Get started
Bring yourself up to speed with our introductory content.
Data Security and Cloud Computing
Honeynet Project
The Honeynet Project is a non-profit volunteer organization dedicated to computer security research and information sharing. Continue Reading
honeynet
A honeynet is a network set up with intentional vulnerabilities; its purpose is to invite attack, so that an attacker's activities and methods can be studied and that information used to increase network security. Continue Reading
IGP (Interior Gateway Protocol)
An IGP (Interior Gateway Protocol) is a protocol for exchanging routing information between gateways (hosts with routers) within an autonomous network (for example, a system of corporate local area networks). Continue Reading
-
Encrypting File System (EFS)
The Encrypting File System (EFS) is a feature of the Windows 2000 operating system that lets any file or folder be stored in encrypted form and decrypted only by an individual user and an authorized recovery agent. Continue Reading
Digital Signature Standard (DSS)
Digital Signature Standard (DSS) is the digital signature algorithm(DSA) developed by the U.S. National Security Agency (NSA) to generate a digital signature for the authenticationof electronic documents. Continue Reading
data splitting
Data splitting is an approach to protecting sensitive data from unauthorized access by encrypting the data and storing different portions of a file on different servers.Continue Reading
cloaking
Cloaking is the masking of the sender's name and address in an e-mail note or distribution.Continue Reading
data key
In cryptography, a data key is a key (a variable value that is applied to a string or block of text to encrypt or decrypt it) that is used to encrypt or decrypt data only and is not used to encrypt or decrypt other keys, as some encryption formulas ...Continue Reading
anonymous email
Anonymous e-mail is e-mail that has been directed to a recipient through a third-party server that does not identify the originator of the message.Continue Reading
capture
Capture is the process or means of obtaining and storing external data, particularly images or sounds, for use at a later time.Continue Reading
-
Rijndael
Rijndael (pronounced rain-dahl) is the algorithm that has been selected by the U.S. National Institute of Standards and Technology (NIST) as the candidate for the Advanced Encryption Standard (AES).Continue Reading
CISSP certification can serve as introduction to regulatory compliance
The CISSP is widely considered a valuable baseline certification for information security professionals, but its coursework can also be a valuable introduction to the complex world of regulatory compliance. As certification expert Peter H. Gregory ...Continue Reading
Endpoint Security
Read an excerpt from the book, Endpoint Security. In Chapter 3, "Something is Missing," author Mark S. Kadrich reveals a new way of modeling the network.Continue Reading
directory traversal
Directory traversal is a form of HTTP exploit in which a hacker uses the software on a Web server to access data in a directory other than the server's root directory... (Continued)Continue Reading
Cisco Certified Security Professional (CCSP)
A Cisco Certified Security Professional (CCSP) is an IT (Information Technology) professional who has received formal training from Cisco Systems in network-related security hardware, software and management... (Continued)Continue Reading
digest authentication
Digest authentication is a method of authentication in which a request from a potential user is received by a network server and then sent to a domain controller... (Continued)Continue Reading
click fraud (pay-per-click fraud)
Click fraud (sometimes called pay-per-click fraud) is the practice of artificially inflating traffic statistics for online advertisements.Continue Reading
drive-by pharming
Drive-by pharming is a vulnerability exploitation method in which the attacker takes advantage of an inadequately unprotected broadband router to gain access to user data... (Continued)Continue Reading
trusted computing
Trusted computing is a broad term that refers to technologies and proposals for resolving computer security problems through hardware enhancements and associated software modifications... (Continued)Continue Reading
OpenVPN (open source virtual private network)
OpenVPN is an open source virtual private network (VPN) product that offers simplified security, a modular network design and cross-platform portability. OpenVPN is licensed under the GNU General Public License (GPL). Private licenses are available...Continue Reading
Nmap Technical Manual
By now, most infosec pros have heard of Nmap, and most would agree that even though the popular freeware tool is invaluable, installing, configuring and running it in the enterprise is no easy task. With that in mind, SearchSecurity.com, in ...Continue Reading
managed security services (MSS)
Managed security services (MSS) is a systematic approach to managing an organization's security needs.Continue Reading
trusted PC
The trusted PC is an industry ideal of a PC with built-in security mechanisms that place minimal reliance on the user or administrator to keep a PC and its peripheral devices secure.Continue Reading
bastion host
On the Internet, a bastion host is the only host computer that a company allows to be addressed directly from the public network and that is designed to screen the rest of its network from security exposure.Continue Reading
public key
In cryptography, a public key is a value provided by some designated authority as an encryption key that, combined with a private key derived from the public key, can be used to effectively encrypt messages and digital signatures.Continue Reading
LUHN formula (modulus 10)
The LUHN formula, also called modulus 10, is a simple algorithm used to validate the number on a credit card.Continue Reading
spam filter
A spam filter is a program that is used to detect unsolicited and unwanted email and prevent those messages from getting to a user's inbox.Continue Reading
biometric payment
Biometric payment is a point of sale technology in which a customer submits biometric data, such as a fingerprint, to authorize the deduction of funds from a bank account.Continue Reading
Risk management: Implementation of baseline controls
This fourth article in the Insider Threat Management Guide examines the implementation of baseline controls.Continue Reading
Risk management references
References for our Insider Threat Management Guide.Continue Reading
Risk management: Baseline management and control
Identifying baseline controls is the second step to implementing insider threat controls as described in this article from SearchSecurity's Insider Threat Management Guide.Continue Reading
Information Security Governance Guide
This guide provides an introduction to what information security governance and a security program are, and examines how to deploy security policies within any environment.Continue Reading
man in the browser
Man in the browser refers to an emerging tactic used by hackers to commit financial fraud... (Continued)Continue Reading
Total Information Awareness (TIA)
Total Information Awareness (TIA) is the name of a massive U.S. data mining project focused on scanning travel, financial and other data from public and private sources with the goal of detecting and preventing transnational threats to national ...Continue Reading
password synchronization
Password synchronization is an authentication process that coordinates user passwords across various computers and computing devices so a user only has to remember a single password instead of multiple passwords for different machines or devices.Continue Reading
Wired Equivalent Privacy (WEP)
Wired Equivalent Privacy (WEP) is a security protocol, specified in the IEEE Wireless Fidelity (Wi-Fi) standard, 802.11b, that is designed to provide a wireless local area network (WLAN) with a level of security and privacy comparable to what is ...Continue Reading
Crash Course: Spyware
In general, spyware is any technology that aids in gathering information about a person or organization without their knowledge.Continue Reading
An introduction to Active Directory Federation Services
Brien M. Posey discusses key features of Microsofts's Active Directory Federation Services and how it works.Continue Reading
SnortSnarf
SnortSnarf is a program that was designed for use with Snort, a security program used mainly with Linux networks. SnortSnarf converts the data from Snort into Web pages. It was written in Perl by Jim Hoagland of Silicon Defense. Snort is an open ...Continue Reading
ping of death
On the Internet, ping of death is a denial of service (DoS) attack caused by an attacker deliberately sending an IP packet larger than the 65,536 bytes allowed by the IP protocol.Continue Reading
brain fingerprinting
Brain fingerprinting is a controversial technique that is advocated as a way to identify a terrorist or other dangerous person by measuring the "brainprint" of that person when shown a particular body of writing or an image that was previously ...Continue Reading
anonymous Web surfing (Web anonymizer, SafeWeb)
Anonymous Web surfing allows a user to visit Web sites without allowing anyone to gather information about which sites the user visited.Continue Reading
threat modeling
Threat modeling is a procedure for optimizing network security by identifying objectives and vulnerabilities, and then defining countermeasures to prevent, or mitigate the effects of, threats to the system...Continue Reading
ILOVEYOU virus
The ILOVEYOU virus comes in an e-mail note with "I LOVE YOU" in the subject line and contains an attachment that, when opened, results in the message being re-sent to everyone in the recipient's Microsoft Outlook address book and, perhaps more ...Continue Reading
ethical worm
An ethical worm is a program that automates network-based distribution of security patches for known vulnerabilities.Continue Reading
The Business Model
block cipher
A block cipher is a method of encrypting text (to produce ciphertext) in which a cryptographic key and algorithm are applied to a block of data (for example, 64 contiguous bits) at once as a group rather than to one bit at a time.Continue Reading
policy server
A policy server is a security component of a policy-based network that provides authorization services and facilitates tracking and control of files...Continue Reading
Introduction to COBIT for SOX compliance
The Sarbanes-Oxley Act does not detail compliance requirements for IT, so many enterprises and auditors have adopted the standard COBIT, introduced here.Continue Reading
Carnivore
Carnivore was an Internet surveillance system developed for the U.S. Federal Bureau of Investigation (FBI) so that they could monitor the electronic transmissions of criminal suspects. Critics, however, charged that Carnivore did not include ...Continue Reading
VLAN hopping (virtual local area network hopping)
VLAN hopping (virtual local area network hopping) is a method of attacking a network by sending packets to a port at a network end point that is not normally accessible to the sender.Continue Reading
SOX Compliance for the Security Practitioner
This collection of resources offers security managers in-depth information to help keep their organization compliant with the Sarbanes-Oxley (SOX) Act. Learn how security practitioners are handling SOX compliance, financial woes, internal controls, ...Continue Reading
Firewall Builder (Fwbuilder)
Firewall Builder, also called Fwbuilder, is a vendor-neutral configuration and management application for firewalls that is intended primarily for Linux and that supports the OpenBSD Packet Filter, Cisco PIX Series security devices, iptables, and ...Continue Reading
Mytob
Mytob is a worm used by hackers to gather personal and financial information by phishing, a form of e-mail fraud where the perpetrator sends out legitimate-looking messages that appear to come from well-known and trustworthy Web sites. Since Mytob ...Continue Reading
dictionary attack
A dictionary attack is a method of breaking into a password-protected computer or server by systematically entering every word in a dictionary as a password. A dictionary attack can also be used in an attempt to find the key necessary to decrypt an ...Continue Reading
directory harvest attack (DHA)
A directory harvest attack (DHA) is an attempt to determine the valid e-mail addresses associated with an e-mail server so that they can be added to a spam database.Continue Reading
key string
A key string is the authentication code included in each key in a key chain, which is a series of keys that can be created to help ensure secure communication between routers in a network.Continue Reading
key chain
A key chain is a series of keys that can be created to help ensure secure communication between routers in a network. Authentication occurs whenever neighboring routers exchange information. Plain text authentication sends a plain text key with each...Continue Reading
Extensible Authentication Protocol (EAP)
The Extensible Authentication Protocol (EAP) is a protocol for wireless networks that expands on authentication methods used by the Point-to-Point Protocol (PPP), a protocol often used when connecting a computer to the Internet.Continue Reading
electro-optical fingerprint recognition
Electro-optical fingerprint recognition is a biometric technology that provides for the scanning, comparison, and identification of fingerprints without the traditional need for ink and paper.Continue Reading
ridge
In the biometric process of fingerscanning, a ridge is a curved line in a finger image.Continue Reading
minutiae
In the biometric process of fingerscanning, minutiae are specific points in a finger image.Continue Reading
hybrid virus (multi-part or multipartite virus)
A hybrid virus (sometimes called a multi-part or multipartite virus) is one that combines characteristics of more than one type to infect both program files and system sectors.Continue Reading
Web filter
A Web filter is a program that can screen an incoming Web page to determine whether some or all of it should not be displayed to the user.Continue Reading
topsite
A topsite is a stringently protected underground FTP server at the top of the distribution chain for pirated content, such as movies, music, games, and software.Continue Reading
chaffing and winnowing
Chaffing and winnowing are dual components of a privacy-enhancement scheme that does not require encryption.Continue Reading
goat
In biometric verification, a goat is a system end-user who is refused access to the system because their biometric data pattern is outside the range recognized by the system.Continue Reading
PUP (potentially unwanted program)
A PUP (potentially unwanted program) is a program that may be unwanted, despite the possibility that users consented to download it.Continue Reading
crimeware
Crimeware is programming that is designed to facilitate illegal online activity. The use of crimeware is primarily financially motivated.Continue Reading
Register of Known Spam Operations (ROKSO)
The Register of Known Spam Operations (ROKSO) is a list of over 500 professional spammers that is maintained by the Spamhaus Project, an organization dedicated to identifying and exposing spam operators.Continue Reading
shoulder surfing
Shoulder surfing is using direct observation techniques, such as looking over someone's shoulder, to get information.Continue Reading
dumpster diving
Dumpster diving is looking for treasure in someone else's trash.Continue Reading
DSO exploit (data source object exploit)
A data source object (DSO) exploit is a form of spyware that takes advantage of data binding to gain access to the hard drive of a computer connected to the Internet.Continue Reading
stealth virus
In computer security, a stealth virus is a computer virus that uses various mechanisms to avoid detection by antivirus software.Continue Reading
Elk Cloner
Elk Cloner was the first computer virus known to have spread in the wild.Continue Reading
cocooning
Cocooning is the act of insulating or hiding oneself from the normal social environment, which may be perceived as distracting, unfriendly, dangerous, or otherwise unwelcome, at least for the present.Continue Reading
Quiz: Who Done IT? A Murder Mystery
How to take the quiz: - After reading the question, click on the answer that you think is correctContinue Reading
P versus NP (polynomial versus nondeterministic polynomial)
P versus NP (polynomial versus nondeterministic polynomial) refers to a theoretical question presented in 1971 by Leonid Levin and Stephen Cook, concerning mathematical problems that are easy to solve (P type) as opposed to problems that are ...Continue Reading
blended threat
A blended threat is an exploit that combines elements of multiple types of malware and perhaps takes multiple attack vectors to increase the severity of damage and the speed of contagion. Continue Reading
Chameleon Card
The Chameleon Card is a programmable card in development at Chameleon Network that can represent each of the owner's credit, debit, and customer cards as required, making it unnecessary to carry all of the aforementioned.Continue Reading
false acceptance (type II error)
False acceptance, also called a type II error, is a mistake occasionally made by biometric security systems.Continue Reading
fingerscanning (fingerprint scanning)
Fingerscanning, also called fingerprint scanning, is the process of electronically obtaining and storing human fingerprints.Continue Reading
false rejection (type I error)
False rejection, also called a type I error, is a mistake occasionally made by biometric security systems.Continue Reading
Antigen
Sybari's Antigen is antivirus software for Lotus Domino and Microsoft Exchange.Continue Reading
security token (authentication token)
A security token (sometimes called an authentication token) is a small hardware device that the owner carries to authorize access to a network service.Continue Reading
pseudonymous profile
A pseudonymous profile is a collection of information about a particular computer user that identifies the user either by their computer's IP address or by a randomly-generated nickname.Continue Reading
trusted computing base (TCB)
The trusted computing base (TCB) is everything in a computing system that provides a secure environment.Continue Reading
Klez
Klez (pronounced KLEHZ) is an Internet worm that launches automatically when a user previews or reads an e-mail message containing Klez on a system that has not been patched for a vulnerability in Microsoft Internet Explorer mail clients.Continue Reading
deniable encryption
Deniable encryption is a type of cryptography that allows an encrypted text to be decrypted in two or more ways, depending on which decryption key is used.Continue Reading
Nimda
First appearing on September 18, 2001, Nimda is a computer virus that caused traffic slowdowns as it rippled across the Internet, spreading through four different methods, infecting computers containing Microsoft's Web server, Internet Information ...Continue Reading
elliptical curve cryptography (ECC)
Elliptical curve cryptography (ECC) is a public key encryption technique based on elliptic curve theory that can be used to create faster, smaller, and more efficient cryptographic keys.Continue Reading
network forensics
Network forensics is the capture, recording, and analysis of network events in order to discover the source of security attacks or other problem incidents.Continue Reading
Palladium
Palladium is a plan from Intel, AMD, and Microsoft to build security into personal computers and servers at the microprocessor level.Continue Reading
CRAM (challenge-response authentication mechanism)
CRAM (challenge-response authentication mechanism) is the two-level scheme for authenticating network users that is used as part of the Web's Hypertext Transfer Protocol (HTTP).Continue Reading
Information Awareness Office (IAO)
Created in response to the terrorist attack of September 11, 2001, the Information Awareness Office (IAO) is a branch of the United States Defense Advanced Research Agency (DARPA) that aims to gather massive amounts of intelligence through ...Continue Reading
cryptographic checksum
A cryptographic checksum is a mathematical value (called a checksum) that is assigned to a file and used to "test" the file at a later date to verify that the data contained in the file has not been maliciously changed.Continue Reading
lawful interception (LI)
Lawful interception (LI) is the legally sanctioned official access to private communications, such as telephone calls or e-mail messages.Continue Reading
information signature
To fight terrorism, the Information Awareness Office (IAO) of the U.S. Defense Advanced Research Projects Agency (DARPA) is planning to develop a system that uses a super database of recorded online transactions and analytical programming that will ...Continue Reading
whack-a-mole
Whack-a-mole is the pursuit of a particular person known to have sent spam.Continue Reading
MICR (magnetic ink character recognition)
MICR (magnetic ink character recognition) is a technology used to verify the legitimacy or originality of paper documents, especially checks.Continue Reading