Arm yourself with insights on the latest cybersecurity topics to keep up with the evolving threat landscape. Learn more about modern and trusted technology and services that evolve with your business, including threat detection & response, data security, identity & access management, and more.

Not every DNS traffic spike is a DDoS attack 

4 min read - You’re a network administrator going about your normal business. Suddenly, you’re seeing a huge spike in inbound traffic to your website, your application or your web service. You immediately shift resources around to cope with the changing pattern, using automated traffic steering to shed load away from overburdened servers. After the immediate danger has passed, your boss asks: what just happened?  Is it really a DDoS attack?  It’s tempting to raise a false alarm in these situations. Distributed denial of…

How is DNSSEC different from encryption? 

2 min read - It’s a question we often hear: “Isn’t DNSSEC the same as encrypted DNS?”  Not really. While DNSSEC protects networks against man-in-the-middle attacks, it does so through public key cryptography, which is different from encryption. In other words, DNSSEC provides a form of authentication, but not a form of confidentiality.  How is public key cryptography different from encryption?  DNSSEC uses public key cryptography to digitally “sign,” or authenticate, DNS queries. When DNSSEC is enabled on a zone record, the receiving device…

Penetration testing methodologies and standards

5 min read - The online space continues to grow rapidly, opening more opportunities for cyberattacks to occur within a computer system, network, or web application. To mitigate and prepare for such risks, penetration testing is a necessary step in finding security vulnerabilities that an attacker might use. What is penetration testing? A penetration test, or “pen test,” is a security test that is run to mock a cyberattack in action. A cyberattack may include a phishing attempt or a breach of a network…

GDPR compliance checklist

9 min read - The General Data Protection Regulation (GDPR) is a European Union (EU) law that governs how organizations collect and use personal data. Any company operating in the EU or handling EU residents' data must adhere to GDPR requirements. However, GDPR compliance is not necessarily a straightforward matter. The law outlines a set of data privacy rights for users and a series of principles for the processing of personal data. Organizations must uphold these rights and principles, but the GDPR leaves some…

Failed to load data

IBM Newsletters

Get our newsletters and topic updates that deliver the latest thought leadership and insights on emerging trends.
Subscribe now More newsletters