Access "Editor's Desk: Can someone call an exterminator?"
This article is part of the February 2007 issue of Tips for navigating the maze of global security regulations
Flaw finders are packaging their efforts into slick month-of bug projects. But are we more secure for it? As this industry matures, even the bug finders are getting a little slick. They've taken a few pages from the vendors' playbook and recently productized their findings--packaging and launching them in what they've called "month-of" projects. It all started last summer with the month of the browser bugs, followed by the month of kernel bugs and the month of Apple bugs. It sounds like a good idea on paper. You force the hand of vendors to fix known bugs. But the vendors are inundated with bugs (unfortunately) and haven't seemed to react to these tactics. Instead the month-of projects are just giving hackers easier access to information. Next I want to highlight a story that was driven by our editorial advisory board. Since many members work at multinational organizations, our board asked for more information on global security and privacy regulations. And rightly so. It doesn't get more confusing than the raft of global regulations that security ... Access >>>
Premium Content for Free.
Unified threat management: Fortinet's FortiGate 3600A
Fortinet's FortiGate 3600A
Unencrypted data at rest is data at peril.
New tools target ISPs to stop botnets
Security vendors are bringing the botnet fight to ISPs and carriers.
Intrusion Prevention: Juniper Networks' ISG 2000 with IDP
Juniper Networks' ISG 2000 with IDP
Endpoint Security: ScriptLogic's Desktop Authority 7.5
ScriptLogic's Desktop Authority 7.5
- At Your Service: February 2007 managed security services news
- Events: Information security conferences for February 2007
- Unified threat management: Fortinet's FortiGate 3600A
Security system products latest releases: Archsight, Finjan, Sophos
Get information, such as price, features, protection and support, on the most recently released versions of security products, such as Archsight logger and Sophos Security Suite.
Vulnerability scanning review: PatchLink's PatchLink Update 6.3
PatchLink's PatchLink Update 6.3
IPS by the Numbers
Choosing the right intrusion prevention technologies and products is a complex task, but following these six steps will make it simpler.
Information security blueprint for architecture and systems
A formalized security architecture diagrams how you should handle the changing threat and regulatory environments.
HIPAA privacy records and guidelines: How to achieve compliance
Learn how to achieve compliance with HIPAA certification and learn to avoid and fix risks with password security, privacy regulations, records, guidelines.
Cyber-Ark Enterprise Password Vault 4.0 product review
by Tom Bowers, Contributor
Product review of Cyber-Ark Enterprise Password Vault, a password management and security tool that manages passwords and controls privileged accounts.
Organizations sending data abroad must be prepared to comply with a slew of privacy and security regulations.
- Security system products latest releases: Archsight, Finjan, Sophos
More Premium Content Accessible For Free
Cloud and mobility in the enterprise has caused a heightened need for organizations to take a closer look at next generation authentication ...
Virtualization and cloud computing are part and parcel of enterprise networks today. Virtualization security, however, is still a bolt-on affair ...
Mobile device security is one of the biggest nightmares InfoSec pros face in the era of bring your own everything (BYOE). Simply banning employees ...