-
How to monitor network traffic: Appliance placement and choke points
Monitoring network traffic is crucial, but where's the best place to put network monitoring tools? Expert Anand Sastry gives advice.
-
Security/virtualization concerns: Where to place a firewall connection
Is it worthwhile to place signature-based blocking technology before a firewall connection? Learn more in this expert response from Anand Sastry.
-
Best practices for information security reward incentive programs
While employee termination may be necessary in cases of insecure conduct, most employees are more encouraged by the carrot than the stick when it comes to security and compliance.
-
Using a Web app honeypot to boost security for Web apps
Honeypots can be a valuable tool for logging and analyzing intrusions, but do you know the disadvantages to setting up a honeypot? Expert Michael Cobb explains some honeypot best practices.
-
Can honeypots for network security detect a P2P botnet?
Honeypots can be a great network security tool, but are they capable of detecting a P2P botnet? In this expert response, Nick Lewis details how and what kind of threats a honeypot can identify.
-
Using virtual test labs for virtual software testing
Do you know of virtualization that reduces your investment in hardware, space and general overhead? Virtual test labs can do just that. Expert Michael Cobb explains virtual software testing and how...
-
Merger management: How to handle potential merger threats to security
During a merger, management of information security becomes even more crucial in order to mitigate threats, including the many new insiders and attentive attackers that want to take advantage of ho...
-
Smishing: How to protect enterprises from SMS fraud
Learn more about protecting enterprises from smishing, or SMS fraud, in this expert response from Nick Lewis.
-
Virtualization security concerns: The threat of hypervisor malware
What is hypervisor malware, and how worried should enterprises employing virtualization be about it? Threats expert Nick Lewis explains.
-
How to convey the dangers of common Web app attacks
Is your enterprise management unaware of the seriousness regarding Web application attacks? Michael Cobb explains how to explain the dangers of common Web application attacks.
-
Can I trace email origin locations to thwart email attachment viruses?
Can tracing an email back to its origin help to prevent the threat of future viruses via email? Learn more in this expert response.
-
Latest computer virus count: Does more malware mean greater threat?
With the number of viruses reaching an all-time high, how should enterprises react to sustain information security? Threats expert Nick Lewis weighs in.
-
Is a full vulnerability disclosure strategy a responsible approach?
When it comes to vulnerability disclosure, is it responsible for an infosec research firm to release all the details of a flaw before patching measures are in place? Expert Nick Lewis examines the ...
-
Validating ERP system security and ERP best practices
Is your ERP system security effective? How can you be sure? Expert Mike Cobb offers up some ERP security best practices.
-
Computer hijacking: Protecting against the Microsoft DLL download flaw
If exploited, the Microsoft DLL load-hijacking flaw could allow attackers to execute arbitrary code on machines. In this expert response, Nick Lewis explains how to protect against this vulnerability.
-
With EMET, Microsoft ranges beyond mitigation security technology
The Enhanced Mitigation Experience Toolkit is designed to help improve your enterprise application security. See how the EMET toolkit can help protect older Windows systems.
-
Are RealPlayer, Adobe Shockwave vulnerability risks too great for the enterprise?
Adobe Shockwave and RealNetworks RealPlayer are fun and convenient for enterprise users, but are their vulnerabilities worth the risk of having them?
-
Adobe Flash alternatives: The best way to avoid Adobe Flash malware?
It's no secret that Adobe Flash is plagued with malware, so, do enterprises really need it? In this expert response, Nick Lewis discusses how you can weigh the importance of functionality and secur...
-
Will Certificate of Cloud Security Knowledge boost cloud security best practices?
The Cloud Security Alliance has created a new certification to help promote cloud security best practices. Platform security expert Michael Cobb explains whether it's worth obtaining.
-
What is DLL? It's more than a new and improved .EXE file
You see the term dynamic-link libraries a lot, but what is DLL and is it secure?
-
Submit your questions about infosec threats
Nick Lewis is standing by to give you free, unbiased advice on information security threats.
-
Submit your questions about IAM
Randall Gamby is standing by to give you free, unbiased advice on identity and access management.
-
Submit your questions about application security
Michael Cobb is standing by to give you free, unbiased advice on application security.
Security Management Strategies for the CIO