July 2006

  • encryption

    Encryption is the conversion of data into a form, called a ciphertext, that cannot be easily understood by unauthorized people. Decryption is the process of converting encrypted data back into its ...

  • brute force cracking

    Brute force (also known as brute force cracking) is a trial and error method used by application programs to decode encrypted data such as passwords or Data Encryption Standard (DES) keys, through ...

  • Trojan horse

    In computers, a Trojan horse is a program in which malicious or harmful code is contained inside apparently harmless programming or data in such a way that it can get control and do its chosen form...

  • Crash Course: Spyware

    In general, spyware is any technology that aids in gathering information about a person or organization without their knowledge.

  • virus

    In computers, a virus is a program or programming code that replicates by being copied or initiating its copying to another program, computer boot sector or document.

  • Sample Chief Information Security Officer resume

  • Security Bytes: Data breach affects 100,000 military personnel

    Meanwhile: Phishers use a phone trick to dupe PayPal users; the PCI security standard will get more teeth and a survey illustrates an increase in security breaches.

  • Application layer logging quiz answers

    Application layer logging quiz answers

  • Quiz: Could you detect an application attack?

    Take this five-question quiz to test your application security awareness, review common application attacks and learn how to improve application layer logging to detect and protect against these at...

  • Five freeware tools for mitigating network vulnerabilities

    From Nmap to Snort, there are a variety of viable freeware tools available for information security professionals. In this tip, Michael Cobb reviews five freeware tools and explains why he believes...

  • Network security best practices

    Learn why firewalls are necessary for any developed network security strategy in this network security Ask the Expert Q&A.

  • How to configure and implement a DMZ

    Learn how to design and configure a DMZ in this network security Ask the Expert Q&A.

  • How to recognize a Web site that uses Secure Electronic Transaction

    Learn how Secure Electronic Transaction works in this network security Ask the Expert Q&A.

  • How do circuit-level gateways and application-level gateways differ?

    Learn how circuit-level gateways and application-level gateways differ in this network security Q&A.

  • Are there any Trojans or malware that target Blackberries?

    Use a Blackberry? In this information security threats Ask the Expert Q&A, Ed Skoudis examines what, if any, attacks threaten the stability of its environment

  • Phishing vs. Pharming attacks

    Learn how phishing attacks differ from pharming attacks and whether or not pharming attacks still threaten, in this information security threat Ask the Expert Q&A.

  • How do proxy servers and proxy firewalls differ?

    In this network security Ask the Expert Q&A, SearchSecurity's resident expert Mike Chapple examines how proxy servers and proxy firewalls differ and explains how they work together.

  • Shareware applications vs. commercial software

    Considering using a shareware application? In this information security threats Ask the Expert Q&A, SearchSecurity's resident expert Ed Skoudis examines if commercial software product are more secu...

  • How to prevent cross-site scripting

    Learn how cross-site scripting, a common Web application attack, operates and what Web users and Web developers can do to protect against it, in this information security threats Ask the Expert Q&A.

  • What steps are involved in assessing risk?

    In this identity management and access control Ask the Expert Q&A, SearchSecurity's resident expert reviews the processes involved when conducting a risk assessment.