Security Management Strategies for the CIOAccess "Java security problems: Is disabling Java the answer?"
This article is part of the October 2012 issue of Security Readers' Choice Awards 2012: Your picks for the best security products
Vulnerability management is a time consuming, complex process and the recent onslaught of attacks on Java hasn't made it any easier. To recap: In August, security researchers reported that attackers were actively exploiting zero-day vulnerabilities in Java. Oracle – not always the quickest on the draw when it comes to fixing flaws – actually released a patch pretty fast only to have security researchers uncover holes in it. All the Java security problems – and a growing track record of security snafus with the popular programming language -- led to calls from a number of security experts to disable Java. Tod Beardsley, Metasploit engineering manager at Rapid7, says that's simply sound advice. "For the Java browser plug-ins, users should disable Java. Unlike Flash, HTML5 or even PDF, it's not ubiquitous technology on the Web…Disabling unnecessary functionality is always good advice – doing so reduces your attack surface," he says. In the enterprise, however, shutting off Java is easier said than done. A number of common business applications such as ... Access >>>
Access TechTarget
Premium Content for Free.
What's Inside
Features
-
-
2012 Readers' Choice Awards
For the seventh consecutive year, Information Security readers voted to determine the best security products. More than 2,000 voters participated this year, rating products in 14 different categories.
-
The hacktivist threat to enterprise security
by Robert Westervelt, News Director
With their goal of damaging corporate reputations, hacktivists aren't your average cybercriminals.
-
2012 Readers' Choice Awards
-
-
Threat prevention techniques: Best practices for threat management
by Diana Kelley, Contributor
A successful threat management program requires effective processes, layered technology and user education.
-
Malware trends: The rise of cross-platform malware
by Moriah Sargent
Security researchers are finding more malware that attacks multiple operating systems.
-
Threat prevention techniques: Best practices for threat management
by Diana Kelley, Contributor
-
Columns
-
Big data issues: Big data analytics offers both rewards and risks
by Steve Durbin, Contributor
Companies are under pressure to take advantage of big data analytics but they should be aware of the risks.
-
The bolt-on information security trend needs to end
by Doug Jacobson and Julie A. Rursch
Unless security is viewed as a core function instead of an add-on, we're bound to repeat the mistakes of the past.
-
Java security problems: Is disabling Java the answer?
by Marcia Savage, Editor
In the wake of recent exploits, experts recommend disabling the programming language but that can be tricky in the enterprise.
-
Big data issues: Big data analytics offers both rewards and risks
by Steve Durbin, Contributor
More Premium Content Accessible For Free
Next-generation firewalls play by new rules
E-Zine
Firewalls started their journey to the next generation at about the same time as the Star Trek TV series. While the products have advanced with ...
Developing your endpoint security management transition plan
E-Handbook
This TechGuide will help you develop your endpoint security management transition plan. Articles focus on overcoming the challenges of Web-based ...
Unlock new pathways to network security architecture
E-Zine
Network security architecture is showing its age at many organizations. With new technology, different data types, and use of multi-generations of ...