Ask the Experts
Ask the Experts
-
Password compliance and password management for PCI DSS
Can poor password management lead to PCI DSS non-compliance? Mike Chapple outlines key password compliance best practices. Continue Reading
-
How to detect and mitigate Poison Ivy RAT malware-style attacks
Learn how to prevent malcode like the Poison Ivy RAT malware, sophisticated malware that has been crafted especially for an enterprise take-down. Continue Reading
-
Does .cc domain malware demand domain blocking?
Learn how to deal with .cc domain malware threats found within DNS traffic. Is domain blocking at the perimeter the best defense strategy? Continue Reading
-
Network topology mapping: How to automate network documentation
Network topology mapping to boost security can be time-consuming. Learn how to automate network documentation with network management tools. Continue Reading
-
UTM devices: Efficient security or a firewall failure risk?
UTM devices provide more protection than a simple firewall, but do they increase the risk of an enterprise firewall failure? Continue Reading
-
SIEM vs. DAM technology: Enterprise DAM implementation best practices
Mike Cobb analyzes the differences between a SIEM and DAM implementation and how to successfully configure an enterprise DAM. Continue Reading
-
The switch to HTTPS: Understanding the benefits and limitations
Expert Mike Cobb explains the value and limitations of HTTPS, and why making the switch to HTTPS may be easier than it seems. Continue Reading
-
Webmail forensics: Investigating issues with email forwarding security
Expert Mike Cobb discusses webmail forensics possibilities for dealing with the aftermath of an issue involving an email forwarding security breach. Continue Reading
-
What are the best tools for enterprise Windows security logs analysis?
Expert Mike Cobb provides some of the best Windows security log tools available for the enterprise. Continue Reading
-
BIOS security: Are BIOS attacks worth defending against?
Expert Nick Lewis analyzes the risk of a BIOS attack in juxtaposition to the irritation and expense of securing a network against this threat. Continue Reading
-
How to protect a website from malware redirects
Malware redirects are a serious hazard in the jungle of infiltration exploits; Nick Lewis explains how they can be avoided. Continue Reading
-
RTP attacks: How to prevent enterprise data exfiltration
How big of an issue are RTP attacks in the context of all attacks via covert channels? Nick Lewis looks at tunneling for enterprise data exfiltration. Continue Reading
-
Use Telnet alternative SSH to thwart Telnet security risks
The inherently insecure Telnet protocol shouldn’t be used on modern networks. Learn why and what to use in its place. Continue Reading
-
Is it possible to prevent DDoS attacks?
A distributed denial-of-service (DDoS) attack can consume all your network bandwidth. Learn how to prevent a DDoS attack in this expert response. Continue Reading
-
Dynamic authorization vs. other access management technologies
Randall Gamby discusses the advantages of dynamic authorization vs. other access management strategies and implementation best practices. Continue Reading
-
Image-based authentication: Viable alternative authentication method?
Randall Gamby addresses the criticisms of image-based authentication and considers if it's a viable enterprise alternative authentication method. Continue Reading
-
SaaS access management: Finding the best single sign-on technology
Expert Randall Gamby details key strategies for SaaS access management and contemporary single sign-on technology that's truly interoperable. Continue Reading
-
Explaining how trusted SSL certificates and forged SSL certificates work
Web security relies on valid, trusted SSL certificates, but as Michael Cobb explains, forged SSL certificates undermine the model for trusted Web connections. Continue Reading
-
BIOS management best practices: BIOS patches and BIOS updates
Amid growing concern over BIOS threats, expert Mike Cobb discusses how organizations should manage BIOS patches and BIOS updates. Continue Reading
-
Enterprise user de-provisioning best practices: How to efficiently revoke access
Misplaced or stagnant employee access can be dangerous; Randall Gamby details user provisioning best practices for setting up a system to combat this risk. Continue Reading
-
Talking with lawyers: How to manage information security legal issues
Dealing with lawyers is often a challenge. Ernie Hayden offers advice for CISOs dealing with enterprise information security legal issues. Continue Reading
-
Role-based access control: Making an enterprise RBAC implementation easier
Learn the benefits of role-based access control based on job functions of network accessing employees, and how to make an RBAC implementation easier. Continue Reading
-
Personal online banking at work: Avoiding online banking security issues
Is it OK to allow personal online banking at work? Get advice on avoiding online banking security issues with enterprise users. Continue Reading
-
Privileged account policy: Securely managing privileged accounts
Randall Gamby discusses how to securely implement a privileged account policy within the enterprise and collectively manage sensitive account information. Continue Reading
-
How penetration testing helps ensure a secure data store
A third-party penetration test is the best way to determine whether an online data store can be compromised. Continue Reading
-
OpenStack security analysis: Pros and cons of open source cloud software
Expert Michael Cobb examines the open source cloud computing platform OpenStack and relevant OpenStack security issues. Continue Reading
-
Detecting and blocking suspicious logins, unusual login activity in the enterprise
Randall Gamby dissects the delicate but crucial science of detecting and blocking suspicious logins and unusual login activity in the enterprise. Continue Reading
-
Advice for developing a vendor compliance checklist for a vendor review process
Get advice for developing a vendor compliance checklist to support a vendor review process or a third-party vendor audit. Continue Reading
-
Firewall network security: Thwarting sophisticated attacks
Firewall network security is still a critical part of securing an enterprise. Learn what sophisticated attacks a firewall can effectively prevent. Continue Reading
-
Web server encryption: Enterprise website encryption best practices
Network security expert Mike Chapple details the fundamentals of Web server encryption and Web encryption deployment best practices. Continue Reading
-
How to bolster BIOS security to prevent BIOS attacks
BIOS attacks can be thwarted by implementing NIST guidelines for BIOS security. Continue Reading
-
Securing IE with plug-ins Google Chrome Frame and IETab
Web browser plug-ins can bolster IE security for legacy apps that have to run on outdated versions of Internet Explorer. Continue Reading
-
Learning from the MySQL.com hack: How to stop website redirects
Learn how to stop website redirects put in place by malicious hackers, and how to prevent attacks like the MySQL.com hack. Continue Reading
-
Detecting covert channels to prevent enterprise data exfiltration
A covert channel is just one more way data can leave the network. Learn how to detect and block covert channels from threats expert Nick Lewis. Continue Reading
-
What is ISO certified vs. ISO compliant?
Discover the difference between an ISO 27002 certification report and an ISO 27002 compliant report. Continue Reading
-
Automated file and registry monitoring tools for Windows
A file and registry monitoring tool like Process Monitor can help IT organizations identify suspicious behavior that may be related to a malware infection. Continue Reading
-
Securing applications with a network pen test
Network penetration testing can help protect applications by uncovering weaknesses that provide an alternate route to sensitive data. Continue Reading
-
OAuth 2.0: Pros and cons of using the federation protocol
Learn the advantages and disadvantages of using Open Authorization for Web application authentication. Continue Reading
-
Stop hackers from finding data during Web application fingerprinting
Hackers use Web application fingerprinting to learn about their target. You can reduce the amount of information they uncover with these tips. Continue Reading
-
Incident response best practices after Sony breach
Following the recent Sony breach, there are a few lessons other enterprises can learn about incident response. Continue Reading
-
How DHCP works and the security implications of high DHCP churn
Learn about the potential problems with high DHCP churn and whether it should be a concern to your organization. Continue Reading
-
How secure is a VPN? Exploring the most secure remote access methods
Virtual private networks are a common means of providing remote access, but expert Mike Chapple addresses whether it is the most secure option available. Continue Reading
-
How to choose application security tools for certain scenarios
Learn about application whitelisting, application firewalls and activity monitoring, and how to choose the right application security tools and products. Continue Reading
-
Software testing methodologies: Dynamic versus static application security testing
Learn about two software security testing methodologies – dynamic and static testing – in this expert response by Michael Cobb. Continue Reading
-
Open source testing tools for Web applications: Website vulnerability scanner and recon tools
Google’s open source testing tools for Web applications can save organizations money and improve the security of Web apps. Continue Reading
-
Managing toolbars and other third-party browser extensions
Third-party browser extensions like toolbars can jeopardize client security. Expert Michael Cobb discusses what can be done to manage these risks. Continue Reading
-
Java Virtual Machine architecture: Applet to applet communication
In a Java Virtual Machine architecture, is it possible for two machines to communicate with one another? Expert Michael Cobb describes how the applet-to-applet communication process works. Continue Reading
-
Managing application permissions through isolated storage
Application permissions are essential in securing application data. Learn how isolated storage allows secure, controlled access to application files. Continue Reading
-
Comparing relational database security and NoSQL security
In this introduction to database security, expert Michael Cobb explains the differences between relational database and NoSQL security. Continue Reading
-
Hacker chatter: Can hacker websites help companies anticipate attacks?
Tracking hacker chatter could be useful for discovering attacks, but there may be other, less risky routes to finding the same information. Continue Reading
-
Insufficient authorization: Hardening Web application authorization
Insufficient authorization errors can lead to Web app compromises and data loss. Learn how to fix these authorization errors. Continue Reading
-
How to erase browser history proactively for enterprise security
Attackers often try to access enterprise users’ browsing history. Expert Michael Cobb explains how to erase browser history proactively. Continue Reading
-
Drive-by virus: How to prevent drive-by download malware
There are several security strategies enterprises can implement to prevent drive-by download malware infections. Get tips in this expert response. Continue Reading
-
Zeus Trojan analysis: How to decode the Zeus config.bin file
Learn how to analyze the Zeus config.bin file in order to identify targeted URLs and infected computers on your network. Continue Reading
-
Internet Explorer 8 XSS filter: Setting the bar for cross-site scripting prevention
The Internet Explorer 8 XSS filter can assist in cross-site scripting prevention. Michael Cobb explains how it works in this expert response. Continue Reading
-
Symmetric key encryption algorithms and hash function cryptography united
Can a secure symmetric key encryption algorithm be used in hash function cryptography? Learn more about these data encryption techniques. Continue Reading
-
Network security metrics: Basic network security controls assessment
Get advice on how to devise appropriate network security metrics for your enterprise from expert Mike Chapple. Continue Reading
-
PCI Requirement 12.8.2: When is client compliance necessary?
Find out whether the PCI 12.8.2 requirement forces an organization working with a payment card merchant to become compliant. Continue Reading
-
Cloud computing PCI compliance: Is it possible?
Is enterprise cloud computing PCI compliance possible? Discover how to use cloud computing and be PCI DSS-compliant. Continue Reading
-
Comparing certifications: ISO 27001 vs. SAS 70, SSAE 16
Learn about ISO 27001 vs. SAS 70, and why enterprises should pay attention to SSAE 16 over SAS 70. Continue Reading
-
Is laptop remote wipe needed for effective laptop data protection?
Expert Michael Cobb explains how laptop remote wipe technology can ease data loss fears, but shouldn’t be solely relied upon. Continue Reading
-
Secure coding best practices: PHP and programming language security
Michael Cobb explains how proper secure coding training is much more important than PHP programming language security. Continue Reading
-
How to mitigate the risk of a TOCTTOU attack
Are TOCTTOU attacks, exploiting time-of-check-to-time-of-use race conditions, a threat to your enterprise file systems? Expert Michael Cobb discusses the dangers and how to mitigate them. Continue Reading
-
How MAC and HMAC use hash function encryption for authentication
Hash function encryption is the key for MAC and HMAC message authentication. See how this differs from other message authentication tools from expert Michael Cobb. Continue Reading
-
How to set up SFTP automation for FTP/DMZ transfer
Transferring files from a DMZ to an internal FTP server can be risky. In this expert response, Anand Sastry explains how to use SFTP automation to lock it down. Continue Reading
-
Locate IP address location: How to confirm the origin of a cyberattack
What's the best way to determine the origin of a cyberattack? Expert Nick Lewis weighs in. Continue Reading
-
How to set up a site-to-site VPN to coexist with a DMZ
When setting up a site-to-site VPN, where should the VPN endpoint be in the DMZ? Learn more in this expert response. Continue Reading
-
IEEE 802.11: Handling the standard's wireless network vulnerabilities
IEEE 802.11 has several known vulnerabilities, so what's the best way for enterprises to handle them? Expert Anand Sastry explains. Continue Reading
-
Will host-based intrusion detection software replace signature IDS?
As signature-based IDS becomes less effective, is host-based IDS the best option to replace it? Expert Anand Sastry weighs in. Continue Reading
-
Hop-by-hop encryption: A safe enterprise email encryption option?
Learn how hop-by-hop encryption gives enterprises the opportunity to send encrypted emails to large amounts of employees without a digital signature for each email from expert Michael Cobb. Continue Reading
-
How Microsoft security assessment tools can benefit your enterprise
Expert Michael Cobb explains how Microsoft security assessment tools can find and help your enterprise fix vulnerabilities in its Windows environment. Continue Reading
-
URL shortening security best practices
Expert Michael Cobb weighs in on risks you may not know about with shortened URLs from TinyURL or Bit.ly. Continue Reading
-
How to ensure the security of financial transactions online
Financial transactions are some of the most high-risk activities performed online. Expert Nick Lewis gives advice to financial firms on how they can prevent online transaction fraud. Continue Reading
-
Enterprise antivirus comparison: Is cloud-based antivirus better?
Cloud-based antivirus has pros and cons, but, on the whole, can it be more effective than regular antivirus products? Learn more from expert Nick Lewis. Continue Reading
-
How an IIS Web application pool can help secure your enterprise
Did you know an IIS Web application pool not only helps manage your applications, but also makes them more secure? Expert Michael Cobb explains the benefits of Web application pools. Continue Reading
-
Debug and test Web applications using Burp Proxy
The Burp Proxy tool, part of the Burp Suite, has many useful features that test Web application security. Learn how to start using Burp Proxy. Continue Reading
-
Which is best: An infosec certification or an IT security degree?
Which will be more likely to further your infosec career: A certification, or an advanced degree? Expert Ernie Hayden weighs in. Continue Reading
-
How to find a real IP address using proxy server logs
While using proxy server logs to identify the real IP address of an attacker using a proxy server is technically easy, there are other difficulties along the way. Expert Mike Chapple explains. Continue Reading
-
How to defend against pivot attacks in the enterprise
Nick Lewis explains what a pivot attack is and tells how to go about defending your organization against this threat. Continue Reading
-
Social networking best practices for preventing social network malware
Get advice on social networking security best practices that can help prevent data leaks and other social network malware that could harm to your enterprise. Continue Reading
-
Valuable third-party patch deployment software, tools
Do you know some of the best third-party patch deployment tools? See expert Michael Cobb's recommendations on which tools would work best for your enterprise. Continue Reading
-
Guidance on dual-homed server security
Learn more about how a dual-homed server operates, and what security restrictions it entails in this expert response from Anand Sastry. Continue Reading
-
How to monitor network traffic: Appliance placement and choke points
Monitoring network traffic is crucial, but where's the best place to put network monitoring tools? Expert Anand Sastry gives advice. Continue Reading
-
Best practices for information security reward incentive programs
While employee termination may be necessary in cases of insecure conduct, most employees are more encouraged by the carrot than the stick when it comes to security and compliance. Continue Reading
-
Using a Web application honeypot to boost security for Web applications
Honeypots can be a valuable tool for logging and analyzing intrusions, but do you know the disadvantages to setting up a honeypot? Expert Michael Cobb explains some honeypot best practices. Continue Reading
-
Merger management: How to handle potential merger threats to security
During a merger, management of information security becomes even more crucial in order to mitigate threats, including the many new insiders and attentive attackers that want to take advantage of holes in the companies' infosec integration. Continue Reading
-
Virtualization security concerns: The threat of hypervisor malware
What is hypervisor malware, and how worried should enterprises employing virtualization be about it? Threats expert Nick Lewis explains. Continue Reading
-
Validating ERP system security and ERP best practices
Is your ERP system security effective? How can you be sure? Expert Mike Cobb offers up some ERP security best practices. Continue Reading
-
Adobe Flash alternatives: The best way to avoid Adobe Flash malware?
It's no secret that Adobe Flash is plagued with malware, so, do enterprises really need it? In this expert response, Nick Lewis discusses how you can weigh the importance of functionality and security when it comes to Flash. Continue Reading
-
What does the Stuxnet worm mean for SCADA systems security?
SCADA systems have been highlighted in recent months for their insecurities, perhaps most notably with the release of the Stuxnet worm targeting them directly. But is the Stuxnet worm unique, or simply a sign of SCADA insecurity? Learn more in this ... Continue Reading
-
Creating a third-party security policy to prevent a software exploit
Third-party software vulnerabilities are one of the most likely attack vectors in the information security landscape today. In this expert response, Nick Lewis discusses how to prevent these vulnerabilities from becoming exploits. Continue Reading
-
Prevent a privilege escalation attack with database security policy
Privilege escalation attacks are dangerous wherever they occur, but can be particularly harmful if run in a database. Learn more from threats expert Nick Lewis. Continue Reading
-
Managing remote workers: Musts for setting up a secure home network
Is it the enterprise's responsibility to ensure that remote workers' home networks are secure? And, if so, how should they do it? Get expert advice from Nick Lewis. Continue Reading
-
How to use Wget commands and PHP cURL options for URL retrieval
When TCP or HTTP connections aren't behaving as expected, free tools like Wget and cURL can help with URL retrieval. Learn more in this expert response from Anand Sastry. Continue Reading
-
Utilizing a hash function algorithm to help secure data
Learn how a hash function algorithm -- specifically a one-way hash function of the Dynamic SHA-2 algorithm -- can help protect important documents using a variety of hashes to confuse malicious code. Continue Reading
-
Why it's important to turn on DEP and ASLR Windows security features
In the quest for application security, many developers are disabling or incorrectly implementing two important Windows security features. In this expert response, Michael Cobb explains why ASLR and DEP should always be turned on. Continue Reading
-
What to include in a remote access audit
When conducting a remote access audit, there are specific questions you should be sure to ask to make sure everything is secure. In this expert response, Randall Gamby describes what to look for. Continue Reading
-
Will biometric authentication devices integrate with in-house software?
Biometric devices may provide an added level of security, but how much effort is required to integrate them with existing software and systems, particularly those systems custom made for an organization? Learn more in this expert response from ... Continue Reading
-
How to set up Apache Web server access control
If you're hoping to allow or deny Apache Web server access based on IP address, check out this expert response from Randall Gamby. Continue Reading
-
How to block port scan attempts on a public wireless network
Network security expert Anand Sastry explains how to block port scan attempts on a public wireless network at the host level. Continue Reading