Security Management Strategies for the CIOLatest Issue
Next-generation firewalls play by new rules
September 2013 Volume 15 / No. 7Issue Highlights
- Firewalls play by new rules
- Cybersecurity: Global risk management moves beyond regulations
- Bridging the IT security skills gap
- Cybersecurity and global risk assessment enter the boardroom
- Converting to cloud: Ranum Q&A with Lee Heath
- Attack security literacy with brute force
Previous Issues
-
Unlock new pathways to network security architecture
July/August 2013 / Volume 15 / No. 6 Includes:- Enterprise mobile security by the numbers
- Unlock new pathways to network security architecture
- Third-party risk management: Horror stories? You are not alone
- Ten years later: The legacy of SB 1386 compliance on data privacy laws
The rapid evolution of MDM solutions
June 2013 / Volume 15 / No. 5 Includes:- Are FedRAMP security controls enough?
- Big data analytics: New patterns emerge for security
- MDM products: More calls to secure a mobile workforce
- Diversity at work: MDM solutions keep pace
May 2013 / Volume 15 / No. 4
Includes:
- Editor’s desk: A chat with Peter G. Neumann
- Reframing compliance with a threat model
- Apple security update: Is it ready for the enterprise?
- Data breach protection requires new barriers
Special Edition, May 2013
Includes:
- The evolution of threat detection and management
Managing identities in hybrid worlds
April 2013 / Volume 15 / No. 3 Includes:- Botnet takedowns: A dramatic defense
- Managing identities in hybrid worlds
- Address IPv6 security before your time runs out
- CISOs: From no seat to multiple hats
March 2013/ Volume 15 / No. 2
Includes:
- Outsourcing security services in the enterprise: Where to begin
- Managing big data privacy concerns: Tactics for proactive enterprises
- Antivirus evasion techniques show ease in avoiding antivirus detection
- Big data creates cloudy security forecast
The China Syndrome: Security factors to consider before buying Chinese IT
February 2013/ Volume 15 / No. 1 Includes:- IT Security Trends 2013: Mobile security concerns tops the list
- The Huawei security risk: Factors to consider before buying Chinese IT
- BYOD security strategies: Balancing BYOD risks and rewards
- Offensive security involves proactive deception tactics
-
Market for vulnerability information grows
Dec. 2012/Volume 14 / No. 10 Includes:- Private market growing for zero-day exploits and vulnerabilities
- Critical infrastructure protection hindered by difficulties, experts say
- Biometric authentication methods: Comparing smartphone biometrics
- Firm pushes software security testing with fugitive tracking system
Seven Outstanding Security Pros in 2012
Nov. 2012/Volume 14/No. 9 Includes:- GRC Management and Critical Infrastructure Protection
- Cloud Compliance: Tackling Compliance in the cloud
- Information Security Decisions: From Dogma to Data
- FISMA Compliance and the Evolution to Continuous Monitoring
Security Readers' Choice Awards 2012: Your picks for the best security products
October 2012 Includes:- The hacktivist threat to enterprise security
- Malware trends: The rise of cross-platform malware
- 2012 Readers' Choice Awards
- Threat prevention techniques: Best practices for threat management
Setting up for BYOD success with enterprise mobile management and mobile application security
September 2012 Includes:- Mobile application security best practices in a BYOD world
- Security as a Service: Benefits and risks of cloud-based security
- Malware analysis tools and techniques failing but researchers aim for improvement
- A new framework for preventing XSS attacks
Establishing an effective internal security pen testing methodology
July/August 2012 Includes:- Three steps for securing SharePoint
- Talk of cyberwarfare threats heats up with Flame malware
- How to pen test: Why you need an internal security pen testing program
- Big data security analytics: Harnessing new tools for better security
Five actions to prepare for today’s external security threats
June 2012 Includes:- CISPA cybersecurity legislation wins industry support
- Security information management systems and application monitoring
- Challenges with data protection in the cloud
- Cybersecurity information sharing initiatives on the rise
New security strategies for the bring-your-own-device era
May 2012 Includes:- Thwarting BYOD risks starts with a mobile security policy, experts say
- Deploying DP systems: Four DLP best practices for success
- Mobile device management systems help mitigate BYOD risks
- VMware strategy for security partners undergoes overhaul
An expert guide to tokenization and using it effectively
April 2012 Includes:- Unified threat management devices for the enterprise
- Understanding tokenization: What is tokenization and when to use it
- Web browser security features make attacks harder
- AMI networks: PKI security considerations
Exploring the benefits of enhanced SIEM products
March 2012 Includes:- Symantec breach highlights remote management holes
- Unlocking the opportunity of SIEM technology
- The RSA breach: One year later
- NGFW: Getting clarity on next-gen firewall features
Combat the latest malware threats with effective antimalware planning
January/February 2012 Includes:- SOPA and PIPA pirating laws lose support in face of opposition
- New malware threats require new antimalware protection strategy
- Mobile device protection: Tackling mobile device security risks
- Tackling SSL vulnerabilities for secure online transactions
-
An insider look at the Windows Vista security review
December 2011 Includes:- SEC guidance clarifies cybersecurity disclosure requirements
- Alternatives to passwords: Replacing the ubiquitous authenticator
- Enterprise digital rights management best practices
- Chris Paget on Vista final software security review
Effectively navigating the security risk assessment process
November 2011 Includes:- VDI security supports active protection strategies
- Cybersecurity threats target lack of SMB security
- PCI council developing point-to-point encryption certification program
- Overcoming obstacles in the security risk assessment process
Spotlight on top security trends of 2011 and Security 7 award winners
October 2011 Includes:- Winners of the 2011 Security 7 Award have their say
- Antimalware product suites: Understanding capabilities and limitations
- Breaches prompt call for certificate authority architecture alternatives
- Medical device security: Does IEC 80001 go far enough?
The top 2011 security products: Information Security Readers' Choice Awards
September 2011 Includes:- Microsoft BlueHat prize wins over Black Hat Crowd
- Best Web security products 2011
- Best Web application firewalls 2011
- Best network access control products 2011
Computer incident response teams are a new line of defense
July/August 2011 Includes:- Striving for better information security intelligence
- Information security market consolidation: A mixed bag
- Turn your computer incident response team into counter-threat operations
- PCI virtualization guidance warns of compliance challenges
BYOD means creating a new security game plan in the enterprise
June 2011 Includes:- Get actionable results from a security information management system
- IT consumerization drives new security thinking
- Revamped FISMA requirements aim to improve federal security
- Data breaches show enterprise need for better data security management
Comprehensive information security programs vital for PCI compliance
May 2011 Includes:- Smartphone encryption, authentication ease mobile management
- Robust information security program key to PCI compliance requirements
- Gaining awareness to prevent social engineering techniques, attacks
- Navigating international data privacy laws
Successful cloud migrations require careful planning
April 2011 Includes:- Application whitelisting: an extra layer of malware defense
- Antivirus vendors go beyond signature-based antivirus
- Key steps for security incident response planning
- Cloud migration requires network retooling
Best practices for securing virtual machines
March 2011 Includes:- Managing client-side security with patch management best practices
- Virtualization 101: Best practices for securing virtual machines
- Choosing the right information security risk assessment framework
- Cloud computing technologies: transformation time
Cloud initiatives are changing roles for information security managers
January/February 2011 Includes:- Enforcing endpoint security
- The state of critical infrastructure security
- Information security roles growing in influence
- The penetration tester is alive and well
-
Inside the Data Accountability and Trust Act and what it means for security
December 2010 Includes:- Vendor risk management and the CISO
- Disaster recovery and contingency planning security considerations
- Understanding the Data Accountability and Trust Act
- Customized malware programs require new response, experts say
Meeting cloud computing compliance mandates
November 2010 Includes:- McAfee product strategy needs focus, analysts say
- Due diligence processes for cloud computing compliance
- Information security professionals on their pay, certifications
- How to use an automated user provisioning system for access control
Security 7 Award winners and the latest on effective security awareness
October 2010 Includes:- Blanca Guerrero: Online banking security is a balancing act
- How to build an effective information security awareness program
- Julie Myers: Implementing an information security strategy in a decentralized environment
- Nick Mankovich: Maintaining health care privacy and security
2010 Security Readers' Choice Awards
September 2010 Includes:- 2010 Information Security magazine Readers' Choice Awards
- Internet privacy tools only go so far
- PCI update could mean clarity or confusion
- Web 2.0 security threats and how to defend against them
Debunking myths about the advanced persistent threat (APT)
July/August 2010 Includes:- Building an information security skills matrix
- Understanding the advanced persistent threat
- The pros and cons of security software-as-a-service
- Security response teams grapple with cloud computing security concerns
Finding affordable encryption options for laptop data security
June 2010 Includes:- Demystifying governance, risk and compliance
- Cloud computing risks and how to manage them
- Symantec acquisitions cement encryption-as-a-feature
- Use full disk or file
How to watch over your data with effective database activity monitoring
May 2010 Includes:- Database activity monitoring keeps watch over your data
- OWASP Top 10 vulnerabilities list adds risk to equation
- Microsoft Windows 7 security features
- The banking malware scourge
Combatting the new security threats of today's mobile devices
April 2010 Includes:- Economic recovery strategies for information security professionals
- ISP shutdown slows Zeus botnet
- Technologies to thwart online banking fraud
- Removable storage device endpoint security and control
Winning strategies for integrating security information management and identity access management
March 2010 Includes:- Knowledge-based authentication poses privacy issues
- Joining security information management systems with identity management systems boosts security
- Creating meaningful information security metrics
- HITECH Act increases HIPAA security requirements
Filling the data protection gap
January/February 2010 Includes:- New data protection laws
- Endpoint DLP fills data protection gap
- Disaster recovery plans and DLP solutions top 2010 priorities
- Attackers zero in on Web application vulnerabilities
-
Step-by-step guide to avoiding basic database security risks
December 2009 Includes:- Writing security policies using a taxonomy-based approach
- Carefully evaluate providers' SaaS security model
- Basic Database Security: Step by Step
- Is New Google Chromium OS a Security Game-Changer?
How to implement a change management that works and reduces security risks
November 2009 Includes:- Integrated change management reduces security risks
- Messaging security risks have upper hand on solutions
- Metasploit Project acquisition ups ante for penetration testing market
- Enterprises must treat Insider risk as they do external threats
Winners of Information Security magazine's Security 7 Award
October 2009 Includes:- Jon Moore: Build a Security Control Framework for Predictable Compliance
- Adrian Perrig: Improve SSL
- TLS Security Through Education and Technology
- Developers Need Help with Security Errors
2009 Security Readers' Choice Awards
September 2009 Includes:- 2009 Information Security magazine Readers' Choice Awards
- Security threats to virtual environments less theoretical, more practical
- Truth, lies and fiction about encryption
- Security best practices in hotels
Why privileged account management is critical to today's data security
July/August 2009 Includes:- Privileged account management critical to data security
- ISP shutdown latest cat-and-mouse game with hackers
- Unified threat management products gaining midmarket, enterprise foothold
- DNSSEC deployments gain momentum since Kaminsky DNS bug
Effective strategies for risk management and security information management systems
June 2009 Includes:- How to write a risk methodology that blends business, security needs
- Mature SIMs do more than log aggregation and correlation
- Risk management must include physical-logical security convergence
- Lack of cloud computing definition adds confusion, risk
How automated compliance solutions can help you plan for your next audit
May 2009 Includes:- Cybersecurity Act of 2009: Power grab, or necessary step?
- Changing times for identity management
- Ease the compliance burden with automation
- Know when you need IDS, IPS or both
Real-world solutions for data loss prevention
April 2009 Includes:- Tying log management and identity management shortens incident response
- Tabletop exercises sharpen security and business continuity
- Data loss prevention benefits in the real world
- Web browsers remain vulnerable to user mistakes
Top considerations for midmarket security
March 2009 Includes:- Five considerations for securing a midmarket company
- How to Secure Cloud Computing
- Choosing the right Web application firewall
- How to secure use of Web 2.0
Improving your network security strategy in a recession
February 2009 Includes:- Product Review: Rohati TNS 100
- Encryption, DLP, disaster recovery top 2009 priorities
- Product Review: IronKey Enterprise Secure Flash Drive
- Product Review: PGP Endpoint
How to be successful with your security steering committee
January 2009 Includes:- Internal auditors and CISOs mitigate similar risks
- Information security steering committee best practices
- Rising Profile
- Product Review: Cenzic Hailstorm Enterprise ARC 5.7
-
Security researchers on biometrics, insider threats, encryption and virtualization
November 2008 Includes:- Product Review: Symark PowerADvantage 1.5
- Security services: Fiberlink's MaaS360 Mobility Platform
- Layoffs, Mergers Put Focus on Data Protection
- Product Review: GuardianEdge Data Protection Platform
Security 7 Award winners sound off on key information security issues
October 2008 Includes:- Security 7 Award winners tackle important information security issues
- LogRhythm product review
- Product Review: Finjan Vital Security NG-5000
- Product Review: Application Security Inc.'s AppDetectivePro
Lessons learned from good and bad NAC implementations
September 2008 Includes:- Product Review: Altor Networks' Virtual Network Security Analyzer (VNSA) 1.0
- Product Review: Workshare Protect Premium 6.0
- Sophos Endpoint Security and Control 8.0 product review
- Security Services: Symantec Online Fraud Protection
Everything you need to know about today's information security trends
July/August 2008 Includes:- Tech FocusShield Your Enterprise
- Windows Server 2003 hardening services ensures better security
- Information Security and Business Integration
- Product Review: RSA Security's RSA enVision
Five crucial virtualization do's and don'ts
June 2008 Includes:- Product review: Klocwork Insight 8.0
- GRC Tools Help Manage Regulations
- Product review: Array Networks SPX2000
- Virtualization server security best practices
Seven questions to ask before committing to SaaS
May 2008 Includes:- Identity Management Suites Enable Integration, Interoperability
- SaaS Offering Handles SSO
- Product review: Mandiant Intelligent Response 1.0
- Secure Computing SafeWord 2008 product review
Security Readers' Choice Awards 2008
April 2008 Includes:- Netgear FVS336G ProSafe Dual WAN Gigabit Firewall product review
- Web security gateways keep Web-based malware at bay
- Product review: Promisec's Spectator
- Readers' Choice Awards '08: IT Security Products of the Year
Reviews of six top Web application firewalls
March 2008 Includes:- Viewpoint: War analogies tread a fine line
- SonicWALL NSA E5500 product review
- Product review: Palo Alto Networks PA-4050
- Novell's Sentinel 6.0 product review
Does security make the grade in Windows Server 2008?
February 2008 Includes:- Survey: Security Pros Identify Priorities for 2008
- Security Services: Postini Message Discovery, Archive editions
- Product review: Application Security Inc.'s DbProtect
- Data Loss Prevention Tools Offer Insight into Where Data Lives
Reflections on the impact of Sarbanes-Oxley
December 2007/January 2008 Includes:- Reflections
- Future
- Milestones
- People
-
Comparing seven top integrated endpoint security suites
November 2007 Includes:- Product review: Workshare Professional 5
- Product review: Paraben's P2 Enterprise Shuttle
- Product review: Seven integrated endpoint security products
- Everdream 7.5 product review: Data encryption, malware protection
Tips from the 2007 Security 7 Awards
October 2007 Includes:- Guardium SQL Guard 6.0 product review
- SonicWALL TZ 180W firewall product review
- Device Management: Pointsec Protector software review
- Achieving Access Control with Symark PowerBroker 5.0
September 2007
Includes:
- SIM and NBA product combination is powerful
- Database Security: Oracle Database Vault
- Intrusion Prevention: Stonesoft's SGI-2000S IPS
- Malware Analysis
CISO survival guide: 18 of the best security tips
July/August 2007 Includes:- Antivirus: ESET's NOD32 Antivirus 2.7
- Securing Extranets
- At Your Service: Veracode's SaaS-based application analysis
- Office Politics
How to tell if you need the help of security integrators and consultants
June 2007 Includes:- Security services firms: When and how to choose the right consultant
- Encryption key management blunders can render deployments useless
- Product review: Unified threat management (UTM) devices
- Product review: nCircle Configuration Compliance Manager
Nine tips to guarding your intellectual property
May 2007 Includes:- Viewpoint: What if you can't afford pen-testing?
- Are you putting information at risk by using contractors?
- Managed security services: Cybertrust's Managed Security Services
- Role-based access controls
Security Products Readers' Choice Awards 2007
April 2007 Includes:- 2007 Readers' Choice AwardsMethodology
- Application Security: 2007 Readers' Choice Awards
- Identity and Access Management product reviews: Readers Choice Awards
- Network Firewalls
Compliance vs. security: Prevent an either-or mentality
March 2007 Includes:- Viewpoint: Creative patch management workarounds
- Risk Policy: Elemental Security Platform product review
- Product review: e-DMZ Security's eGuardPost
- Enterprise UTM products differ from all-in-one SMB appliances
Tips for navigating the maze of global security regulations
February 2007 Includes:- HIPAA privacy records and guidelines: How to achieve compliance
- Vulnerability scanning review: PatchLink's PatchLink Update 6.3
- Events: Information security conferences for February 2007
- At Your Service: February 2007 managed security services news
Keep today's threats close and tomorrow's closer
January 2007 Includes:- Recent Releases: Security product briefs, January 2007
- Mixed Signals
- Core Security Technologies Core Impact 6.0 security tool review
- At Your Service: January 2007 managed services security news
-
What's your biggest information security concern?
December 2006 Includes:- Risk Management: Skybox Security's Skybox View 3.0
- Host-Based IPS
- Finding the best security testing tools for product evaluation
- Avoiding Audit Failure: Getting Advice on PCI Compliance Mistakes
Symantec 2.0: Evaluating their recent acquisitions
November 2006 Includes:- Viewpoint: Three cheers for free and open source software
- Security information management review: Network Intelligence's enVision
- Secure Reads: The Security Risk Assessment Handbook
- Intrusion Detection: Arbor Networks' Peakflow X 3.6
Security 7 Award winners: Simply the best
October 2006 Includes:- Imprivata's OneSign ENA product review
- Antimalware
- Client Firewall
- Secure Reads: Spam kings
The power of SIMs for visibility and compliance
September 2006 Includes:- Data Encryption and IDS
- IPS: Getting a better view of network activity
- Using security information management systems for a posture assessment
- Secure Reads: How technology is endangering your privacy
Special manager's guide: Monitoring identities
August 2006 Includes:- Three Pitfalls to Avoid
- Buyers look for demonstrable success in innovative companies
- IDP
- Network Access Control
Exclusive: Security salary and careers guide
July 2006 Includes:- Information security resume do's and don'ts
- Mobile Device Security
- Calculate You IT Security Salary
- The Right Stuff
Is your data safe from next-generation attackers?
June 2006 Includes:- Configuration Management: FullArmor's FullArmor PolicyPortal
- Intrusion Prevention: McAfee's IntruShield 3000
- Today's Attackers Can Find the Needle
- Reworking Risk Policy
Identity crisis solved: Tips from a top identity management expert
May 2006 Includes:- Safety Net
- Sendmail Sentrion GP product review
- Vulnerability Assessment
- Hot Pick: Q1 Labs QRadar 5.0
Security survivor all stars explain their worst data breaches
April 2006 Includes:- Get a Grip!
- Access Security
- Security Survivor All-Stars
- Transit Safety
Captive to SOX compliance? A compliance guide for managers
March 2006 Includes:- Portable device security: Centennial Software's DeviceWall 3.1
- Hot Pick: NFR Security's Sentivist 5.0
- Compliance Guide for Managers
- Google Hacking: Why being a Google dork is hurting your company
Best-of-breed: Security Products of the Year: 2006
February 2006 Includes:- Hot Pick: Stonesoft's StoneGate SG-4000
- Recent Releases: Security product briefs, February 2006
- Portable device security: Safend's Safend Protector
- Intrusion Prevention: Lucid Security's ipAngel 4.0
January 2006
Includes:
- Recent Releases: Security product briefs, January 2006
- Preventing Data Theft, Combating Internal Threats
- Secure Reads: Security and Usability
- Mining NetFlow
-
Top forensics tools for tracking down cybercriminals
December 2005 Includes:- Application Security: Cenzic's Hailstorm v2.6
- To Catch a Thief
- Thinking Ahead
- Configuration Management: Configuresoft's Enterprise Configuration Manager v4.7
Comparing five of the top network-based inline IPS appliances
November 2005 Includes:- Content Filtering: InterScan Web Security Suite 2.5
- Recent Releases: Security product briefs, November 2005
- On the Line
- Antispyware: SurfControl's Enterprise Threat Shield 3.0
Security 7 Award winners unmasked
October 2005 Includes:- Security Seven Awards
- Antivirus: F-Secure's Anti-Virus Client Security 6.0
- Security Gateway
- Antispyware: Blue Coat Systems' Spyware Interceptor SI-1
What's the best IT security advice you've ever received?
September 2005 Includes:- Sizing up e-mail appliances
- Recent Releases: Security product briefs, September 2005
- Single Sign-On
- A Field Guide to Passive Reconnaissance and Indirect Attacks
Betting the house on network anomaly detection systems
August 2005 Includes:- Password Security
- Paper or PKI?
- Wireless security review: Juniper Networks' Netscreen-5GT Wireless
- Hot Pick: Elemental's Elemental Compliance System 1.1
Why business managers are a breed of security professional
July 2005 Includes:- nCircle's IP360 Vulnerability Management System product review
- Linux's Best Friend
- The Business Case for Network Security: Advocacy, Governance and ROI
- All Aboard!
With SSL VPNs on the offense, will IPSec VPNs eventually be benched?
June 2005 Includes:- Unwelcome Callers
- E-mail Security: Symantec Mail Security 8200 series
- TriGeo Network Security's TriGeo Security Information Manager 3.0
- Secure Reads: The Black Book on Corporate Security
Keeping on top of risk management and data integrity essentials
May 2005 Includes:- Instant Messaging: Akonix L7 Enterprise 4.0
- Recent Releases: Security product briefs, May 2005
- Trust Us
- Desktop Security: GreenBorder Enterprise Security
Spotlight on the incident response hot seat
April 2005 Includes:- Secure Reads: The Executive Guide to Information Security
- Antivirus: Kaspersky Anti-Virus Business Optimal 5.0
- Warning Lights
- Security information management review: Security Threat Manager 3.0
What are botnets and how can you prepare for them?
March 2005 Includes:- Guardians of the Crown Jewels
- Configuration Management: St. Bernard Software's SecurityEXPERT 1.0
- BARRIER1 Model 50 product review
- Double-Check with Routers
12 security lessons for CISOs they don't teach you in security school
February 2005 Includes:- Secure Reads: The Network Security Bible
- SSHv2: Safe & Secure
- In MSSPs We Trust
- IronPort C-Series Messaging Gateway: Antivirus, Antispam tool
How security pros can benefit from information sharing
January 2005 Includes:- Hot Pick: F5 Networks' FirePass 4100 Series
- Vulnerability Mismanagement
- Key to the World
- Recent Releases: Security product briefs, January 2005
-
Help! Evaluating AV solutions and tech support
October 2004 Includes:- The self-defending network: Is it real technology or market speak?
- Preventing spyware and third-party attacks
- Antivirus vendor review 2004: Is AV customer support dying?
- The downside of cybercrime investigation and prosecution
Mission critical: Securing the critical national infrastructure
September 2004 Includes:- Web app security devices highlight source code vulnerabilities
- U.S. critical infrastructure security: Highlighting critcal infrastructure threats
- Outsourcing best practices: Identifying offshoring risks
- Patch deployment best practices: Rushing patches isn't always better
Weight lifter: Appliances that lighten your security load
August 2004 Includes:- Cut security costs with all-in-one appliances and firewall policies
- Enhancing security risk management with cyberinsurance
- Service-level agreement advantages and disadvantages
- Data security failure: How the government broke our trust
Olympic trials: Securing the summer games
July 2004 Includes:- Acceptable use policies will minimize email risks
- USB security tokens may not be as secure as you think
- Will intrusion prevention systems live up the hype?
- How to prevent phishing scams and protect customers
Exposed: Why your AV software is failing to protect you
June 2004 Includes:- Antivirus software comparison, 2004: Not all AV products are equal
- Physical and IT Security: Overcoming Security Convergence Challenges
- NAC best practices and technologies to meet corporate security policy
- Six Sigma and CMM models offer security best practices
Are you secure? Adam Putnam says, "Prove it!"
May 2004 Includes:- Why and how the CISO job description is changing
- Using email spam filtering techniques to get rid of spam
- Should new information security laws include auditing requirements?
- Secure data transmission with wireless access controllers
Depth charge: Survey shows big spending on defense in depth
April 2004 Includes:- The future of software security vulnerabilities
- IT security spending 2004: Firms diversify as security budgets tighten
- Ensure audit success with sound security audit procedures
- Audit failure: How one lab raised IT security awareness and its audit grade
Screen test: App-layer controls beef up perimeter firewalls
March 2004 Includes:- Making an example: Enforcing company information security policies
- Military information technology: Computer network defense in Iraq
- Ensure secure routing protocols with access control best practices
- How to sell risk assessment benefits to IT execs
Closing the gap: How to decide when (and if) to patch vulnerabilities
February 2004 Includes:- Red-zone defense: Products to prevent IP Leakage
- Cyberspace security liability lawsuits on the rise?
- A Patch in Time: Considering automated patch management
- SOX section 404: Improving security with executive communications
IDSes takes aim: Emerging "target-based" systems improve intrusion defense
January 2004 Includes:- Business continuity roles improve security incident management
- 'Targeted' perimeter defense improves network-based intrusion detection systems
- Passive scanning: A new take on network vulnerability scanning
- Ron Rivest, RSA Algorithm Creator, discusses issues with micropayments
-
IPSec vs. SSL VPNs: Which cures your remote access ills?
August 2003 Includes:- Tunnel vision: Choosing a VPN -- SSL VPN vs. IPSec VPN
- VPN fast facts: True or false?
- History of IPSec, SSL VPN products: How will the market change?
- Case study: SSL VPN enables secure remote email access
Balancing act: Security resource planning helps manage IT risk
July 2003 Includes:- SRP evaluation criteria: Tools to enable security as a process
- Using decision-tree modeling to determine paths of attack
- How to address SAN architecture security weaknesses
- Review: Configuresoft ECM 4.5 prevents security configuration errors
Defense-in-Depth: Securing the network from the perimeter to the core
June 2003 Includes:- Designing a defense-in-depth network security model
- Keeping security initiatives on track through executive, management turnover
- Roundtable: Practical strategies for enterprise-wide risk management
- The security risk management lifecycle framework
Buying spree: 2003 product survey results
May 2003 Includes:- Buying IT security products? Learn to recognize vendor hype
- Using identity management tools to manage user accounts, populations
- Enterprise Inspector: A must-have for Microsoft vulnerability scanning
- Profile: Gil Shwed, Check Point co-founder, CEO
Unwrapping Windows Server 2003: An exclusive first look at Microsoft's new OS
April 2003 Includes:- Merging firewalls: Making your enterprise more secure with Sidewinder
- Exposing and addressing wireless security concerns
- Checklist for secure wireless LAN deployment
- Keeping WLANs safe with WLAN security tools
Dollars and sense: Getting the security budget you need -- and spending it wisely
March 2003 Includes:- Roundtable: Advice on IT security budget management
- Testing and comparing vulnerability analysis tools
- Vulnerability scanners: Not the best tools for network perimeter defense
- Beefing up security with BIG-IP load balancer
Trustworthy yet? An inside look at what's changed after a year of Microsoft Trustworthy Computing
February 2003 Includes:- Microsoft security improving, while Trustworthy security lacks effort
- NetIQ's five-point security architecture
- How to address enterprise IT security concerns with executives
- Microsoft Security Response Center revamps its patch processes
Negative exposure: Web scanners reveal unknown holes
January 2003 Includes:- Web application security scanners: How effective are they?
- More cybersecurity laws needed for operational IT security
- The declining need of accelerator cards
- Product review: ForeScout Technologies's ActiveScout 2.5
All TechTarget E-Zines
-
- ALM and Agile Strategies
- BI Trends + Strategies
- Business Agility Insights
- Business Applications Digest
- Business Information
- Channel Strategies
- CIO Decisions
- Cloud Development Digest
- Computer Weekly
- Customer Experience Exchange
- CWEurope
- Exchange Insider
- Health IT
- High-Performance Computing
- IT in Europe
- MicroScope
- Modern Infrastructure
- Network Evolution
- Private Cloud
- Pulse
- SharePoint Insider
- SQL Server Insider
- Storage magazine
- Virtual Data Center