• Login
  • Become a member
  • RSS
  • Part of the TechTarget network
SearchSecurity.com
  • News
    • Latest Headlines
      • Users may remain vulnerable despite Oracle Java patch release
      • Enterprise BYOD offers mixed bag for enterprise endpoint security
      • CEO: Symantec strategy to emphasize endpoint security, partnerships
      • View All News
    • Featured

      • Information Security Magazine

        The information security pro’s resource for keeping corporate data, applications and devices secure

        Download Now!
  • Premium
    Editorial
    • E-Books
      • Technical guide to secure collaboration software
      • Technical guide on PCI: Global compliance trends
      • Technical guide to Web security gateways
      • View All E-Books
    • E-Zines
      • Information Security magazine
      • Information Security magazine archives
      • Information Security magazine subscription/renewal
      • Information Security magazine calendar
      • View All E-Zines
    • E-Handbooks
      • Enterprise network security visibility: Beyond traditional defenses
      • Network security best practices and essentials
      • Threat management: Devising a new strategy to tackle today's cyber attacks
      • View All E-Handbooks
  • Multimedia
      • Videos
      • Gary McGraw Silver Bullet Podcast
      • Screencasts
      • Webcasts
      • Podcasts
      • Slideshows
  • Security
    Topics
    • Topics
      • Enterprise Data Protection
      • Application and Platform Security
      • Enterprise Identity and Access Management
      • Government IT Security Management
      • Information Security Threats
      • Information Security Careers, Training and Certifications
      • Security Audit, Compliance and Standards
      • Security for the Channel
      • Enterprise Network Security
      • Information Security Management
    • Hot Topics
      • Security Management Strategies for the CIO
      • Security patch management and Windows Patch Tuesday news
      • PCI Data Security Standard
      • Disk Encryption and File Encryption
  • Tutorials
    • Advice & Tutorials
      • Security School Course Catalog from SearchSecurity.com
      • Information Security Learning Guides
      • Information security book excerpts and reviews
      • Wireless Security Lunchtime Learning with Lisa Phifer
      • Information security podcasts
      • Screencasts: On-screen demonstrations of security tools
      • View All Tutorials
    • Technology Dictionary
      • Find definitions and links to technical resources
      • Powered by WhatIs.com
  • Expert
    Advice
    • Tips
      • PCI e-commerce compliance guidelines for third-party payment processors
      • How key MDM features affect mobile security policy management
      • Intro to two-factor authentication in Web authentication scenarios
      • View All Tips
    • Answers
      • Reframing discussions about return on security investment
      • The effects of secure application development practices
      • IT security risk training for executives: How to get started
      • View All Answers
    • Ask a Question
      • Get help from our technical community
      • Powered By ITKnowledgeExchange.com
  • White
    Papers
    • Research Library
      • White Papers
      • Business Webcasts
      • Downloads
      • Powered by Bitpipe.com
    • Product Demos
      • Try out software demos
      • Powered By 2020Software.com
    • Resource Centers
      • View All Resource Centers
  • Blogs
    • Blogs
      • More Security Blogs
      • Security Corner with Ken Harthun
      • Security Wire Weekly
      • More Security Blogs
      • Powered By ITKnowledgeExchange.com
  • Certification
    Central
      • CISSP Practice Test
      • Earn CPE Credit
  • Home
  • Ask the Experts

  • Submit your questions about infosec threats

    Nick Lewis is standing by to give you free, unbiased advice on information security threats.

  • Submit your questions about IAM

    Randall Gamby is standing by to give you free, unbiased advice on identity and access management.

  • Submit your questions about application security

    Michael Cobb is standing by to give you free, unbiased advice on application security.

  • Meet All Experts

Submit a question to our experts

Expert Answers

  • Positioning the ROI of information security

    According to expert Joe Granneman, return on security investment is a misnomer. Here's a better way to view security expenditures.

  • Selling the CIO on secure software development

    Selling the CIO and others on secure application development requires understanding how it will impact the development process.

  • IT security risk training for executives

    Executives don’t have time for formalized security risk training, so the onus is on the security team to become involved with core business processes.

  • Making the most of SANS security awareness tools

    Learn how to use tools from the SANS Securing the Human program to boost the effectiveness of an enterprise security awareness program.

  • How to manage Samsung Android kernel issues for BYOD

    Expert Nick Lewis discusses the threat and significance of Android kernel vulnerabilities found in popular Samsung mobile devices.

  • How to manage Google Chrome clickjacking flaw

    Expert Nick Lewis explains the Google Chrome clickjacking vulnerability, including why avoiding the issue isn't as simple as switching browsers.

  • How malware evasion techniques affect anti-malware

    Learn about the evolving nature of malware evasion techniques. Security expert Nick Lewis determines whether anti-malware tools should detect them.

  • How much risk does the WordPress pingback flaw pose?

    Security expert Nick Lewis details the WordPress pingback vulnerability and advises whether it is time to update custom WordPress implementations.

  • What lessons can be learned from Project Blitzkrieg?

    Expert Nick Lewis offers security measures that enterprises, particularly financials, can utilize to fend off Project Blitzkrieg-style DDoS attacks.

  • Getting funds for your information security budget

    Getting executive support to boost the information security budget is no easy task. Expert Joe Granneman offers tips for getting the funds you need.

  • When to opt for open source security tools

    Open source security tools can help stretch your IT security budget further -- that is, if you use them strategically. Joseph Granneman explains how.

  • How a security technologist can become a CISO

    Security technologists aspiring to become CISOs must develop a variety of business skills, as Joe Granneman explains in this Ask the Expert Q&A.

  • What are the basic requirements to join an ISAC?

    Joe Granneman explains how ISACs enable cybersecurity information sharing and the basic requirements for joining an ISAC.

  • How to harden legacy applications with Microsoft's EMET

    Expert Michael Cobb details how using EMET, a free tool from Microsoft, can harden Windows XP and other legacy applications.

  • Analysis: How BlackBerry 10's password blacklist works

    Expert Michael Cobb reacts to the BlackBerry 10 password blacklist and determines whether enterprises could adopt it to further secure passwords.

  • Google Play Private Channel: Better than app stores?

    Is the Google Private Channel a more secure option than building an internal enterprise app store? Expert Michael Cobb discusses.

  • How to mitigate Adobe Shockwave Player security issues

    Expert Michael Cobb discusses Adobe Shockwave security issues highlighted by US-CERT, and details how a Web security gateway is one way to allay them.

  • Validating Web app security: Pen test or code review?

    For Web application security testing, if cash is tight, should a penetration test top an application code review? Michael Cobb explains his choice.

  • Virtual security gateways: Hype or necessity?

    Matthew Pascucci discusses virtual security gateway appliances and whether they are a virtual data center necessity or just an overhyped product.

  • Effects of the cloud on network security skills

    Will the ongoing adoption of cloud technology affect the skills that network security engineers need in the future? Matt Pascucci discusses.

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
More from Related TechTarget Sites
  • Cloud Security
  • Consumerization
  • Financial Security
  • SMB Security
  • Security AU
  • Security IN
  • Computer Weekly
  • Cloud Security
    • Gartner: Negotiate cloud contracts with detailed security, control

      When negotiating with cloud providers, enterprises must demand cloud contracts with specific security and control provisions, Gartner analysts say.

    • Cloud data breach notification: Defining legal obligations

      Francoise Gilbert provides a cloud data breach notification overview for enterprises concerned about placing personal information in the cloud.

    • Are FedRAMP security controls enough?

      Cloud service providers are working with authorized third-party auditors to meet FedRAMP security controls. The 3PAOs tell us how it’s going, so far.

  • Consumerization
    • How to choose the right enterprise mobile, cloud and social tools

      IT departments need to evaluate vendors for social tools, such as mobile and cloud. Without a secure plan, IT risks an unsecure liability.

    • Office Mobile for iPhone requires Office 365

      Microsoft released Office Mobile for iPhone but it requires an Office 365 subscription and isn't made for iPad.

    • NSA surveillance leads to tighter data privacy policies

      Knowledge of the National Security Agency's surveillance has led some companies to revamp their data privacy policies.

  • searchFinancialSecurity
    • PayPal CISO: Laws must foster better cybersecurity information sharing

      PayPal's Michael Barrett says many firms fear misuse of shared cybersecurity data. He also discusses the evolution of PCI DSS and mobile payment security.

    • Cybergang plans to use Trojan against U.S. banks

      A cybergang in Eastern Europe revealed plans to attack U.S. banks with a Gozi-like Trojan, according to RSA.

    • Improved Shylock Trojan targets banking users

      The latest variant of the banking Trojan is causing numerous problems, Symantec said.

  • searchMidmarketSecurity
    • Windows Phone 7 security: Assessing WP7 security features

      Windows Phone 7 security features are proving to be a mixed bag. Sam Cattle assesses the enterprise security pros and cons of the latest Windows mobile platform.

    • Choosing the best security certifications for your career

      Whether starting your career or planning your next step as an IT security professional, this tip will guide you toward the best certifications for your interests and experience.

    • Midmarket security tutorials

      SearchMidmarketSecurity.com’s tutorials offer IT professionals in-depth lessons and technical advice on the hottest topics in the midmarket IT security industry. Through our tutorials we seek to provide site members with the foundational knowledge needed to deal with the increasingly challenging job of keeping their organizations secure.

  • searchSecurityAU
    • Exploit kits evolved: How to defend against the latest attack toolkits

      Expert Nick Lewis details how automated exploit kits are evolving and offers mitigations for the latest methods employed by these attack toolkits.

    • May 2013 Patch Tuesday fixes IE8 zero day; Adobe tightens ColdFusion

      The software giant's May 2013 Patch Tuesday update permanently fixes the IE8 zero-day flaw found in the Dept. of Labor website attack.

    • Can self-managed cloud security controls ease enterprise concerns?

      Expert Dave Shackleford details how enterprises can increasingly manage their own cloud security controls with private virtual cloud offerings.

  • Information Security
    • Security tech market set to grow 8.7% in 2013, says Gartner

      The worldwide security technology and services market will reach $67.2bn in 2013, up 8.7% from 2012, according to research firm Gartner

    • A malicious charger could hack Apple devices easily, claim researchers

      A modified phone charger or battery could be used to hack Apple devices, say researchers from Georgia Tech

    • How to reduce IT security risk with IT asset management

      IT asset management expert Barb Rembiesa explains how ITAM best practices like IT asset standardization and rationalization reduce IT security risk.

  • Computer Weekly
    • UK mobile industry remains behind the times in digital payments technology

      The mobile payments industry is struggling to grow due to many convoluted payment technologies that are difficult to develop for

    • Interview: John Swainson, president of Dell Software

      Dell Software president John Swainson's aims to make Dell Software a $5bn business

    • Tech firm ditches Rackspace hosting service for ‘lack of support’

      Cloud sales service company Price & Quote has ditched IT hosting provider Rackspace due to “lack of support and unresponsiveness”

All Rights Reserved,Copyright 2000 - 2013, TechTarget
  • About Us
  • Contact Us
  • Site Index
  • Privacy policy
  • Advertisers
  • Business partners
  • Events
  • Media kit
  • TechTarget Corporate site
  • Reprints
  • Archive
  • Site map