Welcome to SearchSecurity.com's supplement to the latest issue of Information Security magazine. Now that you've read the story in the magazine, continue to explore these topics on SearchSecurity.com.
To Catch a Thief
The computer forensics market is one of the fastest growing areas within information security, driven by profit-driven computer crime, increasing civil and criminal cases, and regulatory demands. Organizations need to establish clear guidelines and procedures for forensics. For those taking the in-house approach, this month's feature shared the basics of a sound forensics policy and process, as well as outlining five essential forensics tools necessary for success. Now, read an excerpt from the book "Cybercrime: Incident Response and Digital Forensics" to learn the benefits of instituting an incident response plan.
>> CLICK TO READ THE EXCERPT
Read how one organization put its incident response plan to work after a Web site defacement.
>> CLICK TO READ THE STORY
The Weakest Link
Application-layer firewalls can inspect the payload of a packet and evaluate its content rather than just examine network addresses and ports. Author Michael Cobb explored the pros and cons of these types of firewalls in this month's issue. Now, ask him your application security questions.
>> CLICK TO ASK A QUESTION
Listen to this webcast for tips on the best ways to secure your Web applications.
>> CLICK TO LISTEN TO THIS WEBCAST
On the Mend
Information Security magazine showed you global pharmaceutical giant Novartis overhauled its security policies and frameworks, and created sophisticated internal and external visibility tools known as heat maps. Using those interfaces, Novartis' security managers can centrally assess risk, identify vulnerabilities, remediate problems--and most importantly, comply with regulatory demands. In this on-demand webcast, you'll get advice for improving the vulnerability management process with an emphasis on tools and techniques that work.
>>CLICK TO LISTEN TO THE WEBCAST
Controlling the Uncontrollable
You've read about the diverse approaches to addressing wireless security issues and the progress made in reducing wireless risks. Now get some best practices for a secure wireless rollout, such as:
>> FIVE STEPS FOR SECURING BLUETOOTH DEVICES
>> TWO APPROACHES FOR COMBINING VPNS AND WIRELESS LINKS
>> GOING BEYOND INTRUSION DETECTION TO STOP A WLAN ATTACK
PING with Desiree Beck
In this month's PING, you met Desiree Beck, technical lead for the Common Malware Enumeration (CME) initiative. CME, which assigns common identifiers to new virus threats, aims to become a common talking point for malicious code. In this full version of the interview, Beck explains how security managers can rely on CME and discusses what CME can learn from its cousin, the CVE identifier included in most vulnerability alerts. >> CLICK TO READ THE PING
Demystifying compliance: A practical approach to data security and availability
Attend this free half-day seminar in Chicago, San Francisco or Philadelphia and learn how to build a foundation of policies, processes and technologies that will support myriad regulations and audit requirements. It will explore how to leverage the "80/20 principle" to establish an essential baseline of controls that fulfill 80 percent of all regulatory requirements. Don't miss this exclusive opportunity -– attendance at each seminar is very limited. Reserve your seat today.
This was first published in November 2005