Data Loss Prevention, Data Analysis and Classification, Data Security and Cloud Computing, Identity Theft and Data Security Breaches, Enterprise Data Governance, Disk Encryption and File Encryption, Database Security Management
Secure SaaS: Cloud services and systems, Operating System Security, Enterprise Vulnerability Management, Virtualization Security Issues and Threats, Securing Productivity Applications, Software Development Methodology, Web Security Tools and Best Practices, Application Firewall Security, Application Attacks (Buffer Overflows, Cross-Site Scripting), Database Security Management, Email Protection, Open Source Security Tools and Applications, Social media security
Web Authentication and Access Control, User Authentication Services, Identity Management Technology and Strategy
Malware, Viruses, Trojans and Spyware, Smartphone and PDA Viruses and Threats, Emerging Information Security Threats, Information Security Incident Response, Hacker Tools and Techniques: Underground Sites and Hacking Groups, Denial of Service (DoS) Attack Prevention, Security Awareness Training and Internal Threats, Application Attacks -Information Security Threats , Web Server Threats and Countermeasures, Identity Theft and Data Security Breaches, Enterprise Vulnerability Management, Email and Messaging Threats, Web Application and Web 2.0 Threats
Security Industry Certifications, Information Security Jobs and Training, CISSP Certification
ISO 17799, Gramm-Leach-Bliley Act (GLBA), PCI Data Security Standard, HIPAA, Sarbanes-Oxley Act, IT Security Audits, Data Privacy and Protection, FFIEC Regulations and Guidelines, COBIT
Network Security: Tools, Products, Software, Network Protocols and Security, Secure VPN Setup and Configuration, Network Intrusion Detection and Analysis, Wireless Network Security: Setup and Tools, NAC and Endpoint Security Management
Security Industry Market Trends, Predictions and Forecasts, Enterprise Risk Management: Metrics and Assessments, Enterprise Compliance Tools, Business Management: Security Support and Executive Communications, Enterprise Compliance Management Strategy, Disaster Recovery and Business Continuity Planning, Information Security Policies, Procedures and Guidelines, Information Security Laws, Investigations and Ethics, Vendor Management: Negotiations, Budgeting, Mergers and Acquisitions, Information Security Incident Response-Information, Security Awareness Training and Internal Threats, News and analysis from IT security conferences
Definition
Single sign-on (SSO)is a session/user authentication process that permits a user to enter one name and password in order to access multiple applications. The process authenticates the user for all the applications they have been given rights to and eliminates further prompts when they switch applications during a particular session.
Adobe Reader X uses Microsoft's sandboxing technology to block potentially dangerous processes from executing beyond the confines of the software.
Microsoft repaired four vulnerabilities in its Forefront Unified Access Gateway and a critical flaw in Microsoft Office.
Download the entire October 2010 issue of Information Security magazine here in PDF format.
Blogging can produce new leads for security solution providers. Focus on content in your computer security blog that connects with customers.
This penetration testing tutorial contains essential tips to help solution providers uncover vulnerabilities in clients’ networks.
Customers aren’t the only firms that need to comply with regulations. In many cases, solution providers need to be compliant, too.
A look at SaaS encryption techniques and challenges.
Problems with data governance in the cloud aren’t much different than traditional outsourcing.
Cloud customers and cloud providers would face stricter data security requirements under draft European regulation.
Windows Phone 7 security features are proving to be a mixed bag. Sam Cattle assesses the enterprise security pros and cons of the latest Windows mobile platform.
Whether starting your career or planning your next step as an IT security professional, this tip will guide you toward the best certifications for your interests and experience.
SearchMidmarketSecurity.com’s tutorials offer IT professionals in-depth lessons and technical advice on the hottest topics in the midmarket IT security industry. Through our tutorials we seek to provide site members with the foundational knowledge needed to deal with the increasingly challenging job of keeping their organizations secure.
In this special presentation, Mike Rothman details today's top Web application threats and pragmatic methods to integrate security into the Web application development process.
The Ramnit worm now supports man-in-the-middle attacks, giving cybercriminals the ability to drain a victim’s bank account.
Advanced features can reduce the threat of wire fraud. New rule sets can be shared among banks and credit unions.
Microsoft has spurred Browsium to rewrite its tool for running IE6 on Windows 7, limiting the security threat posed by continued use of IE6.
Learn how to apply best practices from the recently released PCI DSS virtualisation guidance to your virtual environment.
Reaction to the European Commission data protection proposals has been largely negative, as many believe the new rules are costly and misdirected.
With a reinvigorated look and feel, improved back-end infrastructure, and regularly updated information about the association the Australian Information Security Association website has been re-launched for the benefit of its members and the Australian IT Security industry.
Patching routing and switching infrastructure in any organisation is often delayed, sometimes due to the potential impact on production systems and sometimes because the IT resources are simply too busy fighting fires.
Australian cloud provider Ninefold warn that understanding who has legal access to company and personal private data is not as simple as checking a box and selecting the 'in-country' option.
Microsoft has spurred Browsium to rewrite its tool for running IE6 on Windows 7, limiting the security threat posed by continued use of IE6.
In an October 2011 regulatory filing, VeriSign said its corporate network was breached in 2010, exposing data on a “small portion” of its systems.
Releases next major update to OS X Lion; pushes out security-only updates to Snow Leopard and other Apple software.