News
News
- November 15, 2004
15 Nov'04
Open-source IPS testing tool released
Free tool can gauge effectiveness, performance of IPS devices.
- October 06, 2004
06 Oct'04
302 and 404: Key SOX requirements for security managers.
SOX is mandatory for most public corporations and focuses on regulating corporate behavior to protect financial audit records. Read about the three main areas of SOX that affect IT: Sections 302, 404 and 802.
- October 06, 2004
06 Oct'04
'Typical' SOX violations
Sarbanes-Oxley contains many features, but there are two that stand out from an IT security perspective.
-
- October 06, 2004
06 Oct'04
Spyware vs. spyware: Employer and employee monitoring
What rights and responsibilities do employers and employees have when monitoring others' use of company systems?
- August 18, 2004
18 Aug'04
Graphical passwords still far from picture perfect
The proliferation of data and devices is making more enterprises consider graphics-based authentication, from which arises a greater pool of possibilities -- and problems.
-
Sponsored News
-
It’s Time to Modernize Your SOC
Sponsored by Microsoft - With the shift to remote work caused by COVID-19, Security Operations Centers (SOCs) are under more pressure than ever, particularly with many SOC workers also working from home. Today’s reality is that SOCs have to embrace a new way of working in order to keep their analysts and admins effective and to ensure that morale doesn’t collapse under the weight of too much work and pressure. See More
-
6 Factors to Consider in Building Resilience Now
Sponsored by Microsoft - COVID-19 has been, and continues to be, a stark reminder of the importance of business resilience. Organizations of all types and sizes have had to adjust to rapidly changing and unpredictable circumstances: A shift to remote work, supply chain disruptions, new digitally driven business models and an environment where uncertainty is the rule, not the exception. See More
-
Why Zero Trust, Why Now
Sponsored by Microsoft - The concept of a Zero Trust cybersecurity architecture has been around for more than a decade, but adoption didn’t really begin to take hold until the past couple of years. As with many technology innovations, it hasn’t always been clear just what Zero Trust is all about and, more important, how to implement it easily and cost effectively. See More
-
5 Best Practices To Secure Remote Workers
Sponsored by Microsoft - The impact of COVID-19 has changed the dynamics and landscape of remote work for at least the foreseeable future and, probably, forever. All of a sudden, organizations across all industries had to scale remote workers at unprecedented intensity and speed. See More
-
- June 17, 2004
17 Jun'04
Application security: How much does software really cost?
When purchasing software, asking tough questions and other steps can help you to determine application security -- a major component of the total cost of ownership.
- June 01, 2004
01 Jun'04
Firewall and system logs: Using log file analysis for defense
Log analysis is the most under-appreciated, unsexy aspect of infosecurity, yet Marcus Ranum says it's one of the most important.
- May 27, 2004
27 May'04
Case study: L.A. health alerts don't miss a beat
Los Angeles County Department of Health Services bioterrorism IT coordinator David Cardenas fields and distributes about a dozen serious health alerts to physicians, hospitals and response agencies and must ensure the flow of such sensitive ...
- April 01, 2004
01 Apr'04
Using tax depreciation to increase security budgets
The depreciation of capital assets, such as security hardware and software, is a tax benefit that every infosec manager should take into consideration.
- April 01, 2004
01 Apr'04
Cyberwar myths: Are cyberwarfare and cyberterrorism overblown?
Marcus Ranum explains why the whole notion of cyberwarfare is a scam.
-
- April 01, 2004
01 Apr'04
Database security tools for preventing SQL injection attacks
An emerging breed of database security tools is helping security teams spot attackers' favorite techniques, like SQL injection.
- March 04, 2004
04 Mar'04
Dangers of .zip files
Reader inquiries about security issues surrounding .zip files prompted a Q&A with Wild List moderator Bruce Hughes, who cites more than 40 worms since 1999 that have taken advantage of the compressed file format to spread.
- March 01, 2004
01 Mar'04
Firewall comparison: Packet-filtering firewalls versus proxy firewalls
Stateful packet-filtering firewalls account for more than 90% of the market, but the proxy firewall folks haven't rolled up their tents yet. In this firewall comparision you will discover which is better for your enterprise?
- January 05, 2004
05 Jan'04
Face-off: Hiring a hacker
SearchSecurity.com editors Crystal Ferraro and Mia Shopis take up the debate of whether enterprises should hire reformed hackers.
- October 14, 2003
14 Oct'03
Logical integration: Physical and IT security
In this interview, the security officer for Terminal 4 at JFK International Airport talks about the integration of logical and physical security, and the role biometrics can play.
- August 19, 2003
19 Aug'03
Benevolent Nachi worm doing more harm than good
The Nachi worm, which tries to delete the Lovsan worm and patch infected systems, is clogging internal networks with trash traffic.
- August 03, 2003
03 Aug'03
Examining device-based authentication
Combining device-based authentication technology with existing user-based authentication would be appealing for many organizations, but technical details remain unclear.
- June 02, 2003
02 Jun'03
How to learn IT security in your spare time
When considering how to learn IT security, never underestimate the power of a few minutes of downtime.
- April 01, 2003
01 Apr'03
Network packet analyzers enable enterprise 'packet peeking'
Marcus Ranum explains how network packet analyzers offer a worm's-eye view of what's traversing an enterprise network.
- January 22, 2003
22 Jan'03
Remote Access Trojans warrant attention
Smell a RAT? Some security experts predict you will at some point during 2003. Remote access Trojans often leave backdoors wide open for attackers to prowl through your company's networks or systems.
- December 20, 2002
20 Dec'02
The virus name game
If you're a virus writer, don't expect to have your nefarious work named after your favorite dog, diet drink or exotic dancer. Antivirus researchers have first dibs on virus names.
- November 27, 2002
27 Nov'02
4- Virus Management
Top issues
- October 24, 2002
24 Oct'02
Debugging IPsec VPNs: Questions and answers
SearchSecurity recently invited networking expert Lisa Phifer to speak about troubleshooting IPSec VPNs. We ran out of time during the Webcast for her to answer several questions from the audience, but, she answers those questions here. Phifer is ...
- October 03, 2002
03 Oct'02
SANS, FBI identify top 20 Windows, Unix vulnerabilities
SANS, FBI identify top 20 Windows, Unix vulnerabilities
- September 13, 2002
13 Sep'02
Tutorial test answers: Intrusion detection basics
Here are the answers to the intrusion detection basics test based on the tutorial Webcast.
- July 23, 2002
23 Jul'02
PHP flaw could crash, burn Web servers
PHP flaw could crash, burn Web servers
- July 23, 2002
23 Jul'02
Quick Takes: Major vendors throw support at SAML
Quick Takes: Major vendors throw support at SAML
- March 29, 2002
29 Mar'02
Crypto for VPNs: Questions and answers
SearchSecurity recently invited networking expert Lisa Phifer to speak about understanding IPSec VPN crypto. We ran out of time during the Webcast for her to answer several questions from the audience, but, she answers those questions here. If you ...
- March 18, 2002
18 Mar'02
Authentication questions and answers
SearchSecurity invited author and security expert Dr. Richard Smith to speak about authentication and his recently published book on the subject last month. We ran out of time during the Webcast for him to answer several questions from the audience,...
- December 13, 2000
13 Dec'00
Political hacking: Crime or activism?