Security Management Strategies for the CIO-
Writing Wireshark network traffic filters
The freely available Wireshark tool can provide valuable analysis of network traffic, but capturing packets can often lead to an overload of data. Mike Chapple explains how to use Wireshark's traff...
-
Video: The foundation of an email security strategy
Guest instructor Joel Snyder explains which standards can help you increase the security of SMTP-based email.
-
Screencast: Collecting metadata with Metagoofil
Peter Giannoulis explains how Metagoofil, an information gatherer that extracts metadata from public documents, can be extremely valuable when investigating a target network.
-
The 100-day plan: Achieving success as a new security m
One of the top priorities of any newly minted information security manager is to implement a new enterprise security strategy. In this tip, security management expert Mike Rothman explains what nee...
-
Review system event logs with Splunk
Splunk is a free tool that provides log review and management. From parsing files to triggering alerts and scripts, Splunk can greatly reduce the amount of time security teams spend on logs.
-
How to stop malware in a 'Flash'
Always innovating, attackers have found ways to mask their malware by placing the code into PDFs and Flash files. The malware often appears to be legitimate ads for products, and it can be particul...
-
Cloud compliance: How to manage SaaS risk
While Software as a Service (SaaS) can cut costs, there are definite security concerns to be aware of, including compliance issues. What's the best way to make sure that data is safe and audit-read...
-
Video: Setting up a secure wireless network
In a four-part video series, Joel Snyder of Opus One walks you through the phases of a secure wireless network setup.
-
How to implement and enforce a social networking securi
For a new generation of employees entering the workforce, social networking isn't a luxury, it's a necessity. Yet not all enterprises understand that failing to consider social networking security ...
-
The value of application whitelists
Although some may find Windows Vista's User Account Control feature annoying, it is really a variation of a security mechanism that is now re-emerging: the application whitelist. Michael Cobb explo...
-
Security token and smart card authentication
Get advice on how to mitigate data theft from hackers with security token and smart card authentication technology, smart card readers and software.
-
New blacklists: Highly predictive or hardly worth it?
Renowned security expert Marcus Ranum once declared that blacklists were one of the most misguided ideas in computer security. But what about a new, more customized approach called highly predictiv...
-
ID and password authentication: Keeping data safe with
Learn how to improve authentication and avoid password hacking with management policies that enforce password expiration, length and complexity requirements.
-
Enterprise single sign-on: Easing the authentication pr
Learn how enterprise single sign-on (SSO) can ease the authentication process and can be a solution to employee access issues. Implementation and single sign-on software are also discussed.
-
PKI and digital certificates: Security, authentication
Get more information about PKI and digital certificates, such as how to implement PKI, how to ensure security and available implementation. Also learn about digital certificates, signatures and ach...
-
Richard Mackey: Building a framework-based compliance p
Richard Mackey talks about frameworks that can help you find the holes in your compliance program.
-
Biometric authentication know-how: Devices, systems and
Discover the pros and cons of multiple biometric authentication devices and techniques, such as iris pattern or fingerprint scans, voice recognition and keystroke dynamics. Also get advice on biome...
-
Smartphone security: The growing threat of mobile malwa
The increasingly pervasive use of wireless handhelds in the enterprise is just one reason why malware pros are getting serious about mobile malware. Lisa Phifer details all the reasons why smartpho...
-
Screencast: How Tor improves Web surfing privacy and se
In an on-screen demonstration, learn how Tor can be used to ensure that surfing habits aren't recorded by malicious hackers.
-
FISMA compliance made easier with OpenFISMA
Scott Sidel examines the open source security tool OpenFISMA, a compliance tool that assists government agencies and their contractors in meeting FISMA's requirements.
-
A smarter, programmatic approach to SOX compliance
After 11 years of Sarbanes-Oxley and other mandates, enterprises have finally embraced holistic compliance program management as a best practice.
-
Next-gen firewalls improve application awareness
Learn how next-gen firewalls offer improved application awareness and granularity to manage or block particular application features.
-
Choosing the right IT security framework
Expert Joe Granneman introduces several IT security frameworks and standards, and offers advice on choosing the right one for your organization.
-
Anyka - Fotolia
The role of sandboxing in advanced malware detection
Expert Brad Casey details how advanced malware detection products rely heavily on sandboxing technology, though it's not a cure all for enterprises.