• Security Schools

  • All-in-One Guides

  • Black Hat 2011: Special conference coverage

    Most recent news coverage:

    Sophos software design, implementation critically flawed, says researcher
    LAS VEGAS – Critical components of endpoint security vendor Sophos LLC’s antivirus engine recently underwent an intense review from a security researcher, and the results – revealed today at Black Hat 2011 – were not kind to the product.

    Vulnerability hunter Tavis Ormandy, who by day is an information security engineer at Google Inc., was expected to release his findings in a paper following his presentation at Black Hat, along with a spate of tools used in his dissection of the Sophos engine. Ormandy said his analysis found that Sophos software uses weak or outdated cryptography in the way it builds and matches virus signatures, relies on obfuscation for security too often, and fails to comprehend certain exploitation techniques, among other problems.

    Read the rest of the story here.

  • Readers' Choice Awards 2011

    For the sixth consecutive year, Information Security readers voted to determine the best security products. More than 1,500 voters participated this year, rating products in 14 different categories.

    Methodology
    Respondents were asked to rate only the products in use in their organization, and rate each product based on criteria specific to each category. For each criteria, respondents scored the product on a scale of one (poor) to five (excellent). In addition, each criteria was given a weighted percentage to reflect its importance in that category.

    Winners were based on the cumulative weighted responses for each product category criteria. Editors arrived at a product's overall score by calculating the average score it received for each criteria, applying the weighted percentage and adding the adjusted scores.

  • 2011 Security 7 Award winners

    Information Security magazine announces the winners of the seventh annual Security 7 Awards. The Security 7 Awards recognize the efforts, achievements and contributions of practitioners in the financial services/banking, telecommunications, manufacturing, retail, government/public sector/non-profit, education and health care/pharmaceutical industries. This year’s winners span the range of security professionals, from the founders of a series of unique security events, to an influential legislator fostering improved information sharing between the public and private sectors, to a CISO who has had great success with tabletop exercises.

    Each of the seven winners was asked to write a first-person essay on a subject matter they are passionate about. The winners represent the best the information security profession has to offer, and their perspectives serve as important benchmarks for the industry today.

  • Eye On IT Security

    SearchSecurity.com's Eye On series takes an in-depth look each month at a security topic of key concern to enterprise information security professionals. The series explores an information security topic by bringing together new expert tips, news stories of interest, video interviews and podcasts from SearchSecurity.com and its sister sites. The series aims to dig deeper, identifying trends, emerging technologies and other ways enterprises are bolstering their defenses to address the rapidly changing threat landscape.

  • Wireless Lunchtime Learning Security School

    There are many different types of enterprise wireless local area networks (WLANs). Some grow organically as business demands dictate, others are built from a rigid network design plan, and a few exist despite a strict policy against WLANs. But with any type of network, Wi-Fi poses risks to your network.

    SearchSecurity.com's Wireless Lunchtime Learning Security School allows information security professionals to develop an in-depth understanding of those risks and their countermeasures in a format that's convenient for you.

    Each lesson's featured video runs approximately 25-30 minutes, the perfect length to slip into a lunch break. And each video is supported by a series of short technical tips that help you to apply the principles of the video to your own network infrastructure. All of these resources are available on demand, so you can learn on your own schedule.

    How much do you know about enterprise wireless LAN security? Test your knowledge of how to secure a wireless LAN before jumping into the Wireless Security School Lessons.

  • RSA Conference 2012: Special Conference Coverage

    TOP STORIES:
    RSA Conference 2012 keynote prescribes intelligence-driven security

    RSA’s Arthur Coviello urged security pros to break down silos and intelligence-driven security programs, or face a tough year.

    Dan Kaminsky offers unconventional wisdom on security innovation

    Luminary Dan Kaminsky, known for his DNS research, pushed RSA Conference 2012 attendees toward security innovation by upending conventional wisdom.

    Research into cryptographic system limitations crucial, RSA panel says

    Researchers testing some of the most relied upon cryptographic algorithms are making progress in breaking them, according to experts on the 2012 RSA Conference Cryptographer’s Panel.

    Follow our coverage on Twitter: @searchsecurity, @mike_mimoso, @rwestervelt, @marciasavage

  • Introduction to IDS IPS: Network intrusion detection system basics

    An enterprise has a lot to consider when making the decision to incorporate a network intrusion detection system (IDS) into its network architecture, as well as its security strategy.

    This one-page guide, which is a part of the SearchSecurity.com IDS/IPS Security Guide, acts as an introduction to both IDS and network intrusion prevention system (IPS) technology. Here, security professionals will gain some insight on how to determine which IDS/IPS technology is right for their enterprise, and will learn more about the differences between the two technologies.

  • Intrusion detection: How to use IDS IPS tools to secure the enterprise

    Conceptually, intrusion detection and intrusion prevention are essential in order to keep the enterprise secure, and, thankfully, there are several intrusion detection system (IDS) and intrusion prevention system (IPS) commercial and open source tools on the market that can alleviate some of the headaches associated with deploying and managing these technologies.

    In this mini learning guide, which is a part of the SearchSecurity.com IDS/IPS Security Guide, security managers and professionals will learn about the features and capabilities of some of the most popular IDS/IPS tools available today, and well has how to use them.

  • IPS IDS best practices: Implementation and deployment

    Proper implementation of intrusion detection and prevention systems (IDS/IPS) in the enterprise requires some research and skill. Security managers must ensure the type of system they want to deploy has all of the features they need and is compatible with their environment, and be aware of implementation best practices.

    In this mini learning guide, which is a part of the SearchSecurity.com IDS/IPS Security Guide, security pros will learn more about IPS/IDS best practices for deployment and implementation in the enterprise.

  • Wireless intrusion detection systems: WLAN security and protection guide

    Wireless networks are a favorite target of malicious hackers, making wireless intrusion prevention systems (WIPS) an essential element of every enterprise’s network security strategy.

    In this mini learning guide, which is a part of the SearchSecurity.com IDS/IPS Security Guide, security managers and staff will learn more about wireless intrusion detection systems and WLAN security, including how to use a WIPS to monitor wireless traffic to prevent attacks and detect malicious access, as well as best practices on setting up and managing a WIPS.

  • Data Protection Security School

    SearchSecurity.com Security SchoolSearchSecurity.com's Data Protection Security School will help infosec professionals formulate a comprehensive strategy and pinpoint technologies that can help them secure sensitive information throughout the network -- including data in motion and data at rest.

    SearchSecurity.com is always looking for ideas for future lessons in our Data Protection Security School. Contact us if you have feedback on this school or ideas for future content.

  • Is RDP secure? Guide to Microsoft RDP security, secure remote access

    The Microsoft Windows Remote Desktop Protocol (RDP) has recently gained a lot of attention for having a variety of exploitable security flaws, causing many enterprises to ask the question: Is RDP secure? Is the best solution to disable RDP on enterprise clients?

    This mini learning guide, which is a collection of both news and technical content from SearchSecurity.com, examines the recent Microsoft RDP security vulnerabilities and how these problems could negatively affect an enterprise, as well as remote access security issues and best practices.

  • Black Hat 2012: Special Conference Coverage

    Black Hat is one of the premier venues for information security researchers to demonstrate hacking techniques, serious software vulnerabilities and other weaknesses that pose a threat to enterprises and individuals. The Black Hat 2012 Conference consists of training sessions for malware analysts, security response teams, forensics investigators and other IT security pros, followed by two days of briefings where top security researchers highlight their reverse engineering projects and present their latest vulnerability findings in the areas of authentication, encryption and software security. The work is applied to a variety of hardware and software systems.

    This year's session tracks focus on mobile threats and weaknesses, attack detection and defenses, and software exploitation. The Black Hat 2012 event sheds light into dangerous emerging threats and often prompts predictions of future problems that could hinder security and privacy.

  • Enterprise mobile device security 2012

    In the second quarter of 2012, the editors of SearchSecurity.com surveyed nearly 500 enterprise information security professionals on mobile device security in the enterprise. This special report examines the results of the survey and offers analysis of what the results mean for enterprise mobile security now and in the years to come.

  • Intrusion Defense School

    Your organization's ability to fend off spyware, computer viruses and the latest breed of information security threats hinges on the strength and cohesion of your intrusion defense strategy.

    Intrusion Defense School focuses on network intrusion prevention and detection key defense elements -- antivirus, antispyware, IDS/IPS, etc. -- to help you implement an information security strategy that meets your organization's needs.

  • Integration of Networking and Security School

    In our special Integration of Networking and Security School, SearchSecurity.com -- in cooperation with SearchNetworking.com -- offers an in-depth look at how the integration of security-related and networking-related team, products and processes is affecting enterprise network security.

    SearchSecurity.com is always looking for ideas for future lessons in our Integration of Networking and Security School. Contact us if you have feedback on this school or ideas for future content.

  • Readers' Choice Awards 2012

    For the seventh consecutive year, Information Security readers voted to determine the best security products. More than 2,000 voters participated this year, rating products in 14 different categories.

    Methodology
    Respondents were asked to rate only the products in use in their organization, and rate each product based on criteria specific to each category. For each criteria, respondents scored the product on a scale of one (poor) to five (excellent). In addition, each criteria was given a weighted percentage to reflect its importance in that category.

    Winners were based on the cumulative weighted responses for each product category criteria. Editors arrived at a product's overall score by calculating the average score it received for each criteria, applying the weighted percentage and adding the adjusted scores.

  • RSA Conference 2013: Analysis, video and news from RSA

    Top stories: RSA 2013: Experts struggle to define offensive security, hacking back

    Is offensive security or 'hacking back' a viable cyberdefense tactic? RSA Conference 2013 experts struggled to define the terms, never mind the role they play.

    RSA 2013 crowd awed by live 'sinkholing' in P2P botnet takeover

    Tillmann Werner of CrowdStrike wowed onlookers with a live 'sinkholing' demonstration, taking down the Kelihos P2P botnet.

    RSA 2013: FBI offers lessons learned on insider threat detection

    At RSA Conference 2013, experts from the FBI said insider threat detection hinges not on technology, but on a multifaceted 'people-centric' approach.

  • Choosing security products: DLP technology

    Data leakage can be simply defined as the accidental or intentional exposure of sensitive information. To counter this ever-present threat, data loss prevention (DLP) products have become a critical technology to many enterprises. Even though many purchases are driven by regulatory compliance or the desire to avoid negative ramifications associated with a data breach, DLP tools offer undeniable value in helping enterprises develop a deeper understanding of their data.

    Organizations typically purchase DLP technology to address three major challenge areas, each with its focus and product options:

    • Data in motion. It's a fact of life: Sensitive data traverses every enterprise network. Network-aware data loss prevention tools can "sniff" traffic and are primarily used for detection and prevention.
    • Data at rest. Sensitive data can be stored in various file types and databases. Host-based DLP protections address this data, ranging from encryption to localized detection and prevention agents.
    • Data in use. For data to provide value, it must be accessible to applications and users. This data may require both host-based and network-based data loss prevention capabilities to properly monitor and protect it.

    This guide offers enterprises a primer for choosing a DLP security product, detailing the key capabilities to look for in winning DLP products.

  • Choosing security products: Enterprise antimalware software, appliances

    Enterprise antimalware has taken some hits lately. Its effectiveness has been called into question, both for detecting run-of-the-mill viruses and larger advanced cyberattacks, and many feel it's no longer worth the money. But it's not time to pull the plug just yet.

    Enterprise antimalware is still a valuable technology in ensuring network and endpoint security. In this special segment of our Choosing security products, Mike Rothman of Securosis details what to look for in winning enterprise antimalware software and appliances.