In information technology, security is the protection of information assets through the use of technology, processes, and training.
This was last updated in February 2007
Data Loss Prevention, Data Analysis and Classification, Data Security and Cloud Computing, Identity Theft and Data Security Breaches, Enterprise Data Governance, Disk Encryption and File Encryption, Database Security Management
Secure SaaS: Cloud services and systems, Operating System Security, Enterprise Vulnerability Management, Virtualization Security Issues and Threats, Securing Productivity Applications, Software Development Methodology, Web Security Tools and Best Practices, Application Firewall Security, Application Attacks (Buffer Overflows, Cross-Site Scripting), Database Security Management, Email Protection, Open Source Security Tools and Applications, Social media security
Web Authentication and Access Control, User Authentication Services, Identity Management Technology and Strategy
Malware, Viruses, Trojans and Spyware, Smartphone and PDA Viruses and Threats, Emerging Information Security Threats, Information Security Incident Response, Hacker Tools and Techniques: Underground Sites and Hacking Groups, Denial of Service (DoS) Attack Prevention, Security Awareness Training and Internal Threats, Application Attacks -Information Security Threats , Web Server Threats and Countermeasures, Identity Theft and Data Security Breaches, Enterprise Vulnerability Management, Email and Messaging Threats, Web Application and Web 2.0 Threats
Security Industry Certifications, Information Security Jobs and Training, CISSP Certification
ISO 17799, Gramm-Leach-Bliley Act (GLBA), PCI Data Security Standard, HIPAA, Sarbanes-Oxley Act, IT Security Audits, Data Privacy and Protection, FFIEC Regulations and Guidelines, COBIT
Network Security: Tools, Products, Software, Network Protocols and Security, Secure VPN Setup and Configuration, Network Intrusion Detection and Analysis, Wireless Network Security: Setup and Tools, NAC and Endpoint Security Management
Security Industry Market Trends, Predictions and Forecasts, Enterprise Risk Management: Metrics and Assessments, Enterprise Compliance Tools, Business Management: Security Support and Executive Communications, Enterprise Compliance Management Strategy, Disaster Recovery and Business Continuity Planning, Information Security Policies, Procedures and Guidelines, Information Security Laws, Investigations and Ethics, Vendor Management: Negotiations, Budgeting, Mergers and Acquisitions, Information Security Incident Response-Information, Security Awareness Training and Internal Threats, News and analysis from IT security conferences
In information technology, security is the protection of information assets through the use of technology, processes, and training.
This is an excerpt from the book Security Metrics: A Beginner’s Guide . Author Caroline Wong discussing strategies for managing a team of stakeholders
Recent BSIMM3 study results provide guidelines for why executive support for the software security lifecycle is so important. Michael Cobb explains.
Legislation is aimed at stopping piracy, but security professionals and industry groups say it could weaken security, hamper innovation and limit competition among small businesses and startups.
VARs expect customers to increase spending on security more than any other IT area in 2012. See which security segments will grow the most.
Blogging can produce new leads for security solution providers. Focus on content in your computer security blog that connects with customers.
This penetration testing tutorial contains essential tips to help solution providers uncover vulnerabilities in clients’ networks.
Deciding whether your cloud provider is a business associate comes down to a judgment call based on the type of cloud usage.
A look at SaaS encryption techniques and challenges.
Problems with data governance in the cloud aren’t much different than traditional outsourcing.
Windows Phone 7 security features are proving to be a mixed bag. Sam Cattle assesses the enterprise security pros and cons of the latest Windows mobile platform.
Whether starting your career or planning your next step as an IT security professional, this tip will guide you toward the best certifications for your interests and experience.
SearchMidmarketSecurity.com’s tutorials offer IT professionals in-depth lessons and technical advice on the hottest topics in the midmarket IT security industry. Through our tutorials we seek to provide site members with the foundational knowledge needed to deal with the increasingly challenging job of keeping their organizations secure.
In this special presentation, Mike Rothman details today's top Web application threats and pragmatic methods to integrate security into the Web application development process.
The Ramnit worm now supports man-in-the-middle attacks, giving cybercriminals the ability to drain a victim’s bank account.
Advanced features can reduce the threat of wire fraud. New rule sets can be shared among banks and credit unions.
New DDoS statistics suggest hactivist groups are to blame for an increase in the number and types of DDoS attacks across the Internet.
New Web application vulnerability statistics show the number of vulnerabilities is rising, despite the use of Web application development frameworks.
Microsoft has spurred Browsium to rewrite its tool for running IE6 on Windows 7, limiting the security threat posed by continued use of IE6.
With a reinvigorated look and feel, improved back-end infrastructure, and regularly updated information about the association the Australian Information Security Association website has been re-launched for the benefit of its members and the Australian IT Security industry.
Patching routing and switching infrastructure in any organisation is often delayed, sometimes due to the potential impact on production systems and sometimes because the IT resources are simply too busy fighting fires.
Australian cloud provider Ninefold warn that understanding who has legal access to company and personal private data is not as simple as checking a box and selecting the 'in-country' option.
Financial major IDFC set out to craft its information security awareness initiative with a portal that led users via a ‘Mafia don’s den’. Step in for more.
While organizations focus on mobile security and other emerging threats, an analysis of more than 2,000 penetration tests conducted by Trustwave found older threats often overlooked.
Our BackTrack 5 PDF tutorials collection will help you hone your edge, whether you are a security professional or an enthusiast. Best yet, they are free!