Security Management Strategies for the CIO-
Some IT security certifications are overvalued, analyst says
With the rise in publicity of data breaches, companies are looking at security more seriously than ever, which means they're looking to hire qualified and, often, certified IT security pros. A rece...30 Sep 2009
-
An enterprise strategy for Web application security threats
People Security founder Hugh Thompson reviews the tools and tactics, from security assessments to Web application firewalls, that are essential to an application security strategy.30 Sep 2009
-
Is credit card tokenization a better option than encryption?
Platform security expert Michael Cobb reviews alternatives to encryption that will help protect sensitive data.30 Sep 2009
-
Scanning with N-Stalker offers basic Web application security assessment
In this month's SearchSecurity.com screencast video demo, Peter Giannoulis of TheAcademyHome.com and TheAcademyPro.com introduces N-Stalker, a free Web application security assessment scanner avail...29 Sep 2009
-
How to talk to executives after a data breach
In the wake of a data breach, how do you know when to talk to executives, and, more importantly, what to say? In this expert response, learn how to talk to executives after a data breach.29 Sep 2009
-
SMS attacks against BlackBerry certificate flaw possible
Research In Motion (RIM) is warning that SMS attacks targeting BlackBerry users could take advantage of a certificate handling flaw, tricking users into visiting an attack website.29 Sep 2009
-
University data breach exposes 163,000 women to identity theft
The women were part of mammography study at the University of North Carolina's School of Medicine. The server could have been breached as far back as 2007, officials said.29 Sep 2009
-
IT business justification to limit network access
Are you hoping to limit network access at your organization, but aren't sure how to go about creating an IT business justification for a proxy server? In this expert response, Randall Gamby explain...28 Sep 2009
-
SQL injection protection: A guide on how to prevent and stop attacks
In this SQL injection protection guide get advice on how to prevent and stop SQL injection attacks, also learn best practices on how to detect vulnerabilities.25 Sep 2009
-
Prevent password cracking with password management strategies
Passwords can be the weak link in any organization's security strategy. Learn how to protect your passwords from unauthorized users with these password management strategies from IAM expert Randall...23 Sep 2009
-
Microsoft releases temporary fix for SMB2 zero-day vulnerability
The software giant released an automated fix disabling the server message block until a full patch is released.22 Sep 2009
-
How to prevent ActiveX security risks
Application expert Michael Cobb explains why ActiveX security relies entirely on human judgment.22 Sep 2009
-
How to choose the best IT security certification for pen testing jobs
Looking to get into the world of penetration testing, and you're not sure which certification might help? In this expert response, David Mortman explains how to know if pursuing a certification is ...22 Sep 2009
-
First Data, RSA push tokenization for payment processing
The encryption-token service could compete against vendors offering format preserving encryption to secure payment transactions.22 Sep 2009
-
Will a database anonymization implementation succeed?
Platform security expert Michael Cobb reviews the likelihood of success in a database anonymization implementation.22 Sep 2009
-
security information management (SIM)
Security information management (SIM) is the practice of collecting, monitoring and analyzing security-related data from computer logs. A security information management system (SIMS) automates tha...21 Sep 2009
-
New Bahama botnet evades search engines, fuels click fraud
Researchers at Click Forensics have discovered a new botnet that is evading search engines and responsible for a spike in click fraud traffic and popup adware.18 Sep 2009
-
Security book giveaway: Under-the-radar information security threats
Which enterprise security threat do you think has gone under the radar? Give us your thoughts. Our favorite response will win some great free security training books.18 Sep 2009
-
How SSL-encrypted Web connections are intercepted
Enterprises and attackers alike have found ways to sniff private Web traffic, even when it's encrypted. Sherri Davidoff reviews how encrypted Web connections can be sniffed, and ways that users can...17 Sep 2009
-
Whitelists, SaaS modify traditional security, tackle flaws
It is time for IT professionals to transform security into a capability that is as dynamic as the attack landscape, says security expert Eric Ogren of the Ogren Group.17 Sep 2009
-
News
-
Latest Headlines
-
Featured
-
Information Security Magazine
The information security pro’s resource for keeping corporate data, applications and devices secure
Download Now!
-
-
-
Premium
Editorial-
E-Books
-
E-Zines
-
E-Handbooks
-
- Multimedia
-
Security
Topics-
Topics
- Enterprise Data Protection
- Application and Platform Security
- Enterprise Identity and Access Management
- Government IT Security Management
- Information Security Threats
- Information Security Careers, Training and Certifications
- Security Audit, Compliance and Standards
- Security for the Channel
- Enterprise Network Security
- Information Security Management
-
Hot Topics
-
-
Tutorials
-
Advice & Tutorials
-
Technology Dictionary
-
-
Expert
Advice-
Tips
-
Answers
-
Ask a Question
-
-
White
Papers-
Research Library
-
Product Demos
-
Resource Centers
-
- Blogs
-
Certification
Central