April 2013
-
April 16, 2013
16
Apr'13
To nullify targeted attacks, limit out-of-office message security risk
Expert Michael Cobb details how to reduce out-of-office message security risk --and thus targeted attacks -- by limiting personal info given. Continue Reading
-
April 15, 2013
15
Apr'13
How to prevent SQL injection attacks by validating user input
Expert Michael Cobb discusses how to prevent SQL injection attacks by validating user input and utilizing parameterized stored procedures. Continue Reading
-
April 15, 2013
15
Apr'13
In 2013, Cisco network security product strategy to key on integration
Video: Cisco SVP Chris Young details the vendor's 2013 network security product strategy, specifically combining more features into its line of ASA firewalls. Continue Reading
-
April 12, 2013
12
Apr'13
April Patch Tuesday security update could cause system errors
Microsoft has pulled a faulty security update in MS13-036, part of its April 2013 Patch Tuesday release. Those who had installed it should remove it. Continue Reading
-
April 12, 2013
12
Apr'13
Opinion: The APT1 aftermath and information sharing
Marcus Ranum says the Mandiant APT1 report must serve as a model for better information sharing within the information security industry. Continue Reading
-
April 12, 2013
12
Apr'13
How to use RAT security flaws to turn the table on attackers
Nick Lewis discusses how to learn from RAT security flaws not only for defense, but also to find out more about attackers via offensive security. Continue Reading
-
April 11, 2013
11
Apr'13
With Windows XP security updates ending, enterprises must plan ahead
With Windows XP security updates ending in 2014, organizations still running the venerable Microsoft OS should start making transition plans. Continue Reading
-
April 11, 2013
11
Apr'13
MiniFlame malware: Assessing the threat to enterprises
Expert Nick Lewis analyzes miniFlame, the plug-in for the Flame malware, to determine how it operates and whether enterprises should be concerned. Continue Reading
-
April 11, 2013
11
Apr'13
Choosing security products: DLP technology
Data leakage prevention tools offer undeniable value in helping enterprises develop a deeper understanding of their data. Learn the key capabilities to look for in winning DLP products. Continue Reading
-
April 11, 2013
11
Apr'13
McGraw: Use VBSIMM software security model when buying software
Video: Gary McGraw explains how JPMorgan Chase and others use the VBSIMM security model to vet software purchased from third-party vendors. Continue Reading
-
April 10, 2013
10
Apr'13
DLP management tools and reporting: Key considerations
When it comes to DLP management tools, installation and maintenance of a single centralized management console to house all rules and alerts are key. Continue Reading
-
April 10, 2013
10
Apr'13
With DLP, encryption and integration strengthen security policies
Encryption and DLP integration can be used to enhance and strengthen security policies for sensitive data, and for blocking and enforcement actions. Continue Reading
-
April 10, 2013
10
Apr'13
Using DLP tools for data leakage alerting and preventive actions
When evaluating DLP tools, it's important to determine data leakage alerting and preventive action needs for potential violations and blocking. Continue Reading
-
April 10, 2013
10
Apr'13
DLP monitoring: Defining policies to monitor data
DLP monitoring policies help define what data to evaluate, how data monitoring processes should occur, and what enforcement and alerting actions to take. Continue Reading
-
April 10, 2013
10
Apr'13
Effective DLP products need data discovery and data fingerprinting
Effective DLP products must be able to handle data discovery to identify and monitor sensitive data. Learn why these features matter. Continue Reading
-
April 10, 2013
10
Apr'13
Veracode report highlights key problems in mobile app security
Security testing vendor Veracode has released a report showing that mobile apps aren't getting their cryptography right. Continue Reading
-
April 10, 2013
10
Apr'13
Block Windows Help files to help prevent social engineering attacks
Expert Nick Lewis explains how to prevent social engineering attacks that utilize Windows Help files by blocking attachments with the .hlp extension. Continue Reading
-
April 10, 2013
10
Apr'13
Sourcefire's Roesch: How Snort can normalize JavaScript, model rules
Video: Snort creator Martin Roesch discusses new Snort features like JavaScript normalization and rule modeling, and looks ahead to Snort's future. Continue Reading
-
April 10, 2013
10
Apr'13
Nick Lewis, SearchSecurity expert on enterprise threats
Information security threats expert Nick Lewis is standing by to help you defend your organization from attacks. Submit your questions & check out his latest answers. Continue Reading
-
April 09, 2013
09
Apr'13
For CISOs, California Right to Know Act would raise privacy emphasis
The proposed California Right to Know Act may compel CISOs to develop additional privacy policies or create new privacy officer roles. Continue Reading