June 2007 | Archive by Month | SearchSecurity.com

June 2007

  • sheepdip (sheep dipping or a footbath)

    In computers, a sheepdip (or, variously, sheep dipping or a footbath) is the checking of media, usually diskettes or CD-ROMs, for viruses before they are used in a computer or network.

  • Should ISO 17799 play a role in risk assessment?

    In this SearchSecurity.com Q&A, security pro Mike Rothman offers advice on the best risk assessment procedures, and discusses whether or not ISO 17799 should be involved in the process.

  • JavaScript hijacking

    JavaScript hijacking is a technique that an attacker can use to read sensitive data from a vulnerable Web application, particularly one using Ajax (Asynchronous JavaScript and XML)... (Continued)

  • Vendors admit more cooperation needed on security

    Security leaders from large software vendors pledged to cooperate on embedding more security into their products.

  • Are PCI auditors pitching products?

    Auditors shouldn't be pitching remediation services or products to bring a company into compliance with PCI DSS rules, but some merchants are reporting the practice.

  • The next security acquisition? Here's a wish list

    Instead of guessing which companies will cash out next, Dennis Fisher makes a list of security mergers he'd like to see either for sheer entertainment value or actual customer value ...

  • M&A: Merging network security policies

    Company mergers often call for the consolidation of two different network policies. But before making any final decisions on technology, the staff members of both organizations need to be on the sa...

  • Screencast: How to configure a UTM device

    Unified threat management technologies provide protection against various network attacks, but properly configuring UTM boxes can be a whole other battle. In this exclusive screencast, expert David...

  • defense in depth

    Defense in depth is the coordinated use of multiple security countermeasures to protect the integrity of the information assets in an enterprise... (Continued)

  • Cisco vows to maintain IronPort tech, talent

    As it completes the purchase of IronPort Systems, Cisco vows to maintain IronPort's talent base and make investments to keep its newly-acquired technology fresh.

  • SSNs at risk in government records, lawmakers say

    Americans concerned about ID theft also have to worry about their Social Security numbers' use by the federal government, which leaves them exposed in a variety of records.

  • Quiz: Ensuring compliance across the extended enterprise

    A five-question multiple-choice quiz to test your understanding of the content presented by expert Richard Mackey in this lesson of SearchSecurity.com's Compliance School.

  • Mergers and acquisitions: Building up security after an M&A

    Mergers and acquisitions are common headlines in today's information security world, and that's great news for malicious hackers and data thieves. When companies join forces, they often leave thems...

  • Corporate Mergers and Acquisitions Security Learning Guide

    Mergers and acquisitions are common occurrences in today's information security market. In this SearchSecurity.com Learning Guide, a panel of experts breaks down M&A security priorities and explain...

  • DHS suffered more than 800 cyber attacks in two years

    Senior officials at the Department of Homeland Security acknowledged hundreds of security lapses Wednesday, but said improvements had been made.

  • PCI Council hears complaints, suggestions for changes

    Companies with the most stringent security technologies endure hurdles to comply with PCI DSS. Some firms are turning to the upcoming Burton Group Catalyst Conference for answers.

  • ISO 17799: A methodical approach to partner and service provider security management

    Outsourcing may relieve some of a company's burdens, but handing off business functions doesn't necessarily mean less work for security teams when sensitive information or critical infrastructure h...

  • Understanding PCI DSS compensating controls

    By-the-book PCI DSS compliance scores big points with auditors, but abiding by all the regulations and requirements is a tall order in many organizations. Security management expert Mike Rothman di...

  • Log management push has its roots in compliance

    Log management is expected to be a hot topic at the upcoming Burton Group Catalyst Conference. Experts say log data can help organizations comply with numerous guidelines.

  • HP to acquire SPI Dynamics for Web security

    HP said it would bolster Web site assessments and Web application vulnerabilities with its acquisition of Atlanta-based SPI Dynamics Inc.