-
MHTML security for Internet Explorer
Threats expert Nick Lewis discusses a recent vulnerability in MHTML security, and whether disabling the MHTML IE function is the best defense tactic.
-
Exploring behavioral monitoring for virtual platforms
Learn about virtual behavior-based monitoring tactics, which allow for easy anomaly detection and can help defend a virtualization infrastructure.
-
Pros & cons of Gmail Postini spam-filtering for SMBs
Learn how a Web-based free spam-filtering service can secure email and prevent spam from attacking your enterprise.
-
Advice on free Web application vulnerability scanners
Expert Michael Cobb points to several free Web application vulnerability scanners to help prevent SQL injection or XSS exploits.
-
How an IIS Web application pool boosts app security
Did you know an IIS Web application pool not only helps manage your applications, but also makes them more secure? Expert Michael Cobb explains the benefits of Web application pools.
-
Debug and test Web applications using Burp Proxy
The Burp Proxy tool, part of the Burp Suite, has many useful features that test Web application security. Learn how to start using Burp Proxy.
-
What is SQL Server Atlanta?
Have you heard about Microsoft’s cloud-based SQL Server Atlanta service? Expert Michael Cobb discusses how Atlanta can help improve performance and security.
-
Rating Windows 7 mobile device encryption
Is it true that Windows 7 mobile device encryption isn’t on-board? How does that affect the phones’ security? Expert Michael Cobb looks at how mobile encryption is vital to enterprise security.
-
Which is best: Certification or an IT security degree?
Which will be more likely to further your infosec career: A certification, or an advanced degree? Expert Ernie Hayden weighs in.
-
Getting started with a DNSSEC implementation
The many well-publicized flaws in DNS make implementing DNSSEC even more vital. In this expert response, Mike Chapple explains the enterprise basics for a DNSSEC implementation.
-
Wireless key security: Securing wireless networking
In this expert response, Mike Chapple presents guidelines for wireless key security, including choosing the most secure wireless key possible.
-
How to find a real IP address using proxy server logs
While using proxy server logs to identify the real IP address of an attacker using a proxy server is technically easy, there are other difficulties along the way. Expert Mike Chapple explains.
-
Can rootkit detection mechanisms stop the Blue Pill?
At Black Hat 2006, researcher Joanna Rutkowska unveiled a piece of machine-based malware called the Blue Pill. But is it a serious threat to your operating system? Ed Skoudis explains in this exper...
-
How to defend against pivot attacks in the enterprise
Nick Lewis explains what a pivot attack is and tells how to go about defending your organization against this threat.
-
Can threat modeling tools help secure mobile apps?
When developing enterprise applications, do you know the quickest way to bridge the gap between an information security team and a development group?
-
Diffie-Hellman vs. RSA: Comparing algorithms
See which encryption method uses digital signatures, symmetric key exchanges, bulk encryption and much more in this Diffie-Hellman vs. RSA showdown from expert Michael Cobb.
-
Google 'Gchat' security and Internet application security best practices
Users in the enterprise may unknowingly be exposed to 'Gchat' security risks. Expert Michael Cobb discusses Internet application security best practices that can help protect enterprise users.
-
Valuable third-party patch deployment software, tools
Do you know some of the best third-party patch deployment tools? See expert Michael Cobb's recommendations on which tools would work best for your enterprise.
-
Secure cloud file storage for health care: How to regain control
Should health care organizations endorse the use of secure cloud file storage? Michael Cobb offers advice on establishing governance processes for cloud-based services.
-
Social networking best practices for preventing social network malware
Get advice on social networking security best practices that can help prevent data leaks and other social network malware that could harm to your enterprise.
-
Submit your questions about infosec threats
Nick Lewis is standing by to give you free, unbiased advice on information security threats.
-
Submit your questions about IAM
Randall Gamby is standing by to give you free, unbiased advice on identity and access management.
-
Submit your questions about application security
Michael Cobb is standing by to give you free, unbiased advice on application security.
Security Management Strategies for the CIO