Security Management Strategies for the CIO
Email Alerts
-
Technical guide to secure collaboration software
TechTarget's Security Media Group presents a comprehensive guide to secure collaboration software. Our experts help you address the security concerns of collaboration and social networking technologies and offer best practices for locking down voice ... E-Book
-
Application security fuide: Scanning production applications
This e-book explores how many of the risks associated with scanning can be avoided with careful planning and by focusing your scans on exploring where and how a system is vulnerable to attack and not trying to simulate an actual attack. Continue read... E-Book
-
Quiz: Choosing a Web security gateway
Check you're up to speed and ready to choose and deploy a Web security gateway. This five-question quiz will test you on the key points we've covered in the webcast, podcast and article in this Security School. Quiz
-
Security policy for PDF use: How to secure PDF files for the enterprise
PDF files are an integral part of many enterprises' business processes, and, as such, they are a prime target for malicious activity. In this learning guide, learn how to secure your organization's PDFs, prevent attacks against them and decide when t... Learning Guide
-
Quiz: Database application security
How much do you know about database application security? Take this short quiz to determine what you've learned. Quiz
-
Quiz: How to build secure applications
Use this five-question quiz to test your knowledge of how to secure your enterprise apps. Quiz
-
The Art of Software Security Testing
Read an excerpt from the book, The Art of Software Security Testing: Identifying Software Security Flaws. In Chapter 11, "Local Fault Injection," the authors explain the proper methods for examining file formats. chapter excerpt
-
How to build secure applications
In this lesson, learn how to build security into the software development lifecycle, implement a practical, efficient change management system and test your applications using a black-box or white box technique. partOfGuideSeries
-
Quiz: Could you detect an application attack?
Take this five-question quiz to test your application security awareness, review common application attacks and learn how to improve application layer logging to detect and protect against these attacks. Security Quiz
-
US-CERT warns of Adobe Shockwave Player threat
An attacker can exploit weaknesses in files intended to extend the functionality of Shockwave Player. No practical solution is available, US-CERT said. News | 18 Dec 2012
-
Ten commandments for software security
Software security expert Gary McGraw provides actionable guidance based on analysis of dozens of software security firms. Opinion | 04 Oct 2012
-
Emergency Adobe update APSB12-19 addresses more Flash Player flaws
Adobe has released updates for six critical vulnerabilities, following a patch just one week ago that addressed other critical flaws. News | 22 Aug 2012
-
Adobe Flash Player security update fixes flaws, issues Firefox shield
Adobe repaired seven dangerous vulnerabilities in its latest Flash Player update and added sandboxing protection for Firefox and Mac users. News | 08 Jun 2012
-
Steve Lipner on the Microsoft SDL, critical infrastructure protection
Microsoft’s senior director of security engineering says core SDL principles should be at the foundation of critical infrastructure system protection. News | 16 May 2012
-
Adobe Flash Player patch fixes critical holes, releases silent automatic updater
Adobe released a bulletin addressing critical flaws in Flash Player and rolled out a silent automatic update feature in Flash 11.2 News | 29 Mar 2012
-
Adobe issues Flash Player update, fixes Adobe XSS zero-day flaw
An Adobe Systems security update fixed seven critical flaws in Flash Player, including a cross-site scripting vulnerability being actively targeted by attackers. News | 16 Feb 2012
-
Adobe issues support for Flash Player sandboxing in Firefox
Adobe has launched the pubic beta of a new Flash Player sandbox feature for Firefox users, making attacks more difficult for cybercriminals. News | 06 Feb 2012
-
Time to ban dangerous apps? Exploring third-party app security
Column: Third-party applications are notoriously hard to patch and often easy to exploit. Is it time to ban applications, or can they be secured with a new approach? News | 27 Jan 2012
-
Adobe repairs critical Reader, Acrobat flaws, adds JavaScript control
The January 2012 update includes repairs to Adobe Reader X and a new feature giving administrators the ability to whitelist JavaScript execution. News | 10 Jan 2012
- See more News on Securing Productivity Applications
-
Time to ban dangerous apps? Exploring third-party app security
Column: Third-party applications are hard to patch and easy to exploit. Is it time to ban some apps, or to take a new approach? Opinion
-
NoSQL security: Do NoSQL database security features stack up to RDBMS?
With NoSQL databases increasingly being used to tackle big data challenges, expert Michael Cobb examines NoSQL security in comparison to RDBMS. Tip
-
SAP security overview: Server-side request forgery attack mitigation
Expert Michael Cobb provides an SAP security overview, including steps enterprises can take to defend against server-side request forgery attacks. Tip
-
Should the new Google privacy policy concern enterprises?
Google’s tentacles reach deep into most enterprises, but should enterprises worry about the new Google privacy policy? Expert Michael Cobb discusses. Tip
-
Exploring Google Chromebook security for the enterprise
The Chromebook is unique among new entrants in the mobile device arena. Mike Cobb breaks down the key Google Chromebook security issues enterprises need to know. Tip
-
How to detect content-type attacks in information security
Malicious attackers have increasingly turned to exploiting vulnerabilities in client-side software. Learn how to detect and prevent these types of attacks in your environment. Tip
-
Secure browsing: Free plug-in lessens social networking security risks
Looking for ways to improve employees' browsing security? Learn about the free SecureBrowsing plug-in from M86 Security that can lessen social networking security risks. Tip
-
Security sandbox program: Defense-in-depth or layered vulnerabilities?
Recently, companies like Adobe and Google have been using sandboxes to aid measures in their applications, but how can sandboxes be useful in the enterprise, and do they just add more vulnerabilities than they're worth? Tip
-
Database application security: Balancing encryption, access control
Database applications are often the epicenter of a company's sensitive data, so security is paramount, but maintaining a balance between security and business use can be tricky. In this tip, Andreas Antonopoulos discusses encryption strategies for da... Tip
-
How to detect software tampering
In their book Surreptitious Software, authors Christian Collberg and Jasvir Nasvir reveals how to tamperproof your software and make sure it executes as intended. Tip
-
Microsoft SharePoint security hinges on authorization, external user management
Management of external user access controls, authentication and authorization are important Microsoft SharePoint security best practices. This is the second of a two-part series of technical tips. Tip
- See more Tips on Securing Productivity Applications
-
The 2013 OWASP Top 10 list: What's changed and how to respond
Expert Michael Cobb highlights the changes made in the 2013 OWASP Top 10 list, including new vulnerabilities and what they mean for enterprises. Answer
-
Why securing internal applications is as important as Web-facing apps
Securing internal applications requires the same due diligence as their Web-facing counterparts. Expert Michael Cobb explains why. Answer
-
How an Adobe Reader zero-day exploit escapes sandboxing capabilities
Expert Nick Lewis explains how a recent zero-day exploit escaped the Adobe Reader sandbox, and whether it's likely to happen again. Answer
-
Foxit Reader vulnerability: Time to find an alternative PDF reader?
Does the latest Foxit Reader vulnerability mean it's time to find an alternative PDF reader? Expert Nick Lewis offers his advice. Answer
-
How to reduce the risk of Flash security issues
A rash of zero-day exploits has one organization looking for ways to reduce the risk posed by Flash running on endpoints. Answer
-
Is Firefox PDF reader a secure alternative to Adobe Reader?
Expert Michael Cobb examines Mozilla’s Firefox PDF reader and discusses whether it is more secure than Adobe Reader. Answer
-
Using EMET to harden Windows XP and other legacy applications
Expert Michael Cobb details how using EMET, a free tool from Microsoft, can harden Windows XP and other legacy applications. Answer
-
Is Google Private Channel more secure than an enterprise app store?
Is the Google Private Channel a more secure option than building an internal enterprise app store? Expert Michael Cobb discusses. Answer
-
Combat Shockwave security issues with a Web security gateway
Expert Michael Cobb discusses Adobe Shockwave security issues highlighted by US-CERT, and details how a Web security gateway is one way to allay them. Answer
-
The updated Makadocs malware: How to protect users locally
Security expert Nick Lewis details how the updated Makadocs malware uses Google Docs as a command and control server and offers mitigations for users. AtE
- See more Expert Advice on Securing Productivity Applications
-
sheepdip (sheep dipping or a footbath)
In computers, a sheepdip (or, variously, sheep dipping or a footbath) is the checking of media, usually diskettes or CD-ROMs, for viruses before they are used in a computer or network. Definition
-
Software security podcast library
SearchSecurity.com is pleased to partner with Gary McGraw to feature his monthly Silver Bullet software security podcasts, which discuss best practices in software security. Podcast
-
RSA 2013: Brad Arkin outlines state of Adobe security, update strategy
Video: Adobe software security chief Brad Arkin discusses how his firm is responding to the recent increase in zero-day flaws. Video
-
Adobe: Flash security and the Microsoft Active Protections Program
Brad Arkin discusses Adobe's strategy to secure Flash Player and its decision to join the Microsoft Active Protections Program. Video
-
Balancing security and performance: Protecting layer 7 on the network
This video will explain options for securing application-layer traffic using network security technologies, architectures and processes, including Layer 7 switches, firewalls, IDS/IPS, NBAD and more. Video
-
The 2013 OWASP Top 10 list: What's changed and how to respond
Expert Michael Cobb highlights the changes made in the 2013 OWASP Top 10 list, including new vulnerabilities and what they mean for enterprises. Answer
-
Why securing internal applications is as important as Web-facing apps
Securing internal applications requires the same due diligence as their Web-facing counterparts. Expert Michael Cobb explains why. Answer
-
How an Adobe Reader zero-day exploit escapes sandboxing capabilities
Expert Nick Lewis explains how a recent zero-day exploit escaped the Adobe Reader sandbox, and whether it's likely to happen again. Answer
-
Foxit Reader vulnerability: Time to find an alternative PDF reader?
Does the latest Foxit Reader vulnerability mean it's time to find an alternative PDF reader? Expert Nick Lewis offers his advice. Answer
-
How to reduce the risk of Flash security issues
A rash of zero-day exploits has one organization looking for ways to reduce the risk posed by Flash running on endpoints. Answer
-
Is Firefox PDF reader a secure alternative to Adobe Reader?
Expert Michael Cobb examines Mozilla’s Firefox PDF reader and discusses whether it is more secure than Adobe Reader. Answer
-
Using EMET to harden Windows XP and other legacy applications
Expert Michael Cobb details how using EMET, a free tool from Microsoft, can harden Windows XP and other legacy applications. Answer
-
Is Google Private Channel more secure than an enterprise app store?
Is the Google Private Channel a more secure option than building an internal enterprise app store? Expert Michael Cobb discusses. Answer
-
Combat Shockwave security issues with a Web security gateway
Expert Michael Cobb discusses Adobe Shockwave security issues highlighted by US-CERT, and details how a Web security gateway is one way to allay them. Answer
-
Software security podcast library
SearchSecurity.com is pleased to partner with Gary McGraw to feature his monthly Silver Bullet software security podcasts, which discuss best practices in software security. Podcast
- See more All on Securing Productivity Applications
About Securing Productivity Applications
Get the latest news and information about the most popular productivity applications. Get information about flaws in Adobe, Microsoft, and Apple applications and more.