-
Security policy for PDF use: How to secure PDF files for the enterprise
PDF files are an integral part of many enterprises' business processes, and, as such, they are a prime target for malicious activity. In this learning guide, learn how to secure your organization's PDFs, prevent attacks against them and decide when t... Learning Guide
-
Quiz: Database application security
How much do you know about database application security? Take this short quiz to determine what you've learned. Quiz
-
Quiz: How to build secure applications
Use this five-question quiz to test your knowledge of how to secure your enterprise apps. Quiz
-
The Art of Software Security Testing
Read an excerpt from the book, The Art of Software Security Testing: Identifying Software Security Flaws. In Chapter 11, "Local Fault Injection," the authors explain the proper methods for examining file formats. chapter excerpt
-
Quiz: Could you detect an application attack?
Take this five-question quiz to test your application security awareness, review common application attacks and learn how to improve application layer logging to detect and protect against these attacks. Security Quiz
-
Time to ban dangerous apps? Exploring third-party app security
Column: Third-party applications are notoriously hard to patch and often easy to exploit. Is it time to ban applications, or can they be secured with a new approach? News | 27 Jan 2012
-
Adobe repairs critical Reader, Acrobat flaws, adds JavaScript control
The January 2012 update includes repairs to Adobe Reader X and a new feature giving administrators the ability to whitelist JavaScript execution. News | 10 Jan 2012
-
Adobe security update being issued for zero-day in Reader, Acrobat for Windows
Adobe has issued a warning about a critical zero-day vulnerability in Adobe Reader and Acrobat for Windows. An emergency security update is scheduled. News | 07 Dec 2011
-
Adobe Flex update patches flaw in Flex application development framework
A coding error in the Adobe Flex SDK could cause developers to create applications with cross-site scripting issues, according to an advisory issued by Adobe Systems. News | 01 Dec 2011
-
Firms struggle to address social networking security risks, survey finds
Many firms rely on antivirus and antimalware technologies to address social networking risks, according to a survey by the Ponemon Institute. News | 03 Oct 2011
-
Measurement first among secure software development benchmarks
One expert says before implementing secure software development benchmarks, take stock of the security of existing applications. News | 20 Sep 2011
-
Hackers target Adobe vulnerabilities, Java vulnerabilities
A new report notes a significant rise in the number of attacks against Adobe and Java vulnerabilities in the last six months. News | 20 Jul 2011
-
Adobe issues fix for Acrobat, Reader to block ongoing Flash attacks
Adobe is fixing a serious vulnerability affecting its Reader and Acrobat products. The update affects current versions of Adobe Reader and Acrobat X for Windows. News | 22 Apr 2011
-
Ongoing attacks target new Adobe Flash Player zero-day flaw
A critical vulnerability in Adobe Flash Player is being targeted in attacks using Microsoft Excel files embedded with malicious Flash files. Article | 14 Mar 2011
-
Rapid7 enhances NeXpose to address Flash security issues
Rapid7 announced NeXpose 4.10.4 to address Adobe Flash security vulnerabilities and cross-site scripting (XSS) attacks. Article | 15 Feb 2011
- See More: News on Securing Productivity Applications
-
Exploring Google Chromebook security for the enterprise
The Chromebook is unique among new entrants in the mobile device arena. Mike Cobb breaks down the key Google Chromebook security issues enterprises need to know. Tip
-
How to detect content-type attacks in information security
Malicious attackers have increasingly turned to exploiting vulnerabilities in client-side software. Learn how to detect and prevent these types of attacks in your environment. Tip
-
Secure browsing: Free plug-in lessens social networking security risks
Looking for ways to improve employees' browsing security? Learn about the free SecureBrowsing plug-in from M86 Security that can lessen social networking security risks. Tip
-
Security sandbox program: Defense-in-depth or layered vulnerabilities?
Recently, companies like Adobe and Google have been using sandboxes to aid measures in their applications, but how can sandboxes be useful in the enterprise, and do they just add more vulnerabilities than they're worth? Tip
-
Database application security: Balancing encryption, access control
Database applications are often the epicenter of a company's sensitive data, so security is paramount, but maintaining a balance between security and business use can be tricky. In this tip, Andreas Antonopoulos discusses encryption strategies for da... Tip
-
How to detect software tampering
In their book Surreptitious Software, authors Christian Collberg and Jasvir Nasvir reveals how to tamperproof your software and make sure it executes as intended. Tip
-
Microsoft SharePoint security hinges on authorization, external user management
Management of external user access controls, authentication and authorization are important Microsoft SharePoint security best practices. This is the second of a two-part series of technical tips. Tip
-
Using Nessus Attack Scripting Language (NASL) to find application vulnerabilities
For anyone who doesn't speak NASL, network security expert Mike Chapple has a firm handle on the Nessus Attack Scripting Language. In this brand-new addition to our Nessus 3 Tutorial, Chapple provides examples of NASL scripts that can find known vuln... Tip
-
PCI compliance and Web applications: Code review or firewalls?
The Payment Card Industry Data Security Standard is about to get a new wrinkle involving Web applications. As of June 30, 2008, to achieve PCI compliance, enterprises must either have their custom Web application code reviewed or install Web applicat... Tip
-
Developing a patch management policy for third-party applications
Enterprises may push the latest critical Windows patches once a month, but here's a dirty little secret: Most organizations don't bother patching their third-party applications. The diversity of client-side software -- including everything from Acrob... Tip
- See More: Tips on Securing Productivity Applications
-
Validating ERP system security and ERP best practices
Is your ERP system security effective? How can you be sure? Expert Mike Cobb offers up some ERP security best practices. Ask the Expert
-
With EMET, Microsoft ranges beyond mitigation security technology
The Enhanced Mitigation Experience Toolkit is designed to help improve your enterprise application security. See how the EMET toolkit can help protect older Windows systems. Ask the Expert
-
Are RealPlayer, Adobe Shockwave vulnerability risks too great for the enterprise?
Adobe Shockwave and RealNetworks RealPlayer are fun and convenient for enterprise users, but are their vulnerabilities worth the risk of having them? Ask the Expert
-
Adobe Flash alternatives: The best way to avoid Adobe Flash malware?
It's no secret that Adobe Flash is plagued with malware, so, do enterprises really need it? In this expert response, Nick Lewis discusses how you can weigh the importance of functionality and security when it comes to Flash. Ask the Expert
-
Adobe Acrobat Reader security: Can patches be avoided?
Security expert Michael Cobb counters recent advice from Fiserv not to install Adobe Reader patches and says these updates are vital to security and must trump user functionality. Ask the Expert
-
SANS Top 25 programming errors: Application security best practices
Learn the SANS Top 25 programming errors and the best practices for application security. Ask the Expert
-
OpenOffice security: Concerns when moving from Microsoft Office
What are the major OpenOffice security concerns when transitioning from Microsoft Office? Security expert Michael Cobb explains the potential vulnerabilities between open source and commercial software. Ask the Expert
-
The benefits of application proxy firewalls
Michael Cobb explains the benefits of application proxy firewalls as compared to other firewall technologies including packet filtering firewalls and stateful inspection firewalls or circuit-level gateways. Ask the Expert
-
How do hackers bypass a code signing procedure to inject malware
In this expert Q&A, Michael Cobb reveals how malicious applications can actually be approved by Symbian's Express Signing procedure. Ask the Expert
-
How to secure a .pdf file
In this expert Q&A, Michael Cobb explains how to avoid malicious content that is embedded into .pdf documents. Ask the Expert
- See More: Expert Advice on Securing Productivity Applications
-
Adobe: Flash security and the Microsoft Active Protections Program
Brad Arkin discusses Adobe's strategy to secure Flash Player and its decision to join the Microsoft Active Protections Program. Video
-
Balancing security and performance: Protecting layer 7 on the network
This video will explain options for securing application-layer traffic using network security technologies, architectures and processes, including Layer 7 switches, firewalls, IDS/IPS, NBAD and more. Video
-
PCI DSS: Best practices for compliance
In this video, learn about the greatest challenges to PCI compliance, as well as dealing with application security for compliance, encryption and compensating controls. Video
-
Time to ban dangerous apps? Exploring third-party app security
Column: Third-party applications are notoriously hard to patch and often easy to exploit. Is it time to ban applications, or can they be secured with a new approach? News
-
Exploring Google Chromebook security for the enterprise
The Chromebook is unique among new entrants in the mobile device arena. Mike Cobb breaks down the key Google Chromebook security issues enterprises need to know. Tip
-
Adobe repairs critical Reader, Acrobat flaws, adds JavaScript control
The January 2012 update includes repairs to Adobe Reader X and a new feature giving administrators the ability to whitelist JavaScript execution. News
-
Adobe security update being issued for zero-day in Reader, Acrobat for Windows
Adobe has issued a warning about a critical zero-day vulnerability in Adobe Reader and Acrobat for Windows. An emergency security update is scheduled. News
-
Adobe Flex update patches flaw in Flex application development framework
A coding error in the Adobe Flex SDK could cause developers to create applications with cross-site scripting issues, according to an advisory issued by Adobe Systems. News
-
Firms struggle to address social networking security risks, survey finds
Many firms rely on antivirus and antimalware technologies to address social networking risks, according to a survey by the Ponemon Institute. News
-
Measurement first among secure software development benchmarks
One expert says before implementing secure software development benchmarks, take stock of the security of existing applications. News
-
Hackers target Adobe vulnerabilities, Java vulnerabilities
A new report notes a significant rise in the number of attacks against Adobe and Java vulnerabilities in the last six months. News
-
How to detect content-type attacks in information security
Malicious attackers have increasingly turned to exploiting vulnerabilities in client-side software. Learn how to detect and prevent these types of attacks in your environment. Tip
-
Adobe issues fix for Acrobat, Reader to block ongoing Flash attacks
Adobe is fixing a serious vulnerability affecting its Reader and Acrobat products. The update affects current versions of Adobe Reader and Acrobat X for Windows. News
- See More: All on Securing Productivity Applications
About Securing Productivity Applications
Get the latest news and information about the most popular productivity applications. Get information about flaws in Adobe, Microsoft, and Apple applications and more.