April 2006

  • Security Blog Log: Burning about Firefox recruitment

    This week, a security blogger frowns on an independent group's efforts to force IE users onto the Firefox bandwagon. Plus, an international fight over identification cards.

  • How to create and enforce employee termination procedures

    In this Ask the Expert Q&A, Shon Harris, our security management expert, reviews how the the security group, HR and management should work together to define and enforce employee termination polici...

  • Fraud risk assessment methodologies

    In this Ask the Expert Q&A, our security management expert provides our member with a series of fraud risk assessment factors to address before a policy is created.

  • New IE flaws bring tally to three

    Two more security holes surfaced in Internet Explorer Thursday, on top of one announced Tuesday. Attackers could exploit the latest flaws to install malicious ActiveX controls and read sensitive data.

  • How can I open a closed port so my application can access the Internet?

    In this network security Ask the Expert Q&A, Mike Chapple, our resident expert, reveals what should be done if you need to re-open a closed port to allow an application to work.

  • NetChk Protect 5.5

    Information Security magazine's contributing editor, Wayne Rash , reviews Shavlik Technologies NetChk Protect 5.5

  • Web sites work to punch holes in corporate Web filters

    A growing number of Web sites are providing information and tools to help individuals undermine their organizations' Web security systems. Is it a fight against Big Brother, or a security disaster ...

  • Regulatory Compliance and ISO 27001

    In this excerpt from Chapter 10 of "The Case for ISO 27001," author Alan Calder explains how using ISO 27001 can help information security professionals deal with the challenges of complying with c...

  • With intrusion defense vendors, one size doesn't fit all

    In the final installment of our special series, Intruder Alert, a majority of IT shops say they rely on Cisco and Symantec for intrusion defense, but others say they're just as happy using free ope...

  • Top U.S. universities failing in online privacy

    With the University of Texas the latest to admit it's been hacked, a new national survey shows many of the nation's foremost schools aren't making the grade when it comes to online privacy.

  • Gap analysis procedures

    In this Ask the Expert Q&A, Shon Harris, SearchSecurity's security management expert advises what should be done before a gap analysis is performed, and, provides six common steps of a gap analysis...

  • IE 'object' tag flaw found

    Attackers could launch malicious code and corrupt system memory by exploiting the latest Internet Explorer flaw. Experts suggest avoiding untrusted Web sites.

  • To executives, intrusion defense is a hard sell

    Security administrators say intrusion defense frustrates them not only because executives are reluctant to buy in, but also because even the top products have a long way to go.

  • Security School 2

    Intrusion Defense Security School

  • Employee termination procedures

  • Can a non-administrator change the local administrator password on 50 workstations?

    In this network security Ask the Expert Q&A our resident expert discusses if it's possible to use the login script to change the local admin password.

  • Intruder Alert: Looking at the numbers

    In February, SearchSecurity.com surveyed 307 IT professionals from a variety of industries regarding their intrusion defense programs. Here is a look at some of the questions we asked and the answe...

  • Ideal intrusion defense combines processes and people

    What defines good intrusion defense? In the first installment of our special three-day series, Intruder Alert, IT pros say the best programs not only thwart insiders with bad computing habits, but ...

  • Microsoft customers want more out-of-cycle patches

    Customers say Microsoft was right to issue an out-of-cycle fix for its flawed Windows Explorer patch. In fact, they wish the vendor would do it more often.

  • Security Bytes: More flaws in Mac OS X

    In other news: Financial firms scramble over massive online heist, Symantec warns of Scan Engine flaws and a new Snort-based tool is unveiled.