September 2011

  • Oracle issues out-of-band Apache update

    Oracle Corp. has issued an out-of-band security alert for its Fusion Middleware and Application Server products that addresses an Apache Web server flaw.

  • Role-based access control for effective security management

    Effective role-based access control is vital for properly managing user access rights and enforcing access policies, but avoiding role sprawl can be challenging.

  • Watching the watchers

    In this Security School lesson, expert Andreas explores how to monitor the activities of your most trusted insiders with a combination of policy, process and technology to keep unauthorized access ...

  • Information Security magazine online September 2011

    Learn who won this year's Readers' Choice Awards. Also read about the vulnerability management lifecycle and more.

  • PCI Council issues point-to-point encryption validation requirements

    A new validation program will certify point-to-point encryption systems that use devices for encryption and decryption as well as hardware security modules.

  • Best Authentication Products 2011

    Readers vote on the best digital identity verification products, services, and management systems, including PKI, hardware and software tokens, smart cards.

  • Best Messaging Security Products 2011

    Readers vote on the best antispam, antiphishing, email antivirus and antimalware filtering, software and appliance products, as well as hosted "in-the-cloud" email security services.

  • Best Identity and Access Management Products 2011

    Readers vote on the best identity and access management products, including user identity access privilege and authorization management, single sign-on, user identity provisioning.

  • Best Intrusion Detection/Prevention Products 2011

    Readers vote on the best intrusion prevention/detection products, including network-based intrusion detection and prevention appliances, using signature-, behavior-, anomaly- and rate-based detection.

  • Best Network Access Control Products 2011

    Readers vote for the best NAC products, including appliance, software and infrastructure user and device network access policy creation, compliance, enforcement and remediation.

  • Best Mobile Data Security Products 2011

    Readers vote on the best mobile data security products, including hardware- and software-based file and full disk laptop encryption and removable storage device protection.

  • XACML tutorial: Using XACML as a foundation for entitlement management

    Learn how to use XACML to externalize fine-grained authorization from application logic and support cloud-based IAM initiatives.

  • Intel demonstrates McAfee DeepSAFE security platform

    Intel showcases the potential of McAfee's new hardware security technology, but shares few details about its product strategy.

  • Readers' Choice Awards 2011

    For the sixth consecutive year, Information Security readers voted to determine the best security products. More than 1,500 voters participated this year, rating products in 14 different categories.

  • Best Antimalware Products 2011

    Readers vote on the best business-grade desktop and server antivirus and antispyware products.

  • Readers' Choice Awards 2011

    Readers vote on the best risk assessment and modeling, and policy creation, monitoring and reporting products and services, IT governance, risk and compliance products, and configuration management...

  • Readers' Choice Awards 2011

    Readers vote on the best Web security products, including software and hardware, hosted Web services for inbound and outbound content filtering for malware activity detection and prevention.

  • Readers' Choice Awards 2011

    Readers voted on the best unified threat management products, including UTM appliances that feature firewall, VPN, gateway antivirusm URL Web filtering and antispam.

  • Readers' Choice Awards 2011

    Best Security Information and Event Management Products 2011

  • Readers' Choice Awards 2011

    Readers vote on the best remote access products, including IPsec VPN, SSL VPN, and combined systems and products, as well as other remote access products and services.