March 2007

  • Preventing Web server attacks

    Web servers need constant hardening, testing and monitoring to prevent Web server attacks. In this lesson, learn tactics, policies and best practices for keeping enterprise Web servers safe and sec...

  • Internet complexity, insecurity could stifle innovation, expert says

    Security threats are driving vendors to produce software and devices that automatically update and run only proprietary software with no effort from the end user. The result could be less flexibili...

  • Hackers broaden reach of cross-site scripting attacks

    An explosion of AJAX-based applications has increased the damage that cross-site scripting (XSS) attacks can inflict on machines. A new tool uses XSS flaws to create a botnet.

  • Symantec: Data thieves thrive on zero-day flaws

    According to Symantec's threat report for the second half of 2006, attackers exploited misplaced USB drives and zero-day flaws to steal vast amounts of data. Expect more of the same in 2007.

  • What to consider when deploying NAC products

    There have been some network access control (NAC) success stories, but there has also been a fair share of NAC frustrations and deployment issues. In this expert Q&A, Mike Chapple has questions you...

  • Hacker techniques use Google to unearth sensitive data

    Those who know where to look could use Google to dig up all sorts of sensitive company information, including intellectual property and passwords, one security expert warns.

  • Essential elements of a network access control (NAC) endpoint security strategy

    Don't make the mistake in believing that network access control is simply about endpoint security. In fact, it's about much more. As contributor Joel Snyder writes, understanding the NAC security l...

  • Quiz: Locking down endpoint security

    A five-question multiple-choice quiz to test your understanding of the content presented by expert Joel Snyder in this lesson of SearchSecurity.com's Integration of Networking and Security School.

  • Defending layer 7: A look inside application-layer firewalls

    Run-of-the-mill network firewalls can't properly defend applications. As Michael Cobb explains, application-layer firewalls offer Layer 7 security on a more granular level, and may even help organi...

  • Quiz: Securing your first remote office

    A five-question multiple-choice quiz to test your understanding of the content presented by expert David Strom in this lesson of SearchSecurity.com's Integration of Networking and Security School.

  • Securing the application layer

    In this lesson, learn what the main threats are to the application layer, and how to leverage existing tools to help protect against these threats.

  • Quiz: Using the network to secure the application layer

    A five-question multiple-choice quiz to test your understanding of the content presented by expert Michael Cobb in this lesson of SearchSecurity.com's Integration of Networking and Security School.

  • Application log management program planning

    In this lesson, learn how to organize an application log management program for the tasks in a regulated environment while avoiding duplication of effort.

  • How IDS-IPS enables business objectives

    In this lesson, learn how key network security practices and technologies can be mapped to business needs

  • Integration of Networking and Security School

    In our special Integration of Networking and Security School, SearchSecurity.com -- in cooperation with SearchNetworking.com -- offers an in-depth look at how the integration of security-related and networking-related...

  • UC: Securing the converged infrastructure

    To cut costs and increase efficiency, many enterprises are combining disparate communications systems, including email, IM, video conferencing, desk and mobile telephony and voice messaging. In thi...

  • Spam crackdown: Bloggers take on the SEC

    This week in Security Blog Log: The Securities and Exchange Commission's crackdown of 35 accused spam pushers is getting a mixed reception by bloggers.

  • Learning on SearchSecurity.com

    Learning Section for SearchSecurity.com homepage

  • ADVICE on SearchSecurity.com

    ADVICE Section on SearchSecurity.com

  • Can Skype phones threaten an enterprise network?

    There are certainly some security concerns when it comes to Skype technology, but are the phones a serious threat to your enterprise network? In this expert Q&A, Mike Chapple explains what the risk...