Get started

Productivity apps and messaging security

• The best email security comes through strategy and tactics

  The best email security policy requires a holistic approach of the issue, understanding both the problem's scope and the most likely threats. Continue Reading

• How to craft an application security strategy that's airtight

  A solid application security strategy today must include varieties like cloud apps and mobile. Learn how to set application security policies and practices that keep hackers out. Continue Reading

• application whitelisting

  Application whitelisting is the practice of identifying applications that have been deemed safe for execution and restricting all other applications from running. Continue Reading

• two-factor authentication (2FA)

  Two-factor authentication (2FA), often referred to as two-step verification, is a security process in which the user provides two authentication factors to verify they are who they say they are. Continue Reading

• Building an application security program: Why education is key

  Education and training are crucial parts of a strong application security program. Sean Martin explains how enterprises should build these elements into their programs. Continue Reading

• Definitions to Get Started

  • application whitelisting
  • two-factor authentication (2FA)
  • zero-day exploit

  • sheepdip (sheep dipping or a footbath)
  • sandbox

  View All Definitions

• Lenovo SHAREit: How does its hardcoded password vulnerability work?

  The Lenovo SHAREit file-sharing app has a hardcoded password vulnerability, among other issues. Expert Michael Cobb explains these flaws and how to prevent exploits on them.Continue Reading

• CISSP online training: Software Development Security domain

  Spotlight article: Shon Harris explains the core concepts in the CISSP domain on software development security, including models, methods, database systems and security threats.Continue Reading

• ERP security: How to defend against SAP vulnerabilities

  A recent study revealed more than 95% of SAP systems were exposed to potentially disastrous vulnerabilities. Expert Nick Lewis explains how to mitigate these SAP vulnerabilities and maintain ERP security.Continue Reading

• PHP security tips to ensure enterprise Web safety

  Research shows more than three-quarters of PHP installations run with at least one vulnerability. Learn the steps for ensuring PHP security in the enterprise workplace.Continue Reading

• Whitelisting: Filtering for advanced malware prevention

  Though it's been maligned in the past, whitelisting can be an effective tactic for filtering advanced malware attacks against enterprise endpoints.Continue Reading

• Ranum Q&A with Aaron Turner: Whitelisting is on enterprise blacklist

  An early proponent of Microsoft SRP, Aaron Turner says application whitelisting has finally taken hold in consumer app stores.Continue Reading

• Security policy for PDF use: How to secure PDF files for the enterprise

  PDF files are an integral part of many enterprises' business processes, and, as such, they are a prime target for malicious activity. In this learning guide, learn how to secure your organization's PDFs, prevent attacks against them and decide when ...Continue Reading

• zero-day exploit

  A zero-day exploit is one that takes advantage of a security vulnerability on the same day that the vulnerability becomes generally known...(Continued)Continue Reading

• sheepdip (sheep dipping or a footbath)

  In computers, a sheepdip (or, variously, sheep dipping or a footbath) is the checking of media, usually diskettes or CD-ROMs, for viruses before they are used in a computer or network.Continue Reading

• The Art of Software Security Testing

  Read an excerpt from the book, The Art of Software Security Testing: Identifying Software Security Flaws. In Chapter 11, "Local Fault Injection," the authors explain the proper methods for examining file formats.Continue Reading