Manage

Cloud Data Storage Encryption and Data Protection Best Practices

• Web 2.0 application development techniques introduce new information security risks

  Ajax, Java and other dynamic application coding methods have pulled computing power over to the client, introducing new risks and resurrecting old ones. Continue Reading

• How to test an e-commerce Web site's security and privacy defenses

  Assessing the security of e-commerce sites means checking up on their associated servers, databases and applications. In this expert response, Michael Cobb explains where to start. Continue Reading

• What is an ideal patch management process for small businesses?

  Patch management and testing can be a time-consuming and resource-hungry task. In this expert response, Michael Cobb demonstrates how to streamline the process. Continue Reading

• Can Snort stop application-layer attacks?

  Even though Snort can add an important layer of defense for applications, it won't fix the underlying problem of poorly written ones. Michael Cobb reveals a more efficient technique for patching up XSS and SQL injection vulnerabilities. Continue Reading

• Preparing for uniform resource identifier (URI) exploits

  URIs have always been a user-friendly way to recognize and access Web resources. By crafting malicious URLs and manipulating protocol handlers, however, attackers have devised new attacks that take advantage of the URI's locator functionality. Web ... Continue Reading

• Guardium SQL Guard 6.0 product review

  Guardium SQL Guard 6.0 is evaluated on its ability to monitor access to SQL databases. SQL Guard ensures a system of checks and balances between the security and database engineering teams.Continue Reading

• Proofpoint On Demand Product Review

  In this product review, learn about Proofpoint On Demand antivirus and antispam features.Continue Reading

• What are the best laptop data encryption options?

  When it comes to protecting laptops and hard drives, there are plenty of choices. In this expert Q&A, Michael Cobb lays out some data protection options. And they're not just software-based, either.Continue Reading

• How to keep personally identifiable information out of access logs

  Are there products available that can hide the internal IP addresses recorded in log files? Maybe not, but in this expert Q&A, Michael Cobb reveals which tools can prevent the transfer of personally identifiable information to third parties.Continue Reading

• Can the symmetric encryption algorithm for S/MIME messages be changed?

  Encryption algorithm requirements ensure a base level of interoperability among all S/MIME implementations. Email clients, however, can add additional algorithms, provided they correctly identify which algorithms a particular message uses. Expert ...Continue Reading

• PCI DSS Requirement 1: Install and maintain a firewall configuration

  Simply installing a firewall on the network perimeter won't necessarily get you past PCI DSS Requirement 1. In this guide, Craig Norris explains the extra work that needs to be done.Continue Reading

• How to avoid dangling pointers: Tiny programming errors leave serious security vulnerabilities

  For years, many have said that there is no practical way to exploit a dangling pointer, a common application programming error. But these software bugs should no longer be thought of as simple quality-assurance problems. Michael Cobb explains how ...Continue Reading

• Rootkit detection and removal know-how

  Get advice on how to detect malware and rootkits and the best ways to achieve rootkit removal and prevent hacker attacks.Continue Reading

• Viewpoint: Correlate SIMs and log management

  Continue Reading

• Logical, physical security integration challenges

  Integrating physical and IT security can reap considerable benefits for an organization, including enhanced efficiency and compliance plus improved security. But convergence isn't easy. Challenges include bringing the physical and IT security teams ...Continue Reading

• What CISOs need to know about computer forensics

  With computer forensics needed for civil litigation, human resources investigations and criminal cases, organizations need to ensure they're prepared and evidence is preserved. This feature details steps involved in computer forensics, common ...Continue Reading

• Enterprise risk management frameworks: Controls for people, processes, technology

  Once responsibilities and requirements are defined, the next stage in developing a successful risk management framework involves developing controls. As Khalid Kark explains, that includes developing a culture of security, using technology in the ...Continue Reading

• How does SSL 'sit' between the network layer and application layer?

  SSL is neither a network layer protocol nor an application layer protocol. In this SearchSecurity.com Q&A, Michael Cobb explains how SSL "sits" between both layers.Continue Reading

• How secure is the Windows registry?

  In this SearchSecurity.com Q&A, platform security expert Michael Cobb explains the weaknesses of the Windows registry and explores other OS alternatives.Continue Reading

• Will log-in form data posted to an SSL page always be encrypted?

  If a Web page login form is not SSL-protected, but the login data is posted to an SSL page, is the information encrypted and safe? Not at all, says Michael Cobb in this SearchSecurity.com Q&A.Continue Reading

• Should third-party software tools be used to customize applications?

  Many features and functions required for today's network-ready applications can be purchased at a fraction of the cost that it would take to build them independently. But are they safe enough? Application security expert Michael Cobb explains.Continue Reading

• What are the pros and cons of outsourcing email security services?

  In this SearchSecurity.com Q&A, application security expert Michael Cobb explains whether it's right for your organization to hand off email security services to another provider.Continue Reading

• How to select a penetration tester

  Penetration testing tools can simulate attacks and help organizations get an idea of their security vulnerabilities. In this SearchSecurity.com Q&A, platform security expert Michael Cobb explains what you should be getting out of your penetration ...Continue Reading

• Editor's Desk: Freeing Julie Amero

  Justice ServedContinue Reading

• Protecting Your Brand

  Customer confidence is at risk when a breach occurs.Continue Reading

• M&A: Merging network security policies

  Company mergers often call for the consolidation of two different network policies. But before making any final decisions on technology, the staff members of both organizations need to be on the same page. In this tip, contributor Mike Chapple ...Continue Reading

• Screencast: How to configure a UTM device

  Unified threat management technologies provide protection against various network attacks, but properly configuring UTM boxes can be a whole other battle. In this exclusive screencast, expert David Strom gives an easy-to-follow, on-screen ...Continue Reading

• Best practices for compliance during a merger

  Company mergers involve more than just aligning two different security infrastructures. When one vendor acquires another, it's the handling of compliance issues that can be an IT security staff's toughest task. In this tip, security expert Joel ...Continue Reading

• Product review: RedSeal Systems' RedSeal Security Risk Manager

  Red Seal Security Risk Manager allows security administrators to model and manage threats to corporate assets and networks. This product review looks at how the risk management tool rates in effectiveness, ease of setup, reporting and overall ...Continue Reading

• Product review: Unified threat management (UTM) devices

  Unified threat management devices consolidate several network security functions into one product. This article evalutes six UTM appliances; each had to act as a firewall and virtual private network and provide antivirus, Web content filtering, ...Continue Reading

• What are the drawbacks to application firewalls?

  Application-layer firewalls examine ingoing and outgoing traffic more carefully than traditional packet-filtering firewalls, so why are some holding back on deployment? In this SearchSecurity.com Q&A, Michael Cobb reveals some cost and performance ...Continue Reading

• What should be done with a RAID-5 array's failed drives?

  Even one failed drive in a RAID-5 array can present an enterprise with serious data protection concerns. In this SearchSecurity.com Q&A, expert Michael Cobb explains which policies can protect and recover RAID-5 data.Continue Reading

• How secure are document scanners and other 'scan to email' appliances?

  Copiers and document scanners have always posed challenges for information security teams. In this SearchSecurity.com Q&A, Michael Cobb reveals how the right policies can control the use (and abuse) of these devices.Continue Reading

• integrated threat management

  Integrated threat management is a comprehensive approach to network security that addresses multiple types of malware, as well as blended threats and spam, and protects from intrusion at both the gateway and the endpoint levels... (Continued)Continue Reading

• How can header information track down an email spoofer?

  Spammers can use spoofed headers to hide the true origin of unwanted email. In this SearchSecurity.com Q&A, application security expert Michael Cobb explains how to trust where a message is coming from.Continue Reading

• Bit9 Parity product review for endpoint security

  Product review of Bit9's Parity 3.5, a PC security tool designed to give enterprises control over what users can do on company computers and prevent executables in malware from running on desktops. Automatically installs SQL Server 2005 and Apache ...Continue Reading

• Intellectual property protection do's and don'ts

  Theft of intellectual property is a growing problem but many companies are not prepared to deal with this security threat. Learn about the risk involved with trade secrets, why companies are failing to protect intellectual property and tips for data...Continue Reading

• Are you putting information at risk by using contractors?

  Contractors can become the source of a security breach. This feature looks at the risk management steps, including access control and policies, that organizations should take when hiring contractors. A sidebar examines how a health care company uses...Continue Reading

• Role-based access controls

  Identity management is a critical security challenge, but without viable standards for access control, your best efforts may be just a drop in the bucket.Continue Reading

• Can keyloggers monitor mouse clicks and keyboard entries?

  Keyloggers may be a security manager's best friend, especially if he or she wants to monitor an employee's keyboard entries. Keyloggers can't do it all, though, says application expert Michael Cobb.Continue Reading

• Can ADFS technology manage multiple-user authentication?

  In this SearchSecurity.com Q&A, Joel Dubin, expert in identity management and access control, addresses multiple aspects of ADFS systems, including the technology's ability to authenticate multiple users to a Web application.Continue Reading

• How to ensure that an SSL connection protects sensitive Web data

  In this expert Q&A, application security pro Michael Cobb explains how to secure sensitive Web site data that is sent across the Internet.Continue Reading

• Are USB storage devices a serious enterprise risk?

  USB drives are common gifts at conferences and trade shows, but how much of a danger are they to your enterprise's network security? In this expert Q&A, Michael Cobb explains the risks of these storage devices and how to control their use.Continue Reading

• Defending layer 7: A look inside application-layer firewalls

  Run-of-the-mill network firewalls can't properly defend applications. As Michael Cobb explains, application-layer firewalls offer Layer 7 security on a more granular level, and may even help organizations to get more out of existing network devices.Continue Reading

• Dynamic code obfuscation: New threat requires innovative defenses

  Dynamic code obfuscation used to be a taxing effort, but now even the most junior-level malicious hackers have learned how to effectively hide their code. In this tip, Michael Cobb examines how dynamic code obfuscation works, why it's on the rise ...Continue Reading

• Product review: e-DMZ Security's eGuardPost

  This product review examines e-DMZ eGuardPost's capabilities that allow security managers to apply granular access controls to remote connections. The appliance also comes bundled with Security's Password Auto Repository (PAR), e-DMZ's flagship ...Continue Reading

• DigitalPersona Workstation Pro and Server for Biometric Authentication

  This review evaluates DigitalPersona Pro, a single sign-on (SSO) software suite that allows an enterprise to replace passwords with biometric fingerprint readers or provide dual-factor authentication.Continue Reading

• Enterprise UTM products differ from all-in-one SMB appliances

  UTM appliance struggle to find their niche in the enterprise as large companies prefer best-in-breed security products.Continue Reading

• Windows Vista: Security issues to consider

  Windows Vista is now in the wild. With its myriad new security features, are enterprises foolish not to adopt right away? In this tip, contributor Michael Cobb examines the security-related pros and cons of Microsoft's latest operating system and ...Continue Reading

• What causes buffer overflows and memory leaks in a Web application?

  Buffer overflows and memory leaks can cause serious harm to Web applications. In this SearchSecurity.com Q&A, application security expert Michael Cobb reveals how both can lead to security breaches and system compromises.Continue Reading

• Should full disk encryption be used to prevent data loss?

  According to a Ponemon Institute survey done in August 2006, eighty-one percent of companies reported the loss of one or more laptops during a 12 month period. In this SearchSecurity.com Q&A, platform security Michael Cobb explains whether that ...Continue Reading

• How should security and networking groups manage the firewall?

  When it comes to firewalls, the networking group often handles the installation, while the information security department writes the rules. Should these responsibilities be split? In this expert Q&A, security management pro Shon Harris reveals how ...Continue Reading

• Cyber-Ark Enterprise Password Vault 4.0 product review

  Product review of Cyber-Ark Enterprise Password Vault, a password management and security tool that manages passwords and controls privileged accounts.Continue Reading

• Information security blueprint for architecture and systems

  A formalized security architecture diagrams how you should handle the changing threat and regulatory environments.Continue Reading

• Using IAM, password and provisioning management tools for compliance

  Provisioning and password management tools can ease complexity, reduce help desk calls and save money. But they also have an added benefit: they can help with your compliance woes.Continue Reading

• Using role management in provisioning and compliance

  Role management provides the necessary framework for enterprises to efficiently govern access to sensitive data based on workers' jobs. However, many organizations fail to rescind unnecessary access privileges when employees change roles. In this ...Continue Reading

• Is Sender ID an effective email authentication tool?

  Sender ID, used by five million domains, can significantly counter spammers and phishers, but is it the best antispam technology? In this expert Q&A, Michael Cobb reveals the pros and cons of the email authentication framework.Continue Reading

• Do XPath injection attacks require the same response as SQL injections?

  XPath injection attacks are slightly different (and more dangerous) than SQL injections. In this SearchSecurity.com Q&A, application expert Michael Cobb reveals the preventative steps that can protect your systems from either type of assault.Continue Reading

• What are application logic attacks?

  In 2005, application logic flaws allowed alert, Web-savvy gamblers the chance to win a lot of money. In this SearchSecurity.com tip, application security expert Michael Cobb examines these types of vulnerabilities and how they can lead to ...Continue Reading

• Will two different operating systems cause administrative problems?

  Using two different operating systems can often boost a company's security, but there are practical limitations to the enterprise practice. In this expert Q&A, Michael Cobb reveals how separate platforms can lead to deployment issues and higher ...Continue Reading

• How can rootkit hypervisors affect operating system security?

  What can rookit hypervisors do to your operating system? "Whatever their creators want!" says application security expert Michael Cobb. In this SearchSecurity.com Q&A, Cobb explains how rootkit hypervisors could defeat the security defenses of a ...Continue Reading

• Virtual Threats

  Virtual machines save you money in the data center, but can you ignore their security implications any longer?Continue Reading

• Core Security Technologies Core Impact 6.0 security tool review

  In this product review, learn how Core Security Core Impact 6.0 tool can assist in ethical hacking a penetration testing, and get info on setup, reporting and management.Continue Reading

• How to setup and configure syslog to view and filter data

  Your network devices are trying to tell you that you're under atta ck. Syslog helps you sort through the data overload and get the message.Continue Reading

• Using steganography for securing data, not concealing it

  Steganography is a useful technique for securely storing sensitive data, but the difficulty in detecting its usage can create an opportunity for digital miscreants. Michael Cobb explains how to ensure the practice isn't used maliciously.Continue Reading

• Who should manage the firewall?

  Maintaining a firewall is not an easy task, especially when business rules narrowly define which tasks should be performed by network administrators and which should be handled by information security practitioners. To make life easier, some ...Continue Reading

• Access control management strategy essentials

  In our expert Q&A, Joel Dubin reviews essential components of an access management strategy and reveals how to deliver the plan to executives.Continue Reading

• How do local identity, SSO and federated identity management models differ?

  In many organizations, users have several applications that they need to log on to, each requiring distinct user IDs and passwords. In our expert Q&A, Joel Dubin explains how federated identity management and single sign-on can provide convenient ...Continue Reading

• When choosing a digital certificate, how important is the expiration period?

  In this expert Q&A, application security pro Michael Cobb helps you plan your digital certificate policy. Cobb emphasizes the importance of keeping your Web server certificates up-to-date.Continue Reading

• Intrusion Detection: Lancope StealthWatch 5.5

  Lancope's Lancope StealthWatch 5.5Continue Reading

• For asset management systems, is there a tool more comprehensive than Nmap?

  If you're looking for a network discovery tool, consider Nmap. There are other options for your asset management system, however, and Michael Cobb reviews them in this expert Q&A.Continue Reading

• Which Internet protocol is more secure: FTPS or SCP?

  In this expert Q&A, Michael Cobb reviews the strengths and weaknesses of various Internet protocols. Learn the pros and cons of FTPS, SCP and SFTP.Continue Reading

• How simple steps ensure database security

  An enterprise database stores an organization's most valuable assets, and just one small mistake can lead to a data security disaster. In this tip, Michael Cobb looks at five common database vulnerabilities and the simple steps that can eradicate ...Continue Reading

• Intrusion Detection: Arbor Networks' Peakflow X 3.6

  Arbor Networks' Peakflow X 3.6Continue Reading

• Optical network security: Inside a fiber-optic hack

  Fiber-optic networks aren't hack-proof: A savvy attacker can crack them with ease.Continue Reading

• What tools are available to verify a patch's validity?

  Ever wonder about the source and integrity of a downloaded patch? In our expert Q&A, platform security expert, Michael Cobb, tells users about various management programs that can verify your patches.Continue Reading

• How to secure an e-commerce Web site

  If you need to secure an e-commerce Web site, application security expert, Michael Cobb, has a place to start. In this expert Q&A, Cobb recommends the equipment that will secure your online business.Continue Reading

• If email attachments are sent via SSL will they be encrypted?

  This application security Ask the Expert Q&A explains what happens to traffic that travels over an SSL connection and details how to keep email messages and attachments secure as they travel to and from email clients and SMTP servers.Continue Reading

• Security Blog Log: Taking Google Code Search for a spin

  This week, the blogosphere is buzzing about Google Code Search. Despite concerns that the tool will aid attackers, some see it as a boost for security.Continue Reading

• What is the average cost of an MSSP?

  Looking to find the startup and maintenance costs of an MSSP? In this Ask the Expert Q&A, application security expert, Michael Cobb outlines the key issues for businesses to consider when examining managed security arrangements.Continue Reading

• managed security services (MSS)

  Managed security services (MSS) is a systematic approach to managing an organization's security needs.Continue Reading

• Nmap and the open source debate

  Upper management may be hesitant to approve the use of an open source tool, but Nmap has many benefits. This tip offers selling points to present to upper management when proposing the use of Nmap.Continue Reading

• What components should an application security management system (ASMS) have?

  Is there one product that will solve all of your ASMS needs? Maybe not, but Identity Management and Access Control expert Joel Dubin reviews the three components that should be included in any application security management system, in this Ask the...Continue Reading

• Authentication: MXI Security's Stealth MXP

  MXI Security's Stealth MXPContinue Reading

• Nmap parsers and interfaces

  SearchSecurity expert contributor Michael Cobb continues his series on Nmap with a detailed look at Nmap parsers and interfaces.Continue Reading

• Can email header information be used to track down spoofers?

  Expert Mike Cobb explains how to use your received headers to trace unwanted emails.Continue Reading

• How to selectively block instant messages

  Monitoring instant messaging traffic isn't easy, especially when constantly evolving IM applications are designed to exploit firewall vulnerabilities. SearchSecurity.com's application security expert Michael Cobb reviews the best methods for taking ...Continue Reading

• The strengths and weaknesses of PKI and PGP systems

  PKI and OpenPGP can enhance the security of your data, but these services differ in how they manage digital certificates. SearchSecurity.com expert Michael Cobb explains the distinct strengths and weaknesses of each program.Continue Reading

• One-time password tokens: Best practices for two-factor authentication

  In this tip, Joel Dubin examines how to physically secure one-time password tokens and how to properly implement them to provide effective two-factor authentication.Continue Reading

• Ajax security: How to prevent exploits in five steps

  While Ajax can make your Web pages feel faster and more responsive, this Internet-based service, like many Web development tools, has its security concerns. In this tip, SearchSecurity.com expert Michael Cobb examines how Ajax works, how hackers can...Continue Reading

• Interpreting and acting on Nmap scan results

  As we continue our series on Nmap in the enterprise, SearchSecurity expert contributor Michael Cobb explains how to run some of the more regular Nmap scans.Continue Reading

• Data Encryption and IDS / IPS: Getting a better view of network activity

  Encryption can to help secure data and meet HIPPA requirements, but the technology blocks sight of network activity by blinding IDSes and IPSes. Learn how to have an effective encryption and IDS/IPSe solution simultaneously.Continue Reading

• Risk management: Implementation of baseline controls

  This fourth article in the Insider Threat Management Guide examines the implementation of baseline controls.Continue Reading

• Risk management references

  References for our Insider Threat Management Guide.Continue Reading

• Risk management: Baseline management and control

  Identifying baseline controls is the second step to implementing insider threat controls as described in this article from SearchSecurity's Insider Threat Management Guide.Continue Reading

• Identity and access management final exam

  Find out how much you learned in Identity and Access Management Security School and the areas where you need to focus more attention.Continue Reading

• Techniques for improving Nmap port scan times

  As we continue our series on using Nmap in the enterprise, SearchSecurity expert Michael Cobb provides commands that will help you adjust your Nmap scan times appropriately -- whether you want Nmap to run slow and quietly, fast and furious, or ...Continue Reading

• The pros and cons of data wiping

  Weigh the pros and cons of software disk-wiping and determine if it can protect against data compromise in this Platform Security Ask the Expert Q&AContinue Reading

• How to create an optional login for the same application

  In this SearchSecurity.com Q&A, application security expert Michael Cobb explains how to create optional logins for your applications.Continue Reading

• Secure Reads: Steganography and the art of covert communication

  Read a quick review of the book, Hiding in Plain Sight: Steganography and the Art of Covert Communication.Continue Reading