March 2007

  • Preventing Web server attacks

    Web servers need constant hardening, testing and monitoring to prevent Web server attacks. In this lesson, learn tactics, policies and best practices for keeping enterprise Web servers safe and sec...

  • Internet complexity, insecurity could stifle innovation, expert says

    Security threats are driving vendors to produce software and devices that automatically update and run only proprietary software with no effort from the end user. The result could be less flexibili...

  • Hackers broaden reach of cross-site scripting attacks

    An explosion of AJAX-based applications has increased the damage that cross-site scripting (XSS) attacks can inflict on machines. A new tool uses XSS flaws to create a botnet.

  • What to consider when deploying NAC products

    There have been some network access control (NAC) success stories, but there has also been a fair share of NAC frustrations and deployment issues. In this expert Q&A, Mike Chapple has questions you...

  • Symantec: Data thieves thrive on zero-day flaws

    According to Symantec's threat report for the second half of 2006, attackers exploited misplaced USB drives and zero-day flaws to steal vast amounts of data. Expect more of the same in 2007.

  • Hacker techniques use Google to unearth sensitive data

    Those who know where to look could use Google to dig up all sorts of sensitive company information, including intellectual property and passwords, one security expert warns.

  • Quiz: Locking down endpoint security

    A five-question multiple-choice quiz to test your understanding of the content presented by expert Joel Snyder in this lesson of SearchSecurity.com's Integration of Networking and Security School.

  • Essential elements of a network access control (NAC) endpoint security strategy

    Don't make the mistake in believing that network access control is simply about endpoint security. In fact, it's about much more. As contributor Joel Snyder writes, understanding the NAC security l...

  • Defending layer 7: A look inside application-layer firewalls

    Run-of-the-mill network firewalls can't properly defend applications. As Michael Cobb explains, application-layer firewalls offer Layer 7 security on a more granular level, and may even help organi...

  • Quiz: Securing your first remote office

    A five-question multiple-choice quiz to test your understanding of the content presented by expert David Strom in this lesson of SearchSecurity.com's Integration of Networking and Security School.

  • Quiz: Using the network to secure the application layer

    A five-question multiple-choice quiz to test your understanding of the content presented by expert Michael Cobb in this lesson of SearchSecurity.com's Integration of Networking and Security School.

  • Securing the application layer

    In this lesson, learn what the main threats are to the application layer, and how to leverage existing tools to help protect against these threats.

  • How IDS-IPS enables business objectives

    In this lesson, learn how key network security practices and technologies can be mapped to business needs

  • Application log management program planning

    In this lesson, learn how to organize an application log management program for the tasks in a regulated environment while avoiding duplication of effort.

  • UC: Securing the converged infrastructure

    To cut costs and increase efficiency, many enterprises are combining disparate communications systems, including email, IM, video conferencing, desk and mobile telephony and voice messaging. In thi...

  • Integration of Networking and Security School

    In our special Integration of Networking and Security School, SearchSecurity.com -- in cooperation with SearchNetworking.com -- offers an in-depth look at how the integration of security-related and networking-related...

  • Spam crackdown: Bloggers take on the SEC

    This week in Security Blog Log: The Securities and Exchange Commission's crackdown of 35 accused spam pushers is getting a mixed reception by bloggers.

  • Can Skype phones threaten an enterprise network?

    There are certainly some security concerns when it comes to Skype technology, but are the phones a serious threat to your enterprise network? In this expert Q&A, Mike Chapple explains what the risk...

  • What are the risks of placing enterprise users in a DMZ?

    A demilitarized zone protects systems from an affected server, but enterprise users themselves should have no place in the DMZ. In this expert Q&A, Mike Chapple explains where they belong.

  • Flaws plague IE 7, Apple, BlackBerry and OpenBSD

    Bug Bytes: IT administrators had to take action to protect their systems from flaws in several programs that are heavily used in the business world.