September 2011
-
September 30, 2011
30
Sep'11
Internet Explorer 8 XSS filter: Setting the bar for cross-site scripting prevention
The Internet Explorer 8 XSS filter can assist in cross-site scripting prevention. Michael Cobb explains how it works in this expert response. Continue Reading
-
September 30, 2011
30
Sep'11
How to avoid VoIP security risks: Forrester’s six-step process
If left unprotected, VoIP security risks pose a threat to corporate data. Learn how to secure VoIP systems with Forrester’s six-step process. Continue Reading
-
September 30, 2011
30
Sep'11
Malware on a Mac: How to implement a Mac antimalware program
Learn how to create a Mac security program at your enterprise, before the amount of Apple platform malware reaches critical mass. Continue Reading
-
September 29, 2011
29
Sep'11
Symmetric key encryption algorithms and hash function cryptography united
Can a secure symmetric key encryption algorithm be used in hash function cryptography? Learn more about these data encryption techniques. Continue Reading
-
September 28, 2011
28
Sep'11
Verizon PCI report finds firms struggling to maintain compliance
Many businesses struggle to maintain PCI DSS compliance, suggesting meeting the standard is a goal rather than an ongoing initiative, according to a new report from Verizon Business. Continue Reading
-
September 28, 2011
28
Sep'11
Vulnerability management program has unexpected benefits
Security 7 Award winner, Brian Wishnousky of Rogers Communications explains how to get the best actionable data from a vulnerability management program to fill patching gaps and uncover rogue devices. Continue Reading
-
September 28, 2011
28
Sep'11
Emergency tabletop exercises enable effective crisis planning
Emergency tabletop exercises with real-world scenarios enable effective crisis planning, incident response and disaster recovery. Security 7 Award winner, Matthew Todd of Financial Engines explores the key components of effective tabletop disaster ... Continue Reading
-
September 28, 2011
28
Sep'11
Security awareness programs require engagement and attentiveness
Security 7 Award winner, Christopher Paidhrin of Southwest Washington Medical Center explains why a security awareness training program can’t be successful without the engagement of employees. Continue Reading
-
September 28, 2011
28
Sep'11
National cybersecurity requires improved communication
Better information sharing between the government and private industry will be a foundation for improved national cybersecurity efforts. Rep. Jim Langevin (D-RI) explains the role government needs to have in fostering improved communication between ... Continue Reading
-
September 28, 2011
28
Sep'11
Computer security education shouldn't be limited to tech pros
Security 7 Award winner, Douglas Jacobson of Iowa State University explains why tackling today’s threats requires computer security education for the general public. Continue Reading
-
September 28, 2011
28
Sep'11
Secure online payment system requires end-to-end encryption
The online payment ecosystem is a prime target for cybercriminals. Security 7 Award winner, Steven Elefant, formerly of Heartland Payment Systems, explains why end-to-end encryption is needed to maintain the integrity of transactions carried out ... Continue Reading
-
September 27, 2011
27
Sep'11
Oracle-owned MySQL.com hacked, serves malware to visitors
Visitors to MySQL.com were treated to theBlackHole exploit kit which quietly served malware to Windows users. Continue Reading
-
September 27, 2011
27
Sep'11
Cigital BSIMM 3 study provides software security metrics data
The third iteration of the widely acclaimed Building Security in Maturity Model documents software security initiatives at 42 enterprises. Continue Reading
-
September 27, 2011
27
Sep'11
Security B-Sides conferences: Hub of collaboration
Security B-Sides conferences have expanded the confines of traditional security conferences. From unique venues to the insistence that attendees participate, founders Mike Dahn, Jack Daniel and Chris Nickerson explain how these events have broken ... Continue Reading
-
September 26, 2011
26
Sep'11
Remediating IT vulnerabilities: Quick hits for risk prioritization
There's no way to eradicate all IT vulnerabilities, but spotting the most critical ones is essential. Read these quick hits for risk prioritization. Continue Reading
-
September 26, 2011
26
Sep'11
How to prevent phishing attacks: User awareness and training
In this expert tip, David Sherry describes how a combination of technical controls and user awareness training can help put a dent in phishers’ attempts at spear phishing. Continue Reading
-
September 26, 2011
26
Sep'11
Quiz: Monitoring your trusted insiders
How much have you learned about monitoring your privileged insiders? Test your knowledge in this short quiz. Continue Reading
-
September 26, 2011
26
Sep'11
Monitoring your trusted insiders
How much have you learned about monitoring your privileged insiders? Test your knowledge in this short quiz. Continue Reading
-
September 23, 2011
23
Sep'11
Antimalware product suites: Understanding capabilities and limitations
Traditional antivirus tools have matured into multi-featured antimalware suites. Here’s what you should know when shopping for endpoint protection. Continue Reading
-
September 23, 2011
23
Sep'11
Determining the value of infosec certifications
An InfoSec Leaders survey examines the impact of different certs on the security profession. Continue Reading