proof Cloud Infrastructure' examines the role networking and storage protocols, like NVMe, could have in the remote storage market.  Continue Reading

• New approaches create opportunity to turn data into value

  Bill Schmarzo, a data science industry thought leader, discusses how organizations can reframe their view of data using economic concepts to turn data into value.  Continue Reading

• Improve data value by relying on economic principles

  Bill Schmarzo, author of 'The Economics of Data, Analytics, and Digital Transformation,' discusses how organizations can improve data value by incorporating economic concepts.  Continue Reading

• Try a network configuration quiz to study for Network+ exam

  Use these sample questions from CompTIA's 'Official CompTIA Network+ Self-Paced Study Guide (Exam N10-008)' in preparation for your certification exam.  Continue Reading

• Study various network types, topologies for configuration

  Those looking to earn a Network+ certification need to learn about network types, topologies, network design best practices and more. James Pengelly's book covers those topics.  Continue Reading

• Network design considerations for Network+ exam prep

  One of the first things network pros should learn is how to design a network. In this Q&A, author James Pengelly discusses best practices for network configuration.  Continue Reading

• Tips for creating a cybersecurity resume

  Resumes help candidates leave an impression on potential employers. But did you know one resume often isn't enough? Learn this and other tips for creating a cybersecurity resume.  Continue Reading

• How to manage imposter syndrome in cybersecurity

  The imposter syndrome phenomenon is readily apparent in cybersecurity. Learn how to manage it, along with mishaps to avoid during the job hunt and other career advice.  Continue Reading

• Implement API rate limiting to reduce attack surfaces

  Rate limiting can help developers prevent APIs from being overwhelmed with requests, thus preventing denial-of-service attacks. Learn how to implement rate limiting here.  Continue Reading

• API security methods developers should use

  Developers can reduce the attack surface by implementing security early in the API development process and knowing methods to secure older APIs that can't be deprecated.  Continue Reading

• Enhancing the efficiency of remote team communication

  Successful remote team communication requires thoughtfully examining how teams use collaboration tools and designing interactions that improve the efficiency of remote teams.  Continue Reading

• Remote communication best practices need mindful approach

  Authors Matthew Skelton and Manuel Pais discuss how to apply the lessons from their 'Remote Teams Interactions Workbook' to develop remote communication best practices for teams.  Continue Reading

• Radical collaboration in enterprises: How does it work?

  What would a world with 'no bureaucracies, no bosses and no bull' look like? Like success, says Matt Parker in his new book, 'A Radical Enterprise.'  Continue Reading

• Automated machine learning improves project efficiency

  Until recently, machine learning projects had a small chance of success given the amount of time they require. Automated machine learning software speeds up the process.  Continue Reading

• Learn the benefits of interpretable machine learning

  In this excerpt from 'Interpretable Machine Learning with Python,' read how machine learning models and algorithms add value when they are both interpretable and explainable.  Continue Reading

• AutoML platforms push data science projects to the finish line

  Data science projects often have trouble reaching the production phase, but automated machine learning platforms are accelerating data scientists' work to help them come to fruition.  Continue Reading

• Interpretability and explainability can lead to more reliable ML

  Interpretability and explainability as machine learning concepts make algorithms more trustworthy and reliable. Author Serg Masís assesses their practical value in this Q&A.  Continue Reading

• A day in the life of a cybersecurity manager

  The role of a cybersecurity leader is often misunderstood. Experience a day in the life of a cybersecurity manager with this breakdown of a security leader's typical schedule.  Continue Reading

• Top cybersecurity leadership challenges and how to solve them

  Security isn't always a top business priority. This creates challenges for the cybersecurity managers and teams that hope to integrate security into their company's agenda.  Continue Reading

• How to prepare for malicious insider threats

  Stopping malicious insider threats is just as important as preventing external ones. Uncover what to look for and strategies to prevent insider threats before they cause damage.  Continue Reading

• Include defensive security in your cybersecurity strategy

  Is your company's cybersecurity strategy comprehensive enough to protect against an expanding threat landscape? Learn how developing defensive security strategies can help.  Continue Reading

• Tableau dashboard tips and tricks from an expert author

  In this excerpt from his new book on using Tableau CRM, data expert Mark Tossell takes readers step by step through best practices for dashboard creation.  Continue Reading

• Nmap use cases, tools and product comparisons

  Nmap is historically known for port scanning, but thanks to several subprojects, its use cases have expanded. Learn how Nmap is used, along with other comparable tools.  Continue Reading

• How to use Nmap to scan for open ports

  One of Nmap's primary functions is conducting port scans. In this walkthrough, learn how to launch a default scan, along with other options that affect Nmap port scan behavior.  Continue Reading

• New book explores business benefits of immersive technology

  Immersive technologies will transform business, with weighty consequences for the global economy. Learn what extended reality can do in this book excerpt by PwC's XR chief.  Continue Reading

• 'Building the Data Lakehouse' explores next-gen architecture

  This book excerpt by 'father of the data warehouse' Bill Inmon and experts Mary Levins and Ranjeet Srivastava explores the latest methods for wrangling data into usable intel.  Continue Reading

• Types of cybersecurity controls and how to place them

  A unilateral cybersecurity approach is ineffective in today's threat landscape. Learn why organizations should implement security controls based on the significance of each asset.  Continue Reading

• Top infosec best practices, challenges and pain points

  Weak infosec practices can have irrevocable consequences. Read up on infosec best practices and challenges, as well as the importance of cybersecurity controls and risk management.  Continue Reading

• 9 wireless questions for Cisco's CCT, CCNA exams

  Those looking to pass the Cisco CCT and CCNA certification exams will need to understand how wireless networking works. This practice quiz covers the basics of wireless networking.  Continue Reading

• Guide on wireless networking concepts for CCT, CCNA exams

  Cisco's CCT and CCNA exams include wireless networking questions. Use this excerpt from Glen Clarke's 'CCT/CCNA Routing and Switching All-in-One Exam Guide' as a tool to prepare.  Continue Reading

• Learn the basics of wireless networking for exam prep

  In this Q&A, author Glen Clarke introduces readers to wireless networking and outlines what CCT and CCNA test-takers should study when prepping for their exams.  Continue Reading

• Experts lay out data illiteracy's dangers, propose remedies

  In this excerpt from their new book 'Data Literacy,' top data management experts Peter Aiken and Todd Harbour outline a new way to gauge data learnedness.  Continue Reading

• Elastic Stack Security tutorial: How to create detection rules

  This excerpt from 'Threat Hunting with Elastic Stack' provides step-by-step instructions to create detection rules and monitor network security events data.  Continue Reading

• Elastic Security app enables affordable threat hunting

  New to threat hunting in cybersecurity? Consider using the open code Elastic Stack suite to gather security event data and create visualizations for decision-makers.  Continue Reading

• The components and objectives of privacy engineering

  Privacy engineering helps organizations balance business and privacy needs, while mitigating the impact of data breaches. Learn about its components and objectives.  Continue Reading

• The intersection of privacy by design and privacy engineering

  Data privacy concerns are widespread. Privacy by design and privacy engineering help organizations balance privacy with utility and usability. Learn how.  Continue Reading

• Data literacy aids democratization of data

  In this excerpt from 'Be Data Literate,' author Jordan Morrow discusses how 'hyped' area of analytics such as BI and embedded analytics contribute to the democratization of data.  Continue Reading

• Knowing the right data enrichment techniques is crucial

  In 'The Enrichment Game,' the latest book by 'Data Guy' Doug Needham, you'll learn why and how to cull data to gain valuable insights and a business advantage.  Continue Reading

• The 3 types of chatbots for beginners and how to build them

  Various types of chatbots exist, but three types, in particular, are easiest for beginners to learn and build independently. Find out more in this chapter excerpt.  Continue Reading

• Beginner's guide to essential chatbot best practices

  In this Q&A, author Andrew Freed lays out key chatbot best practices for beginners, the biggest challenges and how organizations can tell when to adopt chatbot technology.  Continue Reading

• How procurement's little-known importance helps supply chain

  The procurement department's importance is likely little-known within their own company. But procurement can contribute more than cost analysis to the supply chain.  Continue Reading

• 5 cybersecurity personality traits for a successful career

  In this excerpt of 'Confident Cyber Security,' author Jessica Barker outlines five cybersecurity personality traits employers look for in job candidates.  Continue Reading

• How to start a career in cybersecurity from the human side

  Discover how the co-founder of an infosec consultancy and author of 'Confident Cyber Security' started her career and became a leader in the human nature side of security.  Continue Reading

• How to use Python for privilege escalation in Windows

  Penetration testers can use Python to write scripts and services to discover security vulnerabilities. In this walkthrough, learn how to escalate privileges in Windows.  Continue Reading

• Why hackers should learn Python for pen testing

  The authors of 'Black Hat Python' explain the importance of learning Python for pen testing, how it helps create scripts to hack networks and endpoints, and more.  Continue Reading

• New Scrum Master guide covers both theory and practice

  In his new book, a senior software engineer shares his in-depth hands-on knowledge to both prep readers for cert exams and guide them on the job.  Continue Reading

• Adopt GitOps best practices and tools for your organization

  In his book 'Repeatability, Reliability, Scalability through GitOps,' Bryan Feuling provides an in-depth analysis of GitOps to help companies find best practices and tools.  Continue Reading

• How to use Ghidra for malware analysis, reverse-engineering

  The Ghidra malware analysis tool helps infosec beginners learn reverse-engineering quickly. Get help setting up a test environment and searching for malware indicators.  Continue Reading

• Get started with the Ghidra reverse-engineering framework

  Malware analysts use Ghidra to examine code to better understand how it works. Learn what to expect from the reverse-engineering framework, how to start using it and more.  Continue Reading

• 10 CIPP/US practice questions to test your privacy knowledge

  Advance your privacy career by becoming a Certified Information Privacy Professional. Use these 10 practice questions from Wiley's IAPP CIPP/US study guide to prepare for the exam.  Continue Reading

• How to prepare for the CIPP/US exam

  The co-authors of a CIPP/US study guide offer advice on the IAPP certification, including career benefits, how to prepare and how the U.S. exam differs from other regions' exams.  Continue Reading

• The role of smartNICs in modern enterprise networks

  This chapter excerpt from 'Building a Future-Proof Cloud Infrastructure' looks at how smartNICs can support distributed services platforms for both cloud providers and enterprises.  Continue Reading

• How smartNIC architecture supports scalable infrastructure

  In this Q&A, author Silvano Gai discusses how smartNICs can benefit enterprises by providing more granular telemetry and supporting distributed cloud infrastructure.  Continue Reading

• Get started programming the internet of things

  To build IoT systems, IT pros must understand the complexities of programming IoT, including integration. In this excerpt, discover the first step to design full-stack IoT.  Continue Reading

• How to approach programming IoT for full stack development

  Learn what challenges organizations must tackle when developing end-to-end IoT systems from 'Programming the Internet of Things' author Andy King.  Continue Reading

• Learn how to invite external users to Slack workspaces

  Bringing external users to Slack offers organizations productivity benefits. Learn how to invite external users to Slack and manage shared channels and workflows.  Continue Reading

• How to choose exactly the right data story for your audience

  A data practitioner has two jobs: tell the right data story and in the right way to win over project stakeholders, data expert Larry Burns says in his latest book.  Continue Reading

• Malware analysis for beginners: Getting started

  With the cybersecurity industry struggling to fill open positions, now is the time to start in the field. Infosec expert Dylan Barker shares what you should know to be a malware analyst.  Continue Reading

• Top static malware analysis techniques for beginners

  Malware will eventually get onto an endpoint, server or network. Using static analysis can help find known malware variants before they cause damage.  Continue Reading

• 5 skills supply chain professionals need

  As with any job, there are various skills supply chain professionals need to succeed in their chosen field. Here are the five each leader must possess.  Continue Reading

• CompTIA Cloud+ tips to troubleshoot cloud networks

  The CompTIA Cloud+ exam covers a range of topics, including how to secure and troubleshoot cloud networks. Some of the first steps: Start simple, and isolate the problem.  Continue Reading

• Virtualization concepts to study for CCNP and CCIE exams

  In this Q&A, author Patrick Gargano discusses the importance of virtualization in networking and offers studying advice for aspiring CCNPs and CCIEs in preparation for the exams.  Continue Reading

• Explore virtualization study topics for CCNP, CCIE exams

  Aspiring CCNPs and CCIEs will need to grasp one of networking's most important topics: virtualization. 'Day 7' from Patrick Gargano's '31 Days' explains the subject in detail.  Continue Reading

• Bill Inmon's data warehouse approach tackles text analysis

  Learn the fine points of a concept at the heart of 'The Textual Warehouse' a new book that aims to help organizations profit through textual analysis.  Continue Reading

• Sample CompTIA CySA+ test questions with answers

  Going for your CompTIA CySA+ certification? Test what you know before taking the exam with these sample test questions on vulnerability assessment output.  Continue Reading

• How to prepare for the CompTIA CySA+ exam

  The author of the CompTIA CySA+ certification guide offers advice on how to prepare for the exam, discusses the benefits of the cert and more.  Continue Reading

• Keycloak tutorial: How to secure different application types

  IT pros and developers can secure applications with the open source IAM tool Keycloak. When you don't need to worry about passwords, it reduces the potential attack surface.  Continue Reading

• Secure applications with Keycloak authentication tool

  As we look toward the future of authentication, open source tools, such as Keycloak, provide companies a way to secure applications to its specific needs.  Continue Reading

• 5G core network functionality driven by SDN, NFV

  To reap the full benefits of 5G, operators are using SDN, NFV and network slicing to build out core network functionality.  Continue Reading

• An introductory overview of 5G network capabilities

  In this Q&A, author William Stallings discusses 5G services, such as network slicing and QoS, and other topics covered in his book, '5G Wireless: A Comprehensive Introduction.'  Continue Reading

• Test your knowledge in this 5G QoS quiz

  In this quiz, test your knowledge of network slicing, QoS, and other technologies and practices related to 5G networking.  Continue Reading

• The value of PDF data extraction: Sifting for hidden data

  During the process of data cleaning, there's a way to extract valuable hidden data. Learn how in this excerpt from 'Cleaning Data for Effective Data Science.'  Continue Reading

• Start artificial intelligence for IoT in bite-size pieces

  IoT practitioners must follow clear steps to implement an AI analytics process if they want to create an AI application with IoT that improves their deployment's performance.  Continue Reading

• Develop IoT artificial intelligence holistically to prosper

  Author Michael Roshak explores the difficulties of AI design for IoT, the considerations organizations must know about the process and what is exciting about AI and IoT.  Continue Reading

• The benefits of an AI-first strategy

  Enterprises should put AI first in their business strategies by constantly collecting and using new data to power AI models, argues startup investor Ash Fontana.  Continue Reading

• Understanding virtual meetings pros and cons

  This chapter excerpt from 'Suddenly Virtual' explores the importance of using video for virtual meetings and the challenges of always being on camera.  Continue Reading

• Training is key for effective remote meetings

  Authors Karin M. Reed and Joseph A. Allen discuss how to support effective remote meetings. The most important factor for virtual meeting success? Training.  Continue Reading

• Test yourself with this e-learning authentication quizlet

  Integrity and authentication are two evergreen security topics. Try this quick quiz from Technic Publication's PebbleU, and see where to focus your continuing education.  Continue Reading

• Common Linux vulnerabilities admins need to detect and fix

  Server admins need to prepare for a variety of common Linux vulnerabilities, from software and hardware vulnerabilities to employee-created ones and even digital espionage.  Continue Reading

• How to implement Linux security best practices

  When setting up security for a company's infrastructure, admins need to focus on backups, patch management and regular vulnerability scans.  Continue Reading

• 12 official practice questions for the CCNA 200-301 exam

  These practice questions for CCNA 200-301 lay out what readers need to know about network security and IP routing in the LAN, from 'CCNA 200-301 Official Cert Guide, Volumes 1 and 2.'  Continue Reading

• To master software design patterns, perspective is everything

  Elisabeth Robson and Eric Freeman, authors of 'Head First Design Patterns,' outline their quest to teach software design patterns and show developers the right way to learn them.  Continue Reading

• Soft skills key to employability in age of automation

  Soft skills will become even more important as automation increases. Learn what top workplace soft skills organizations will need and how to enable training.  Continue Reading

• How to handle social engineering penetration testing results

  In the wake of conducting social engineering penetration testing, companies need to have a plan ready to prevent or minimize phishing, vishing and other attacks.  Continue Reading

• How to ethically conduct pen testing for social engineering

  Author Joe Gray explores his interest in pen testing for social engineering, what it means to be an ethical hacker and how to get started in the career.  Continue Reading

• 1
• 2
• 3
• 4