Security Management Strategies for the CIO-
Class C2
Class C2 is a security rating established by the U.S. National Computer Security Center (NCSC) and granted to products that pass Department of Defense (DoD) Trusted Computer System Evaluation Crite...30 Sep 2008
-
IT security not valued at many firms, study finds
A study conducted by research firm IDC found that IT security is seen as an obstacle to business innovation.30 Sep 2008
-
Screencast: How to use Nipper to create network security reports
Peter Giannoulis of The Academy.ca demonstrates how to use Nipper, a free open source network infrastructure parser tool.30 Sep 2008
-
Sun launches open source OpenSSO for identity management
Sun integrates access management, federation and secure Web services in its new OpenSSO Enterprise30 Sep 2008
-
Data loss study points out employee missteps
Visiting banned websites, altering security settings and other bad behavior puts corporate data at risk.30 Sep 2008
-
Oracle DBAs cite lack of security measures
A new survey conducted by the Independent Oracle Users Group found that many organizations are failing to use database security tools and lock down critical systems.29 Sep 2008
-
Kaminsky: DNS issue still major threat
Dan Kaminsky, discoverer of a severe DNS vulnerability, says there are a number of complicated systems still vulnerable to attack.29 Sep 2008
-
Johannes Ullrich: ISC, stealthy malware
SANS Chief Research Officer Johannes Ullrich discusses the Internet Storm Center (ISC), information sharing and the state of malware.27 Sep 2008
-
principle of least privilege (POLP)
The principle of least privilege (POLP) is the practice of limiting access to the minimal level that will allow normal functioning. Applied to employees, the principle of least privilege translat...26 Sep 2008
-
New certification targets software security
(ISC)2's new Certified Secure Software Lifecycle Professional certification is for security and project managers, and helps them influence developers to boost security.25 Sep 2008
-
Cisco releases router patches to plug critical flaws
Symantec elevates threat level in wake of Cisco vulnerabilities.25 Sep 2008
-
IBM announcements mark two years of ISS marriage
The ISS unit has produced a number of updates, including unified threat management for small businesses and a virtual appliance for its network intrusion prevention system (IPS).25 Sep 2008
-
Browser attack technique poses serious threat
Called clickjacking, the technique enables the attacker to force a user to click on a specific link. Researchers say the technique has been underestimated.25 Sep 2008
-
Hardware security guru, Defcon badge maker films TV show
Joe Grand, the owner of Grand Idea Studio and one of the former members of the L0pht hacking crew, has carved out a unique niche for himself in the security community. Known as a hardware security ...24 Sep 2008
-
Mozilla issues update to repair critical Firefox flaws
Firefox 3.0.2 fixes several vulnerabilities that could be remotely exploited by a hacker to gain access to sensitive data.24 Sep 2008
-
How to get information security buy-in from the executive team
When pitching security to the big bosses, it's important to brush up on public-speaking skills and lay out the case in advance. Mike Rothman gives his recommendations on how to prepare for a securi...23 Sep 2008
-
IronPort feature detects exploited websites
IronPort's cloud scanning feature classifies sites based on the risk they pose.23 Sep 2008
-
Certification still pays for CISSPs, CISMs
New survey results from Foote Partners, finds security pros who have earned their CISSP, CISM or GIAC Security Expert certification are among those whose salaries continue to rise.23 Sep 2008
-
What value do research firms provide to their subscribing enterprises?
What benefit do research firms provide to their subscribers, and how can subscribers get the most benefit from the research firm's analysis? Security management expert Mike Rothman weighs in.22 Sep 2008
-
McAfee to acquire Secure Computing
McAfee announces its intention to acquire Web and network security company Secure Computing for $465 million.22 Sep 2008
-
News
-
Latest Headlines
-
Featured
-
Information Security Magazine
The information security pro’s resource for keeping corporate data, applications and devices secure
Download Now!
-
-
-
Premium
Editorial-
E-Books
-
E-Zines
-
E-Handbooks
-
- Multimedia
-
Security
Topics-
Topics
- Enterprise Data Protection
- Application and Platform Security
- Enterprise Identity and Access Management
- Government IT Security Management
- Information Security Threats
- Information Security Careers, Training and Certifications
- Security Audit, Compliance and Standards
- Security for the Channel
- Enterprise Network Security
- Information Security Management
-
Hot Topics
-
-
Tutorials
-
Advice & Tutorials
-
Technology Dictionary
-
-
Expert
Advice-
Tips
-
Answers
-
Ask a Question
-
-
White
Papers-
Research Library
-
Product Demos
-
Resource Centers
-
- Blogs
-
Certification
Central