April 2007 | Archive by Month | SearchSecurity.com

April 2007

  • Can a certificate authority be trusted?

    It's important to verifiy a root certificate's legitimacy, but with hundreds of issued certificates, the task can be overwhelming. In this expert Q&A, Ed Skoudis reveals what research needs to be d...

  • Can keyloggers monitor mouse clicks and keyboard entries?

    Keyloggers may be a security manager's best friend, especially if he or she wants to monitor an employee's keyboard entries. Keyloggers can't do it all, though, says application expert Michael Cobb.

  • Symantec fixes flaw in multiple products

    In other vulnerability news, a critical flaw is found in Adobe Photoshop and Cisco fixes flaws affecting a number of its products.

  • More from SearchSecurity.com -- April 2007

    In the April 2007 edition, Information Security recognizes the best security technology with its Readers' Choice awards.

  • Database defenses for a new era of threats

    All too often, precious corporate databases containing customer records and other sensitive data are forgotten or ignored. This lesson offers an overview of the basic tools needed to secure a compa...

  • Executing a data governance strategy

    Today data is siloed in many applications and databases with no documentation on how trusted it is and the relationships among applications that capture and use data. In this lesson, learn how you ...

  • Enterprise strategies for protecting data at rest

    Many of today's data security breaches can be attributed to lost data. While security pros often focus on network soft spots, storage and e-discovery practices are often overlooked. This lesson wil...

  • E-discovery and security in the enterprise

  • How to build secure applications

    In this lesson, learn how to build security into the software development lifecycle, implement a practical, efficient change management system and test your applications using a black-box or white ...

  • Preventing data leaks

    Today's most devastating security breaches often originate from within. In some cases, insiders accidentally or inadvertently leak confidential or proprietary IP. In other cases, insiders commit co...

  • Mitigating Web 2.0 threats

    As companies look to cut costs, Software as a Service has gained ground in the enterprise. Similarly, social networking sites like Facebook and LinkedIn are must-haves in today's workplace. David S...

  • Locking down database applications

    In this lesson, learn how to secure database apps by building roles and privileges and monitoring access to prevent insider abuse, plus satisfy regulators by properly segregating duties and limitin...

  • Data Protection Security School

    SearchSecurity.com's Data Protection Security School will help infosec professionals formulate a comprehensive strategy and pinpoint technologies that can help them secure sensitive information thr...

  • Data loss prevention

    While every CSO and security manager knows the importance of protecting sensitive data, there is still a big gap between that understanding and the actual implementation of tools to do the job. Thi...

  • Data encryption demystified

    Five years ago, security professionals needed a deep understanding of cryptography to make encryption work. Today, thanks to advancements in "practical" cryptography, data encryption is more user-f...

  • Is it possible to prevent email forwarding?

    For professionals who send sensitive information through email, it may be useful to prevent message forwarding. Not so fast, says Ed Skoudis. SearchSecurity.com's information security threat expert...

  • Will disabling thumb drives affect keyboard and mouse functions?

    Shutting down USB drives altogether may be a wise decision for your enterprise, but what does that mean for systems that rely exclusively on USB for the keyboard and mouse? Security threat expert E...

  • Websense to acquire SurfControl

    Websense says its planned $400 million acquisition of SurfControl will allow it to better compete in the global security market.

  • Should USB token data be copied to a hidden directory called 'IEDW?'

    If the data from your USB token is being copied into a hidden directory called "IEDW," be extra cautious. Whether spyware is the root of the problem or not, security threat expert Ed Skoudis explai...

  • Mac hack puts Apple faithful on the defense

    This week in Security Blog Log: A much-hyped QuickTime exploit threatens Mac OS X and Windows browsers, but the Apple faithful feel the greatest sting.