-
How to erase browser history
Attackers often try to access enterprise users’ browsing history. Expert Michael Cobb explains how to erase browser history proactively.
-
Fight against phishing with SPF and DKIM authentication
The fight against phishing has been waging for years. Expert Michael Cobb explains how SPF and DKIM authentication technologies could turn the tide.
-
How to prevent drive-by download malware
There are several security strategies enterprises can implement to prevent drive-by download malware infections. Get tips in this expert response.
-
Zeus Trojan: How to decode the Zeus config.bin file
Learn how to analyze the Zeus config.bin file in order to identify targeted URLs and infected computers on your network.
-
Service Pack 1 for Windows 7: What you need to know
Michael Cobb explains why Service Pack 1 for Windows 7 is different than service packs in the past.
-
Setting the bar for cross-site scripting prevention
The Internet Explorer 8 XSS filter can assist in cross-site scripting prevention. Michael Cobb explains how it works in this expert response.
-
Symmetric key encryption algorithms
Can a secure symmetric key encryption algorithm be used in hash function cryptography? Learn more about these data encryption techniques.
-
Next-gen firewall vs. UTM device: Which is better?
How does a next-gen firewall differ from a UTM device, and how does each stack up against Web 2.0 risks?
-
Will independent review improve endoint products?
ICSA Labs recently announced a new endpoint security certification. Could it help improve endpoint security products?
-
Simple baseline network security metrics
Get advice on how to devise appropriate network security metrics for your enterprise from expert Mike Chapple.
-
Cloud computing providers and virtualization for PCI
How should an enterprise approach its cloud computing providers following the debut of the PCI virtualization requirements? Charles Denyer explains.
-
Can VMware's PCI Compliance Checker assess compliance?
The VMware PCI Compliance Checker claims to assess the compliance of a VMware virtual environment. Does it work? Charles Denyer has the answer.
-
PCI Requirement 12.8.2: Understanding client compliance
Expert Charles Denyer addresses whether the PCI 12.8.2 requirement forces an organization working with a payment card merchant to become compliant.
-
Cloud computing PCI compliance: Is it possible?
Is enterprise cloud computing PCI compliance possible? Expert Charles Denyer discusses how to use cloud computing and be PCI DSS-compliant.
-
Comparing certifications: ISO 27001 vs. SAS 70, SSAE 16
Compliance expert Charles Denyer covers ISO 27001 vs. SAS 70, and why enterprises should pay attention to SSAE 16 over SAS 70.
-
Is laptop remote wipe technology essential?
Expert Michael Cobb explains how laptop remote wipe technology can ease data loss fears, but shouldn’t be solely relied upon.
-
Is IE9 now the most secure browser available?
IE security hasn’t always been great. However, expert Michael Cobb explains why Internet Explorer 9 may be the most secure browser out there.
-
PHP programming security best practices
Michael Cobb explains how proper secure coding training is much more important than PHP programming language security.
-
How to mitigate the risk of a TOCTTOU attack
Are TOCTTOU attacks, exploiting time-of-check-to-time-of-use race conditions, a threat to your enterprise file systems? Expert Michael Cobb discusses the dangers and how to mitigate them.
-
Exploring MAC and HMAC message authentication
Hash function encryption is the key for MAC and HMAC message authentication. See how this differs from other message authentication tools from expert Michael Cobb.
-
Submit your questions about infosec threats
Nick Lewis is standing by to give you free, unbiased advice on information security threats.
-
Submit your questions about IAM
Randall Gamby is standing by to give you free, unbiased advice on identity and access management.
-
Submit your questions about application security
Michael Cobb is standing by to give you free, unbiased advice on application security.
Security Management Strategies for the CIO