November 2010

• November 15, 2010 15 Nov'10

  Information Security magazine - November issue PDF

  Download the complete November 2010 issue of Information Security magazine here in PDF format.  Continue Reading

• November 15, 2010 15 Nov'10

  Using virtual test labs for virtual software testing

  Do you know of virtualization that reduces your investment in hardware, space and general overhead? Virtual test labs can do just that. Expert Michael Cobb explains virtual software testing and how it can benefit your enterprise.  Continue Reading

• November 11, 2010 11 Nov'10

  SANS researcher: Implement every Java security fix

  by Ron Condon, UK Bureau Chief A timely reminder came from Daniel Wesemann today writing on the SANS Internet StormCenter blog about the need to make sure that Java is kept patched and up to date. ...  Continue Reading

• November 09, 2010 09 Nov'10

  Study shows lack of corporate security training

  A recent study by Clearswift indicates that companies aren't doing enough to train their workers about Internet security. The Web and email security company conducted a survey of some 2,000 office ...  Continue Reading

• November 09, 2010 09 Nov'10

  User provisioning best practices: Access recertification

  User access recertification is the process of continually auditing users' permissions to make sure they have access only to what they need. Implementing recertification, however, can be challenging. Get best practices on creating a recertification ...  Continue Reading

• November 09, 2010 09 Nov'10

  Hoglund: Malware protection and defense needs fresh approach

  Traditional malware analysis can not keep up with new malware, said noted malware expert Greg Hoglund, founder of HBGary Inc. Hoglund is pushing for new defense techniques.  Continue Reading

• November 09, 2010 09 Nov'10

  A buyer's guide to buying a provisioning system

  Video: Randall Gamby on what to look for in a provisioning vendor and how to choose the product that's right for your enterprise.  Continue Reading

• November 09, 2010 09 Nov'10

  Microsoft repairs flaws in Forefront UAG, critical Office flaw

  Microsoft repaired four vulnerabilities in its Forefront Unified Access Gateway and a critical flaw in Microsoft Office.  Continue Reading

• November 08, 2010 08 Nov'10

  backscatter body scanning

  Backscatter body scanning is an X-ray-based technology that yields a high-resolution image of a person's body beneath their clothing and reveals concealed objects... (Continued)  Continue Reading

• November 08, 2010 08 Nov'10

  Android enterprise security: Mobile phone data protection advice

  Android devices are increasingly popular among enterprise users, but is Android enterprise security where it needs to be to ensure the safety of important enterprise documents? Expert Michael Cobb offers his take.  Continue Reading

• November 05, 2010 05 Nov'10

  Rare pay drop for information security certifications, but skills in demand

  While overall pay for information security certs has dropped for the first time since 2006, an infosec salary expert says that doesn't mean demand for certified security pros is waning.  Continue Reading

• November 04, 2010 04 Nov'10

  More PCI encryption, tokenization options emerge for compliance

  RSA is the latest vendor to combine encryption and tokens with a server that provides tokenization and key management functionality in one location.  Continue Reading

• November 04, 2010 04 Nov'10

  Microsoft to fix PowerPoint, Forefront vulnerabilities

  Microsoft will repair 11 vulnerabilities affecting Microsoft Office, Office PowerPoint and Forefront Unified Access Gateway, according to its Advance Notification issued Thursday.  Continue Reading

• November 04, 2010 04 Nov'10

  Web application firewalls: A technical guide

  Web application firewalls are becoming critical data protection and compliance tools that any security decision maker must understand. SearchSecurity.com presents a comprehensive guide to Web application firewalls in which experts examine evaluation...  Continue Reading

• November 03, 2010 03 Nov'10

  wildcard certificate

  A wildcard certificate is a digital certificate that is applied to a domain and all its subdomains.  Continue Reading

• November 03, 2010 03 Nov'10

  Quiz: How IDS/IPS can enable business objectives

  How much have you learned about integrating IDS/IPS with your enterprise's business goals? Find out with this short quiz.  Continue Reading

• November 03, 2010 03 Nov'10

  Microsoft issues advisory on Internet Explorer drive-by attack

  Microsoft has confirmed a targeted attack against a new zero-day vulnerability in Internet Explorer.  Continue Reading

• November 03, 2010 03 Nov'10

  SSL vulnerabilities: Trusted SSL certificate generation for enterprises

  Presentations at both Black Hat and Defcon 2010 demonstrated serious vulnerabilities in the SSL protocol, which, considering how widely used SSL is, could mean security problems for many enterprises. In this tip, Nick Lewis examines the researchers'...  Continue Reading

• November 03, 2010 03 Nov'10

  Realign your data protection strategy efforts

  In this video, learn what you need to do to realign your strategic focus to counter new threats by first understanding what’s important to your business.  Continue Reading

• November 02, 2010 02 Nov'10

  privilege escalation attack

  A privilege escalation attack is a type of network intrusion that takes advantage of programming errors or design flaws to grant the attacker elevated access to the network and its associated data and applications.  Continue Reading