September 2011

  • Oracle issues out-of-band Apache update

    Oracle Corp. has issued an out-of-band security alert for its Fusion Middleware and Application Server products that addresses an Apache Web server flaw.

  • Role-based access control for effective security management

    Effective role-based access control is vital for properly managing user access rights and enforcing access policies, but avoiding role sprawl can be challenging.

  • Watching the watchers

    In this Security School lesson, expert Andreas explores how to monitor the activities of your most trusted insiders with a combination of policy, process and technology to keep unauthorized access ...

  • Information Security magazine online September 2011

    Learn who won this year's Readers' Choice Awards. Also read about the vulnerability management lifecycle and more.

  • PCI Council issues point-to-point encryption validation requirements

    A new validation program will certify point-to-point encryption systems that use devices for encryption and decryption as well as hardware security modules.

  • Best Network Access Control Products 2011

    Readers vote for the best NAC products, including appliance, software and infrastructure user and device network access policy creation, compliance, enforcement and remediation.

  • Best Messaging Security Products 2011

    Readers vote on the best antispam, antiphishing, email antivirus and antimalware filtering, software and appliance products, as well as hosted "in-the-cloud" email security services.

  • Best Authentication Products 2011

    Readers vote on the best digital identity verification products, services, and management systems, including PKI, hardware and software tokens, smart cards.

  • Best Identity and Access Management Products 2011

    Readers vote on the best identity and access management products, including user identity access privilege and authorization management, single sign-on, user identity provisioning.

  • Best Intrusion Detection/Prevention Products 2011

    Readers vote on the best intrusion prevention/detection products, including network-based intrusion detection and prevention appliances, using signature-, behavior-, anomaly- and rate-based detection.

  • Best Mobile Data Security Products 2011

    Readers vote on the best mobile data security products, including hardware- and software-based file and full disk laptop encryption and removable storage device protection.

  • XACML tutorial: Using XACML as a foundation for entitlement management

    Learn how to use XACML to externalize fine-grained authorization from application logic and support cloud-based IAM initiatives.

  • Intel demonstrates McAfee DeepSAFE security platform

    Intel showcases the potential of McAfee's new hardware security technology, but shares few details about its product strategy.

  • Best Antimalware Products 2011

    Readers vote on the best business-grade desktop and server antivirus and antispyware products.

  • Readers' Choice Awards 2011

    Readers vote on the best risk assessment and modeling, and policy creation, monitoring and reporting products and services, IT governance, risk and compliance products, and configuration management...

  • Readers' Choice Awards 2011

    Readers vote on the best Web security products, including software and hardware, hosted Web services for inbound and outbound content filtering for malware activity detection and prevention.

  • Readers' Choice Awards 2011

    Readers voted on the best unified threat management products, including UTM appliances that feature firewall, VPN, gateway antivirusm URL Web filtering and antispam.

  • Readers' Choice Awards 2011

    Best Security Information and Event Management Products 2011

  • Readers' Choice Awards 2011

    Readers vote on the best remote access products, including IPsec VPN, SSL VPN, and combined systems and products, as well as other remote access products and services.

  • Readers' Choice Awards 2011

    Readers vote on the best vulnerability management products, including network vulnerability assessment scanners, vulnerability risk management, reporting, remediation and compliance, patch manageme...