Security Management Strategies for the CIO-
PCI encryption requirements: Limiting PCI scope with P2P encryption
P2P encryption, or encryption of data in transit, has long been a point of confusion for PCI DSS-bound merchants. In this tip, expert Ed Moyle explains the PCI SSC's recent guidance on P2P encryption.30 Nov 2010
-
Sophos: Mobile device security pressuring antivirus vendors
The shift to mobile devices is pushing security vendors into retooling their traditional signature technologies, according to Sophos's security strategist, James Lyne..30 Nov 2010
-
Video: OSSEC screenshots show how to use the free IDS
An intrusion detection system has become necessary for most enterprises, but they can be both expensive and difficult to configure. In part two of this screencast, learn how to use the free IDS OSSEC.29 Nov 2010
-
Using a Web application honeypot to boost security for Web applications
Honeypots can be a valuable tool for logging and analyzing intrusions, but do you know the disadvantages to setting up a honeypot? Expert Michael Cobb explains some honeypot best practices.29 Nov 2010
-
parameter tampering
Parameter tampering is a form of Web-based hacking event (called an attack) in which certain parameters in the Uniform Resource Locator (URL) or Web page form field data entered by a user are chang...24 Nov 2010
-
SEO poisoning, online shopping risks and threats will greet holiday shoppers
The start of the holiday season is ripe with SEO poisoning, third-party attack ads and spam messages touting deals that are too good to be true, according to security experts.23 Nov 2010
-
New Adobe Reader X fortifies PDF viewer against attacks
Adobe Reader X uses Microsoft's sandboxing technology to block potentially dangerous processes from executing beyond the confines of the software.23 Nov 2010
-
Emerging Threats: Adaptive Strategies to Respond to Evoloving Threats Slides
Access the presentations from the Emerging Threats: Adaptive Security Strategies to Respond to Evolving Threats Seminar!23 Nov 2010
-
IDS vs. IPS: How to know when you need the technology
IDS and IPS are useful security technologies, but how do you know whether your enterprise can benefit from one? In this tip, infosec pro Jennifer Jabbusch offers a few specific use cases to help yo...22 Nov 2010
-
Countdown: Top 5 ways to tune IDS/IPS to meet business needs
In this podcast, we'll count down the top five ways to tune an IDS/IPS to make sure it's meeting the business requirements you purchased it to meet.19 Nov 2010
-
Meeting business goals with network security technologies
This video will discuss how moving from primary business functions to more detailed business tasks can help identify goals that network security can assist in meeting.19 Nov 2010
-
Can honeypots for network security detect a P2P botnet?
Honeypots can be a great network security tool, but are they capable of detecting a P2P botnet? In this expert response, Nick Lewis details how and what kind of threats a honeypot can identify.19 Nov 2010
-
Researchers warn of impending Ares Trojan infections
The Ares Trojan -- for sale via anonymous online money transfer --is being propagated by its unidentified developer as customizable to each of its buyers.19 Nov 2010
-
Security awareness strategy: Weighing optimism vs. pragmatism
Fostering security awareness is a controversial topic and a difficult challenge, but as Senior Site Editor Eric B. Parizo writes, the methods may not be as important as the passion to succeed.18 Nov 2010
-
Web 2.0 threats illustrated
Find the tools needed to balance between security and business in Web 2.0 platforms.17 Nov 2010
-
authentication, authorization, and accounting (AAA)
Authentication, authorization, and accounting (AAA) is a framework for intelligently controlling access to computer resources, enforcing policies, auditing usage, and providing the information nece...16 Nov 2010
-
Honeypots for network security: How to track attackers' activity
Honeypots have long been used to track attackers' activity and defend against coming threats. In this tip, network security expert Anand Sastry describes the different types of honeypots and which ...16 Nov 2010
-
PCI encryption requirements driving widespread adoption, survey finds
Encryption has become generally accepted in the industry, said Larry Ponemon, founder of the Ponemon Institute LLC.16 Nov 2010
-
Using virtual test labs for virtual software testing
Do you know of virtualization that reduces your investment in hardware, space and general overhead? Virtual test labs can do just that. Expert Michael Cobb explains virtual software testing and how...15 Nov 2010
-
Information Security magazine - November issue PDF
Download the complete November 2010 issue of Information Security magazine here in PDF format.15 Nov 2010
-
News
-
Latest Headlines
-
Featured
-
Information Security Magazine
The information security pro’s resource for keeping corporate data, applications and devices secure
Download Now!
-
-
-
Premium
Editorial-
E-Books
-
E-Zines
-
E-Handbooks
-
- Multimedia
-
Security
Topics-
Topics
- Enterprise Data Protection
- Application and Platform Security
- Enterprise Identity and Access Management
- Government IT Security Management
- Information Security Threats
- Information Security Careers, Training and Certifications
- Security Audit, Compliance and Standards
- Security for the Channel
- Enterprise Network Security
- Information Security Management
-
Hot Topics
-
-
Tutorials
-
Advice & Tutorials
-
Technology Dictionary
-
-
Expert
Advice-
Tips
-
Answers
-
Ask a Question
-
-
White
Papers-
Research Library
-
Product Demos
-
Resource Centers
-
- Blogs
-
Certification
Central