Security

Network Intrusion Detection and Analysis from searchSecurity.com

Cisco SecureX strategy gets boost with application-aware firewall

News -Under new leadership, the networking giant's security group relaunched Cisco SecureX with several new products, including an application-aware firewall.
Best intrusion detection/prevention products 2011

Magazine -Readers choose the best intrusion detection/prevention products.
network intrusion protection system (NIPS)

Definition -A network intrusion protection system (NIPS) is an umbrella term for a combination of hardware and software systems that protect computer networks from unauthorized access and malicious activity.

The switch to HTTPS: Understanding the benefits and limitations

Answer -Expert Mike Cobb explains the value and limitations of HTTPS, and why making the switch to HTTPS may be easier than it seems.
Use Telnet alternative SSH to thwart Telnet security risks

Answer -The inherently insecure Telnet protocol shouldn’t be used on modern networks. Learn why and what to use in its place.
RSA 2012 talk to offer help understanding IPv6 security issues

News -Understanding IPv6 security issues can be a challenge, but the protocol's co-inventor says enterprises can no longer afford to ignore IPv6 security concerns.

domain rotation

Definition -Domain rotation is a technique use by malware distributors to drive traffic from multiple domains to a single IP address that is controlled by the distributor. The goal of domain rotation is to make it harder for a network administrator to blacklist the malware distributor.

Security School: Cloud app security best practices

AIOG -In this Security School lesson, expert Diana Kelley examines what enterprises need to know about application security in the cloud.
Azure boosts CSA’s STAR

News -Cloud Security Alliance transparency effort expands with addition of Windows Azure.
Microsoft vows to improve cloud service after Azure outage

News -Software giant said it will apply lessons learned after Leap Day outage of its cloud service.

Robert Westervelt, News Director

Contributor -Robert Westervelt is News Director for the TechTarget Security Media Group.
Cloud computing providers and PCI virtualization requirements

Answer -How should an enterprise approach its cloud computing providers following the debut of the PCI virtualization requirements? Charles Denyer explains.
Cloud computing PCI compliance: Is it possible?

Answer -Is enterprise cloud computing PCI compliance possible? Expert Charles Denyer discusses how to use cloud computing and be PCI DSS-compliant.

Using social engineering testing to foster anti-social engineering training

Answer -Worried your users could easily be pwned? Learn about improving social engineering testing to foster anti-social engineering training.
Webmail forensics: Investigating issues with email forwarding security

Answer -Expert Mike Cobb discusses webmail forensics possibilities for dealing with the aftermath of an issue involving an email forwarding security breach.
Email providers push DMARC email authentication to combat phishing

News -DMARC creates an authentication loop that could help people determine the legitimacy of an email.