Q&A with Aaron Turner: Whitelisting is on enterprise blacklist

Securing Productivity Applications

Email Alerts

Register now to receive SearchSecurity.com-related news, tips and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • Database application security: Balancing encryption, access control

    Database applications are often the epicenter of a company's sensitive data, so security is paramount, but maintaining a balance between security and business use can be tricky. In this tip, Andreas Antonopoulos discusses encryption strategies for da... 

  • How to detect software tampering

    In their book Surreptitious Software, authors Christian Collberg and Jasvir Nasvir reveals how to tamperproof your software and make sure it executes as intended. 

  • Microsoft SharePoint security hinges on authorization, external user management

    Management of external user access controls, authentication and authorization are important Microsoft SharePoint security best practices. This is the second of a two-part series of technical tips. 

  • Using Nessus Attack Scripting Language (NASL) to find application vulnerabilities

    For anyone who doesn't speak NASL, network security expert Mike Chapple has a firm handle on the Nessus Attack Scripting Language. In this brand-new addition to our Nessus 3 Tutorial, Chapple provides examples of NASL scripts that can find known vul... 

  • PCI compliance and Web applications: Code review or firewalls?

    The Payment Card Industry Data Security Standard is about to get a new wrinkle involving Web applications. As of June 30, 2008, to achieve PCI compliance, enterprises must either have their custom Web application code reviewed or install Web applicat... 

  • Developing a patch management policy for third-party applications

    Enterprises may push the latest critical Windows patches once a month, but here's a dirty little secret: Most organizations don't bother patching their third-party applications. The diversity of client-side software -- including everything from Acrob... 

  • A new twist on PCI DSS: Visa's Payment Application Best Practices

    The Payment Card Industry (PCI) Security Standards Council is poised to issue another mandate, this time adding Visa's Payment Application Best Practices (PABP) into the compliance mix. New contributor Stephen Cobb examines Visa's controls and how bu... 

  • How to avoid dangling pointers: Tiny programming errors leave serious security vulnerabilities

    For years, many have said that there is no practical way to exploit a dangling pointer, a common application programming error. But these software bugs should no longer be thought of as simple quality-assurance problems. Michael Cobb explains how th... 

  • Google Desktop gets scarier

    As if the threats posed by Google Desktop weren't enough, Google's latest release is chock-full of new dangers -- especially to enterprises. In this tip, security guru Mike Chapple reviews Google Desktop 3 and its "Search Across Computers" feature, a... 

  • How to tame Google Desktop

    Although not classified as spyware, if left unmanaged and unmonitored desktop search engines, like Google Desktop, can introduce serious security concerns. This tip examines these risks and explains how to block or secure Google Desktop in the enterp...