-
Security/virtualization concerns: Where to place a firewall connection
Is it worthwhile to place signature-based blocking technology before a firewall connection? Learn more in this expert response from Anand Sastry.
-
Guidance on dual-homed server security
Learn more about how a dual-homed server operates, and what security restrictions it entails in this expert response from Anand Sastry.
-
Do gigabyte converter and SPF records present a security threat?
Do gigabyte interface converters or sender policy framework transceivers retain any of the information that passes through them? Network security expert Anand Sastry explains.
-
How to create a secure conference room with a WLC/NAC configuration
Conference rooms are often hosts to corporate-owned and guest devices, so what 's the best secure authentication setup? Security pro Anand Sastry weighs in.
-
How to monitor network traffic: Appliance placement and choke points
Monitoring network traffic is crucial, but where's the best place to put network monitoring tools? Expert Anand Sastry gives advice.
-
Best practices for information security reward incentive programs
While employee termination may be necessary in cases of insecure conduct, most employees are more encouraged by the carrot than the stick when it comes to security and compliance.
-
Using a Web app honeypot to boost security for Web apps
Honeypots can be a valuable tool for logging and analyzing intrusions, but do you know the disadvantages to setting up a honeypot? Expert Michael Cobb explains some honeypot best practices.
-
Can honeypots for network security detect a P2P botnet?
Honeypots can be a great network security tool, but are they capable of detecting a P2P botnet? In this expert response, Nick Lewis details how and what kind of threats a honeypot can identify.
-
Using virtual test labs for virtual software testing
Do you know of virtualization that reduces your investment in hardware, space and general overhead? Virtual test labs can do just that. Expert Michael Cobb explains virtual software testing and how...
-
Merger management: How to handle potential merger threats to security
During a merger, management of information security becomes even more crucial in order to mitigate threats, including the many new insiders and attentive attackers that want to take advantage of ho...
-
Smishing: How to protect enterprises from SMS fraud
Learn more about protecting enterprises from smishing, or SMS fraud, in this expert response from Nick Lewis.
-
Virtualization security concerns: The threat of hypervisor malware
What is hypervisor malware, and how worried should enterprises employing virtualization be about it? Threats expert Nick Lewis explains.
-
How to convey the dangers of common Web app attacks
Is your enterprise management unaware of the seriousness regarding Web application attacks? Michael Cobb explains how to explain the dangers of common Web application attacks.
-
Can I trace email origin locations to thwart email attachment viruses?
Can tracing an email back to its origin help to prevent the threat of future viruses via email? Learn more in this expert response.
-
Latest computer virus count: Does more malware mean greater threat?
With the number of viruses reaching an all-time high, how should enterprises react to sustain information security? Threats expert Nick Lewis weighs in.
-
Is a full vulnerability disclosure strategy a responsible approach?
When it comes to vulnerability disclosure, is it responsible for an infosec research firm to release all the details of a flaw before patching measures are in place? Expert Nick Lewis examines the ...
-
Validating ERP system security and ERP best practices
Is your ERP system security effective? How can you be sure? Expert Mike Cobb offers up some ERP security best practices.
-
Computer hijacking: Protecting against the Microsoft DLL download flaw
If exploited, the Microsoft DLL load-hijacking flaw could allow attackers to execute arbitrary code on machines. In this expert response, Nick Lewis explains how to protect against this vulnerability.
-
With EMET, Microsoft ranges beyond mitigation security technology
The Enhanced Mitigation Experience Toolkit is designed to help improve your enterprise application security. See how the EMET toolkit can help protect older Windows systems.
-
Are RealPlayer, Adobe Shockwave vulnerability risks too great for the enterprise?
Adobe Shockwave and RealNetworks RealPlayer are fun and convenient for enterprise users, but are their vulnerabilities worth the risk of having them?
-
Submit your questions about infosec threats
Nick Lewis is standing by to give you free, unbiased advice on information security threats.
-
Submit your questions about IAM
Randall Gamby is standing by to give you free, unbiased advice on identity and access management.
-
Submit your questions about application security
Michael Cobb is standing by to give you free, unbiased advice on application security.
Security Management Strategies for the CIO