Features

Features

Application attacks (buffer overflows, cross-site scripting)

• How to mitigate 5 persistent application security threats

  The most widely known application security threats are sometimes the most common exploits. Here is a list of the top app threats and their appropriate security responses.  Continue Reading

• CISSP online training: Software Development Security domain

  Spotlight article: Shon Harris explains the core concepts in the CISSP domain on software development security, including models, methods, database systems and security threats.  Continue Reading

• Information security book excerpts and reviews

  Visit the Information Security Bookshelf for book reviews and free chapter downloads.  Continue Reading

• PDF download: Information Security magazine November 2012

  In this issue, find out who won this year’s Security 7 Award, Also, we examine the pros and cons of the Metasploit penetration testing framework.  Continue Reading

• Old Application Vulnerabilities, Misconfigurations Continue to Haunt

  Flaws in legacy applications and configuration blunders still plague organizations, experts say.  Continue Reading

• Black Hat conference 2010: News, podcasts and videos

  Get updates on the latest happenings at the Black Hat 2010 conference with breaking news stories, and exclusive video and podcasts.  Continue Reading

• Black Hat conference coverage 2009: News, podcasts and videos

  The SearchSecurity.com team is live at the 2009 Black Hat conference. Look here for the latest headlines, interviews, podcasts and videos from Caesars Palace in Las Vegas.  Continue Reading

• Googling Security: How Much Does Google Know About You?

  In an excerpt from Googling Security: How Much Does Google Know About You?, author Greg Conti explains how attackers exploit advertising networks to compromise end-user machines.  Continue Reading

• PING with Mark Odiorne

  In this exclusive interview Mark Odiorne, CISO at Scottish Re, provides insights on pen testing procedures, prioritizing security for senior management and keeping compliant.  Continue Reading

• Network-based attacks

  The second tip in our series, "How to assess and mitigate information security threats," excerpted from Chapter 3: The Life Cycle of Internet Access Protection Systems of the book The Shortcut Guide to Protecting Business Internet Usage published ...  Continue Reading

• Balancing the cost and benefits of countermeasures

  The final tip in our series, "How to assess and mitigate information security threats," excerpted from Chapter 3: The Life Cycle of Internet Access Protection Systems of the book "The Shortcut Guide to Protecting Business Internet Usage published by...  Continue Reading

• Attacks targeted to specific applications

  This is the fourth tip in our series, "How to assess and mitigate information security threats," excerpted from Chapter 3: The Life Cycle of Internet Access Protection Systems of the book "The Shortcut Guide to Protecting Business Internet Usage," ...  Continue Reading

• How to assess and mitigate information security threats

  Learn how to assess and mitigate information security threats, like rootkits, worms and Trojans in the tip series created in collaboration with Realtimepublishers and Dan Sullivan, author of The Shortcut Guide to Protecting Business Internet Usage.  Continue Reading

• Implementing Multiple Solutions

   Continue Reading

• Attacking Web authorization: Web authorization-Session token security

  This excerpt from Chapter 5: Attacking Web Authorization of "Hacking Exposed Web Applications, Second Edition," by Joel Scambray, Mike Schema and Caleb Sima provides authorization and session management technique best practices  Continue Reading