Security Management Strategies for the CIO-
Microsoft takes legal action to shut down Waledac botnet
Federal judge grants Microsoft the ability to shut down hundreds of domain names tied to the Waledac botnet.26 Feb 2010
-
Managing an IE6 upgrade for browser security without SUS or WSUS
Security expert Michael Cobb explains how to upgrade from IE6 for browser security without using SUS or WSUS.26 Feb 2010
-
Same Origin Policy (SOP)
The Same Origin Policy (SOP), also called Single Origin Policy, is a security measure used in Web browser programming languages such as JavaScript and Ajax to protect the confidentiality and integr...25 Feb 2010
-
Voice data security risks on the rise, say experts
New threats to mobile phones place personal information, intellectual property and trade secrets at greater risk of theft from hackers.25 Feb 2010
-
Cloud security issues, targeted attacks to be hot-button topics at RSA
Cloud computing concerns will share the spotlight at this year's 2010 RSA Conference, with ways to defend against the frequency of targeted cyberattacks against corporate networks.25 Feb 2010
-
Smart card security: Disable a lost smart card and track with GPS?
Is it possible to track a lost or stolen smart card with GPS? In this IAM expert response, Randall Gamby gives advice on enhancing smart card security in such a situation.25 Feb 2010
-
Screencasts: On-screen demonstrations of security tools
SearchSecurity.com's screencast series allows top experts to demonstrate popular information security tools and techniques, including UTM configuration, Google hacking, and Snort IDS use.24 Feb 2010
-
How to prevent iPhone spying: Mobile phone management tips
So you have an iPhone, you don't access the Internet, you use a PIN to authenticate and you never let the device out of your site. Michael Cobb explains why iPhone spying still isn't out of the que...24 Feb 2010
-
Interest in data leakage protection, event log management rises
Compliance projects are fueling interest in log management software. Data leakage protection (DLP) technology is also being considered, according to a new survey of security pros.23 Feb 2010
-
A written information security policy (WISP) example for compliance
Looking for a Written Information Security Policy (WISP) example for compliance with the Massachusetts data protection law? In this expert response, Ernie Hayden gives readers just that.23 Feb 2010
-
Secure software development is difficult, but tools, techniques improving, expert says
The SANS Institute and MITRE Corp. issued an update to the CWE/SANS Top 25 Programming Errors List last week, focusing mitigation techniques that could be adopted...22 Feb 2010
-
PCI compliance requirements affect IT risk assessments
In their book PCI Compliance: Understand and Implement Effective PCI Data Security Standard Compliance, authors Dr. Anton Chuvakin and Branden Williams discuss how to best approach PCI compliance...22 Feb 2010
-
How to use hping to craft packets
A packet crafting tool that's been around for a long time, hping can be used to test if ports are open, as well as for firewall testing. Learn how to use hping in this tutorial.22 Feb 2010
-
How secure is an email with a .pdf attachment?
Sending sensitive information in an email or as an attachment is unsafe, and depending on your organization's security policies, could land you in a lot of trouble. Michael Cobb explains why.21 Feb 2010
-
How to secure online collaboration applications like Google Wave
Love them or hate them, online collaboration applications and tools are here to stay. Michael Cobb explains how to secure next-generation communication like Google Wave.21 Feb 2010
-
Security must-haves after building a Web application
Michael Cobb reviews the security devices needed to protect a newly built Web application.21 Feb 2010
-
Will technologies like Vanish help create archived, unreadable data?
Self-destructing data is a nice thought, says Michael Cobb, but we're some ways off from achieving reliable document control of this kind.21 Feb 2010
-
meet-in-the-middle attack
Meet-in-the-middle is a type of attack that can exponentially reduce the number of brute force permutations required to decrypt text that has been encrypted by more than one key. Such an attack mak...19 Feb 2010
-
Should VMware vulnerabilities in JRE impede implementing virtualization?
Could recent VMware vulnerabilities in JRE hamper virtualization implementation? In this expert response, Michael Cobb explains that VMware attacks are theoretical at this point and shouldn't stop ...19 Feb 2010
-
Risk prioritization: DLP for data loss or laptop full disk encryption?
With a limited IT security budget, it's often necessary to undergo risk prioritization and make difficult choices. In this expert response, Ernie Hayden discusses whether it's better to deploy a DL...18 Feb 2010
-
News
-
Latest Headlines
-
Featured
-
Information Security Magazine
The information security pro’s resource for keeping corporate data, applications and devices secure
Download Now!
-
-
-
Premium
Editorial-
E-Books
-
E-Zines
-
E-Handbooks
-
- Multimedia
-
Security
Topics-
Topics
- Enterprise Data Protection
- Application and Platform Security
- Enterprise Identity and Access Management
- Government IT Security Management
- Information Security Threats
- Information Security Careers, Training and Certifications
- Security Audit, Compliance and Standards
- Security for the Channel
- Enterprise Network Security
- Information Security Management
-
Hot Topics
-
-
Tutorials
-
Advice & Tutorials
-
Technology Dictionary
-
-
Expert
Advice-
Tips
-
Answers
-
Ask a Question
-
-
White
Papers-
Research Library
-
Product Demos
-
Resource Centers
-
- Blogs
-
Certification
Central