December 2010

• December 30, 2010 30 Dec'10

  Best practices: Identity management - Part 2

  Do you know how to optimize your identity management? Learn how In part 2 of Best practices: Identity management where experts Kelly Manthey and Peter Gyurko discuss how using case studies involving a Fortune 500 bank.  Continue Reading

• December 30, 2010 30 Dec'10

  Best practices: Identity management - Part 1

  In Best practices: Identity management - Part 1, experts Kelly Manthey and Peter Gyurko discuss development, education, strategies involving identity management.  Continue Reading

• December 27, 2010 27 Dec'10

  What is identity management?

  Do you know what identity management is and how to properly manage it? This expert video featuring Kelly Manthey and Peter Gyurko explores the role of identity mangement and how it can benefit your enterprise.  Continue Reading

• December 27, 2010 27 Dec'10

  Identity management maturity model

  Learn about identity management and its capabilities in a detailed maturity model that highlights people, process and technology.  Continue Reading

• December 27, 2010 27 Dec'10

  Secure VoIP tutorial: Understanding VoIP security best practices

  More organizations are choosing to implement VoIP telephony in the enterprise for its cost savings. However, securing the technology comes with its own price tag. This secure VoIP tutorial is a compilation of resources that review VoIP security best...  Continue Reading

• December 24, 2010 24 Dec'10

  Guide to managing identities and access control

  SearchSecurity.com presents a comprehensive guide to managing user identities and access control within the enterprise. Our experts cover all the angles with technical advice on: centralized identity management; the importance of uniting IAM and ...  Continue Reading

• December 23, 2010 23 Dec'10

  Microsoft produces workaround for IE zero-day vulnerability

  A new Microsoft advisory warns about the Internet Explorer zero-day and urges customers to use the Enhanced Mitigation Experience Toolkit to mitigate the flaw.  Continue Reading

• December 22, 2010 22 Dec'10

  Attack code surfaces for Internet Explorer zero-day vulnerability

  The Metasploit Framework contains exploit code that targets a recently uncovered zero-day vulnerability in Internet Explorer.  Continue Reading

• December 21, 2010 21 Dec'10

  Microsoft Outlook 2007 update caused email authentication issues

  Microsoft has pulled a non-security update to Outlook 2007 after customers complained of connection and performance issues when the automatic update was applied to company machines.  Continue Reading

• December 21, 2010 21 Dec'10

  Considering iPhone, iPad adoption? Take cybersecurity seriously

  If you go with an Apple mobile device in a government enterprise you've got fewer cybersecurity worries, right? Contributor Richard W. Walker investigates.  Continue Reading

• December 20, 2010 20 Dec'10

  ngrep: Learn how to find new malware with ngrep examples

  In this video, Peter Giannoulis of the AcademyPro.com uses several ngrep examples to show how to find new malware that antivirus or IPS might not pick up on with this free tool.  Continue Reading

• December 20, 2010 20 Dec'10

  Information Security magazine - December/January issue PDF

  Download the entire December/January 2010-2011 issue of Information Security magazine here in PDF format.  Continue Reading

• December 17, 2010 17 Dec'10

  DDoS mitigation expert predicts more serious application-layer attacks

  The WikiLeaks "hacktivist" DDoS attacks pale in sophistication to the more serious application-layer DDoS threats of the future.  Continue Reading

• December 17, 2010 17 Dec'10

  SOC 2.0: Three key steps toward the next-generation security operations center

  According to Forrester Research, traditional security operations are no longer practical. Forrester's John Kindervag discusses the new model, SOC 2.0, why it's important, and how to make it happen.  Continue Reading

• December 16, 2010 16 Dec'10

  Information security 2011: Next-gen threats demand layered defense

  Infosec pros got an up-close-and-personal look at advanced attacks in 2010, and Senior Site Editor Eric B. Parizo says without learning from them, many enterprises will fall victim in 2011 as well.  Continue Reading

• December 16, 2010 16 Dec'10

  Reviewing your information security career path plan for the New Year

  The end of the year is the perfect time to review how your career has played out during the past 12 months and refine future goals. In this tip, infosec career experts Lee Kushner and Mike Murray explain the best questions to ask.  Continue Reading

• December 15, 2010 15 Dec'10

  Risk of email attachments highlighted by new Word flaw

  by Ron Condon, UK Bureau Chief If you haven’t yet applied last month’s patches to Microsoft Office, it might be worth making it a priority. Researchers at Trend Micro Inc. have spotted a new ...  Continue Reading

• December 15, 2010 15 Dec'10

  Core Security launches CISO-level pen testing software

  The new Core Insight pen testing suite can lay out the history of testing campaigns and the relative threat level of an enterprise's systems.  Continue Reading

• December 15, 2010 15 Dec'10

  Mozilla extends bug bounty to Web application vulnerabilities

  Mozilla will reward vulnerability hunters for critical flaws found on a dozen Mozilla websites.  Continue Reading

• December 14, 2010 14 Dec'10

  Microsoft repairs critical Explorer flaws, Stuxnet malware vulnerability

  Microsoft addressed a zero-day vulnerability used by the notorious Stuxnet worm and moved to block ongoing attacks targeting several Internet Explorer zero-day flaws.  Continue Reading