Security Management Strategies for the CIO-
Content-aware IAM: Uniting user access and data rights
In the world of IT security, IAM and data protection have generally kept to their separate corners. That trend, however, may be shifting with the onset of content-aware IAM that merges granular use...
-
Aligning network security with business priorities
Too often, network security administrators have their security budget requests nixed by executives because they weren't able to align their requests with business priorities. In this tip, learn how...
-
Data protection tips for corporate compliance leaders
Author Rebecca Herold explains why compliance professionals need to understand data protection issues in order to successfully do their job.
-
An enterprise strategy for Web application security thr
People Security founder Hugh Thompson reviews the tools and tactics, from security assessments to Web application firewalls, that are essential to an application security strategy.
-
Scanning with N-Stalker offers basic Web application se
In this month's SearchSecurity.com screencast video demo, Peter Giannoulis of TheAcademyHome.com and TheAcademyPro.com introduces N-Stalker, a free Web application security assessment scanner avail...
-
How SSL-encrypted Web connections are intercepted
Enterprises and attackers alike have found ways to sniff private Web traffic, even when it's encrypted. Sherri Davidoff reviews how encrypted Web connections can be sniffed, and ways that users can...
-
PCI DSS compliance requirements: Ensuring data integrit
Want to make sure you have secure data for PCI DSS? One of the first steps is making sure the data you're trying to secure is the right data. Security management expert David Mortman explains how t...
-
Lifecycle of a network security vulnerability
In a chapter excerpt from Practical Intrusion Analysis: Prevention and Detection for the Twenty-First Century,author Ryan Trost reveals the full process of providing intrusion detection system coverage...
-
How to prepare for an information security job intervie
Lee Kushner and Mike Murray offer tips on how to impress possible employers after finally nailing down an information security job interview.
-
Security on a budget: How to make the most of authentic
Working on an identity and access management project can be hard enough without having to worry about sufficient funding. In this tip, learn how to leverage existing identity and access management ...
-
How a corporate Twitter policy can combat social networ
Despite the recent security risks, there is no reason to completely shut down Twitter use in the enterprise. There are, however, important policy controls and technologies that need to be put in pl...
-
Understanding PCI DSS compliance requirements for log m
Proper PCI DSS compliance requires effective event log management, but many enterprises fail to not only gather all the relevant data, but also analyze and remediate the results. Forrester Research...
-
Information security management hype: Debunking best pr
The phrase "best practices" gets tossed around frequently in the security industry, but what does it really mean? Are enterprises actually implementing these best practices in information security,...
-
Screencast: BackTrack 4 offers an arsenal of penetratio
Peter Giannoulis of TheAcademyPro.com and TheAcademyHome.com demonstrates BackTrack 4, the final version of the venerable pen-testing live Linux-based CD distribution.
-
Cyberwarfare and the enterprise: Is the threat real?
Recently, there has been a great deal of press about massive botnets and killer denial-of-service attacks. So how concerned should you really be about cyberwarfare? The threat is real, says contrib...
-
Top social networking sites to boost your information s
Information security professionals who are not using LinkedIn, Facebook and Twitter could be missing out on potentially valuable opportunities to advance their careers. In this month's Information ...
-
Network access control technology: Over-hyped or underu
Thinking of deploying network access control (NAC) technology in your enterprise, but aren't sure if its capabilities have finally caught up to its hype? In this expert tip, Mike Chapple offers an ...
-
Are 'strong authentication' methods strong enough for c
If multifactor authentication is so great, why hasn't it replaced the password? Michael Cobb reviews the hype surrounding strong authentication. There are more drawbacks than you think.
-
Smoothwall video: Smoothwall firewall offers defense in
Peter Giannoulis of TheAcademyHome.com and TheAcademyPro.com details why Smoothwall may be a smart choice to protect SMBs or lower-priority assets on the cheap
-
Strategies for using technology to enable automated com
Enterprise compliance programs depend on a variety of people, data and processes, so it's no surprise that many organizations seek to implement automated compliance with the help of technology. How...
-
A smarter, programmatic approach to SOX compliance
After 11 years of Sarbanes-Oxley and other mandates, enterprises have finally embraced holistic compliance program management as a best practice.
-
Next-gen firewalls improve application awareness
Learn how next-gen firewalls offer improved application awareness and granularity to manage or block particular application features.
-
Choosing the right IT security framework
Expert Joe Granneman introduces several IT security frameworks and standards, and offers advice on choosing the right one for your organization.
-
Anyka - Fotolia
The role of sandboxing in advanced malware detection
Expert Brad Casey details how advanced malware detection products rely heavily on sandboxing technology, though it's not a cure all for enterprises.