Security Management Strategies for the CIOVideo Library
-
Black Hat 2011: SSL is broken, researcher says
Configuration issues and other errors mire the SSL implementations of thousands of legitimate websites, according to research conducted by SSL Labs, a research arm of Qualys Inc.
-
Black Hat 2011: Drive-by attacks can cause Android priv
Neil Daswani and his team demonstrated a drive-by attack on an Android smartphone and discussed behavioral analysis of more than 10,000 Android applications.
-
Black Hat 2011: Database threats and mitigations
Databases have come under increased attacks in recent months from hacktivist groups and cybercriminals. Learn how to apply the appropriate security technologies to defend your database.
-
Black Hat 2011: SIM rule maker on attacks and defenses
LogRhythm Labs explains their new rules for the vendor’s SIM appliances.
-
Attack vectors, vulnerabilities and malware analysis
Rodrigo Branco talks about vulnerabilities, malware sophistication and whether the move to cloud-based services will change the way cybercriminals work.
-
Dan Guido on penetration testing; intrusion analysis
The iSec Partners consultant talks about his penetration testing courses at NYU, his research on intrusion analysis and rethinking intrusion defense.
-
Don Bailey on mobile device threats, security policy
In this video, researcher Don Bailey of iSec Partners discusses the myriad threats facing corporate mobile devices, and how to stop them.
-
IT patch management best practices
This presentation on vulnerability and IT patch management best practices discusses the challenges of improving testing and deployment processes.
-
Interpreting PCI encryption, virtualization guidelines
Get expert advice on understanding the PCI encryption requirements and virtualization guidance in this video.
-
Enterprise encryption strategy: The path to encryption
This primer on enterprise encryption strategy covers use cases for various devices and data types, and offers strategies for simple data encryption.
-
Marcus Ranum on cyberwar
Network security expert Marcus Ranum explains why he believes cyberwarfare is only a tool for powerful nation states and discusses how Stuxnet supports his premise.
-
Risks prompt retooling of enterprise mobile security
Cybercriminals will find ways to bypass native security restrictions on smartphones and other devices, says security luminary Winn Schwartau.
-
Fight mobile attacks, data loss risks by locking down d
Mobile malware has been minimal, but attackers are developing attacks that target smartphones to gain access to sensitive data, says security luminary Winn Schwartau.
-
Neil MacDonald on RSA, APT & social engineering threats
In this video, Gartner Vice President Neil MacDonald discusses the SecurID attack at RSA, APT realities and the growing enterprise social engineering threat.
-
Neil MacDonald on IE9 security, Apple security issues
In this video, Gartner’s Neil MacDonald discusses patch management, IE9 security, his Windows 8 security wish list and protecting Apple computers.
-
Video: Tokenization vs. encryption, PCI tokenization
The Gartner IT1 research director discusses tokenization vs. encryption, PCI tokenization to reduce audit scope and lagging tokenization standards.
-
Gartner Summit attendees on IT security, gov't issues
When managing IT security, government infosec pros face unique risks. Check out these Q&As from the 2011 Gartner Security & Risk Management Summit.
-
Ramon Krikken on Web application security scanners
In this video, learn how to get the most out of Web application security scanners, and the four key elements for a successful implementation.
-
Web 2.0 tutorial: Awareness for Web 2.0 attacks
Robert "Rsnake" Hansen discusses Web 2.0 attacks that pose serious security risks to enterprises and their security landscape.
-
PCI analysis: Wade Baker on Verizon PCI report findings
In this video, Verizon's Director of Risk Wade Baker explains the company's PCI report and what it has to say about the state of the standard.