Security Management Strategies for the CIO-
Recovering lost passwords with Cain & Abel
In his latest screencast, Peter Giannoulis of The AcademyPro.com demonstrates how to use the Cain & Abel tool to decipher or track down lost passwords..
-
How to block adult websites from enterprise users by lo
Inappropriate content has always been a problem for enterprise security teams. What are some best practices for blocking adult content and websites from systems? In this security management tip, le...
-
Strategies for email archiving and meeting compliance r
According to a recent study, 29% of surveyed IT professionals archive their email for compliance reasons. Michael Cobb reviews compliance regulations that demand email archiving and how such produc...
-
Book chapter: IPv6 implementation security issues
IPv6 is becoming a reality, but the network-layer protcol is far from perfect. In Chapter 1 of his new book, "IPv6 Security," author Eric Vyncke reviews some vulnerabilities.
-
Are Windows Vista security features up to par?
Expert Michael Cobb explains why attempts to bypass Windows Vista memory protections don't necessarily mean that the operating system lacks security.
-
Security book chapter: Applied Security Visualization
In this section of Chapter 5: Visual Security Analysis (.pdf), author Raffael Marty discovers the forensic analysis of log data for discovering attacks and reporting incidents.
-
Screencast: How to scan with Nmap
Peter Giannoulis takes a look at everybody's favorite, freely available port scanner and OS identifier: Nmap.
-
Network security 2009 trends: Mergers, security budget
With a possibly reduced security budget, will you be ready for 2009? Full-time network expert and part-time pundit Mike Chapple offers up four network security predictions for the new year.
-
Information security forecast: Security management in 2
What will the year ahead hold for information security? Learn about the likely trends -- from dealing with questions of enterprise virtualization and SaaS security, to Web application security, to ...
-
How to increase security with a decreasing budget
Throughout 2009, organizations will focus on being smarter, leaner and cheaper, which may leave security --- and funding for security -- out of the big picture. But don't panic; Michael Cobb explai...
-
Identity and access management 2009: Staff cuts, inside
Identity and access management in 2009 will be drastically different from 2008, most notably because staff reductions may result in a new crop of malicious attackers. In this tip, David Griffeth ex...
-
Future security threats: Enterprise attacks of 2009
Will organizations be ready for next year's enterprise security threats? Expert John Strand reviews what's in store for 2009, including new weapons, old vulnerabilities, and new takes on old attack...
-
Cracks in WPA? How to continue protecting Wi-Fi network
German researchers recently described a Wi-Fi Protected Access (WPA) flaw that seemed to put the security of the popular wireless protocol in question. Network security expert Mike Chapple explains...
-
End-user Compliance: Creating a security awareness trai
Security awareness training is a must, but what's the best way to create a successful program, and what are the tell-tale signs that it's working? In this tip, security management expert David Mort...
-
Screencast: How to gather host-level data with Network
Peter Giannoulis of www.theacademypro.com demonstrates how to use Network Miner, an open source, passive network sniffer tool that hasn't received the attention that it deserves.
-
Use BotHunter for botnet detection
Got bots? Hopefully not, but how can you be sure? Learn about botnet detection with the help of a free tool, BotHunter. This can keep your computers from participating in a botnet and subsequently ...
-
How to prevent clickjacking attacks with security polic
Clickjacking, an emerging hacker technique similar to cross-site scripting, tricks a user into executing malicious commands on a seemingly legitimate or innocent website. John Strand reviews how th...
-
Security and audit relationships: Uneasy antagonists or
The relationship between information security pros and auditors can be a rocky one, but there are a few specific steps that can make it smoother. Tony Higgins explains the best ways to keep auditor...
-
Deleting user accounts: How to manage users during a la
When budgets get cut across the enterprise, it's likely that employees will get cut, too. So what's the best way to handle a large number of user account modifications or deletions? IAM expert Davi...
-
Security beyond compliance: A proactive and customized
Though compliance guidelines are a good place to start, they in no way guarantee the security of a network. Marcos Christodonte II explains how to create a unique and dynamic security framework tha...
-
A smarter, programmatic approach to SOX compliance
After 11 years of Sarbanes-Oxley and other mandates, enterprises have finally embraced holistic compliance program management as a best practice.
-
Next-gen firewalls improve application awareness
Learn how next-gen firewalls offer improved application awareness and granularity to manage or block particular application features.
-
Choosing the right IT security framework
Expert Joe Granneman introduces several IT security frameworks and standards, and offers advice on choosing the right one for your organization.
-
Anyka - Fotolia
The role of sandboxing in advanced malware detection
Expert Brad Casey details how advanced malware detection products rely heavily on sandboxing technology, though it's not a cure all for enterprises.