Security Management Strategies for the CIO
Email Alerts
-
What is the best way to manually test for buffer overflows?
There are two ways of reviewing a program for buffer overflows. Michael Cobb explains how to examine a program's source code and file code. Ask the Expert
-
Protecting exposed servers from Google hacks (and Google 'dorks')
Search engines are now routinely used to find ways of gaining unauthorized access to servers. Michael Cobb explains how to avoid exposing your important data to 'Google dorks.' Ask the Expert
-
Which automated quality assurance tools can be used to test software?
If your application development process is not yet addressing security at all six phases of the lifecycle, now is the time to start. Application security expert Michael Cobb explains which quality assurance tools can help. Ask the Expert
-
Best practices for using restriction policy whitelists
Ed Skoudis discusses which systems should be considered for software restriction policy whitelists, and unveils how whitelisting can improve security. Ask the Expert
-
What ports should be opened and closed when IPsec filters are used?
In this SearchSecurity.com Q&A, application security expert Michael Cobb explains how to set up separate branch IPsec filters that connect with a head office. Ask the Expert
-
Two-tier distributed systems vs. three-tier distributed systems
Mike Rothman discusses the pros and cons of using two-tier distribution systems vs. thee-tier distributed systems. Ask the Expert
-
Should enterprises use open source productivity suites?
Many IT administrators remain wary of open source software, often citing its lack of any warranty protection. Expert Michael Cobb explains why enterprise pros shouldn't worry too much about giving the free tools a try. Ask the Expert
-
Should a Java Runtime Environment (JRE) be kept up to date?
Critical security flaws are often discovered in Java Runtime Environment implementations. Unfortunately, most users don't apply any appropriate patches. Ed Skoudis reveals the security risks posed by a vulnerable JRE. Ask the Expert
-
Should CS2 applications be downloaded to a removable drive?
Even though U3 smart drives can execute Windows-based applications directly, the devices can introduce security risks into the enterprise. Michael Cobb lays out the pros and cons of the technology. Ask the Expert
-
How can copying file and exchanging memory tokens spread malware?
Ed Skoudis explains the malware-related risks of copying files, exchanging memory sticks and downloading emails. Ask the Expert