March 2007

  • What are the security risks of using an alternative browser?

    A product like Internet Explorer may be the market leader, but that doesn't mean a thing when it comes to security. In this expert Q&A, application security expert Michael Cobb examines the vulnera...

  • Quiz: Security information management systems

    A five-question multiple-choice quiz to test your understanding of the content presented by expert Tom Bowers in this lesson of SearchSecurity.com's Intrusion Defense School.

  • Combining NetFlow analysis with security information management systems

    NetFlow, Tom Bowers writes, when used in conjunction with SIMs and correlated with data from other devices and layers, can be an indispensable combination.

  • Are USB storage devices a serious enterprise risk?

    USB drives are common gifts at conferences and trade shows, but how much of a danger are they to your enterprise's network security? In this expert Q&A, Michael Cobb explains the risks of these sto...

  • How to enforce a data destruction policy

    Because of the Sarbanes-Oxley Act, intentional document destruction is now a process that must be carefully monitored. But a "document" takes on many forms, from spreadsheets and emails to instant ...

  • Microsoft investigates Windows Vista Mail flaw

    Attackers could exploit a flaw in Windows Vista Mail to compromise PCs by tricking the user into opening a malicious email attachment. Microsoft is investigating.

  • Flaws haunt protocol tied to national infrastructure

    Also: A weakness is found in Windows settings, Microsoft investigates a new Vista flaw, and flaws are addressed in OpenOffice.org and Firefox.

  • Will using virtualization software put an enterprise at risk?

    A virtualized IT infrastructure can simplify operations and save a company money, but is such an environment secure? In this SearchSecurity.com Q&A, application security expert Michael Cobb explain...

  • Measuring Vista's true security muscle will take time

    Researchers are digging through the Windows Vista code right now, and when they find flaws we'll hear about it. But it's the ones we don't hear about that should keep us up at night.

  • Symantec threat report under the microscope

    This week in Security Blog Log: Infosec professionals dissect Symantec's latest threat report and express a range of views in the blogosphere.

  • Mozilla releases Firefox fix

    One newly-discovered flaw and several glitches introduced in the last update have been fixed with Mozilla's release of Firefox 2.0.0.3 and 1.5.0.11.

  • IBM uses model to understand data governance

    Steven Adler, program director of Data Governance Solutions for IBM and chairman of the Data Governance Council, has been working to understand the growing need for data security, the issues surrou...

  • TJX faces suit from shareholder

    Updated: The Arkansas Carpenters Pension Fund wants access to documents outlining TJX's IT security measures and its response to the data breach.

  • The cost of data breaches: Looking at the hard numbers

    Trying to determine the cost of a data breach is no easy task. After calculating the expenses of legal fees, call centers, lost employee productivity, regulatory fines, stock plummets and customer ...

  • NAC panel says technology may not add up

    A panel discussing the potential of using network access control (NAC) says the technology may not be worth the price of deploying and maintaining it.

  • Anatomy of an attack

    Attackers are more resourceful, determined and prolific than ever before. This lesson will help you know your enemy and understand how to respond to and defend against increasingly complex types of...

  • Intrusion Defense School

    Your organization's ability to fend off spyware, computer viruses and the latest breed of information security threats...

  • Advanced malware, rootkit and Trojan defense

    In a matter of months, the threat landscape has changed dramatically. In this lesson, learn how to thwart sophisticated attacks featuring custom rootkits, Trojans and malware designed to exploit un...

  • Securing Windows Server 2008

    This lesson will provide an overview of the features and enhancements, including read-only domain controllers, Network Access Protection and more.

  • Practical strategies to mitigate insider threats

    In this lesson, learn about monitoring strategies for detection of insider threats and how to breakdown the myths surrounding insider threat detection.