• January 31, 2005 31 Jan'05

    You can prevent buffer-overflow attacks

    Home-grown apps are susceptible to buffer overflows as are Windows and Linux apps; the conclusion of this two-part series will detail how to protect applications from attack.

  • January 27, 2005 27 Jan'05

    DoD security clearance: What defense employers are looking for

    Who has the best shot at high-paying jobs requiring security clearances?

  • December 20, 2004 20 Dec'04

    "Ten Commandments" of computer ethics

    Guidelines for good online behavior.

  • November 15, 2004 15 Nov'04

    Open-source IPS testing tool released

    Free tool can gauge effectiveness, performance of IPS devices.

  • October 06, 2004 06 Oct'04

    302 and 404: Key SOX requirements for security managers.

    SOX is mandatory for most public corporations and focuses on regulating corporate behavior to protect financial audit records. Read about the three main areas of SOX that affect IT: Sections 302, 404 and 802.

  • Sponsored News

    • It’s Time to Modernize Your SOC

      With the shift to remote work caused by COVID-19, Security Operations Centers (SOCs) are under more pressure than ever, particularly with many SOC workers also working from home. Today’s reality is that SOCs have to embrace a new way of working in order to keep their analysts and admins effective and to ensure that morale doesn’t collapse under the weight of too much work and pressure. See More

    • 6 Factors to Consider in Building Resilience Now

      COVID-19 has been, and continues to be, a stark reminder of the importance of business resilience. Organizations of all types and sizes have had to adjust to rapidly changing and unpredictable circumstances: A shift to remote work, supply chain disruptions, new digitally driven business models and an environment where uncertainty is the rule, not the exception. See More

    • Why Zero Trust, Why Now

      The concept of a Zero Trust cybersecurity architecture has been around for more than a decade, but adoption didn’t really begin to take hold until the past couple of years. As with many technology innovations, it hasn’t always been clear just what Zero Trust is all about and, more important, how to implement it easily and cost effectively. See More

    • 5 Best Practices To Secure Remote Workers

      The impact of COVID-19 has changed the dynamics and landscape of remote work for at least the foreseeable future and, probably, forever. All of a sudden, organizations across all industries had to scale remote workers at unprecedented intensity and speed. See More

    View All Sponsored News
  • October 06, 2004 06 Oct'04

    'Typical' SOX violations

    Sarbanes-Oxley contains many features, but there are two that stand out from an IT security perspective.

  • August 18, 2004 18 Aug'04

    Graphical passwords still far from picture perfect

    The proliferation of data and devices is making more enterprises consider graphics-based authentication, from which arises a greater pool of possibilities -- and problems.

  • June 17, 2004 17 Jun'04

    Application security: How much does software really cost?

    When purchasing software, asking tough questions and other steps can help you to determine application security -- a major component of the total cost of ownership.

  • June 01, 2004 01 Jun'04

    Firewall and system logs: Using log file analysis for defense

    Log analysis is the most under-appreciated, unsexy aspect of infosecurity, yet Marcus Ranum says it's one of the most important.

  • May 27, 2004 27 May'04

    Case study: L.A. health alerts don't miss a beat

    Los Angeles County Department of Health Services bioterrorism IT coordinator David Cardenas fields and distributes about a dozen serious health alerts to physicians, hospitals and response agencies and must ensure the flow of such sensitive ...

  • April 01, 2004 01 Apr'04

    Using tax depreciation to increase security budgets

    The depreciation of capital assets, such as security hardware and software, is a tax benefit that every infosec manager should take into consideration.

  • April 01, 2004 01 Apr'04

    Database security tools for preventing SQL injection attacks

    An emerging breed of database security tools is helping security teams spot attackers' favorite techniques, like SQL injection.

  • March 04, 2004 04 Mar'04

    Dangers of .zip files

    Reader inquiries about security issues surrounding .zip files prompted a Q&A with Wild List moderator Bruce Hughes, who cites more than 40 worms since 1999 that have taken advantage of the compressed file format to spread.

  • March 01, 2004 01 Mar'04

    Firewall comparison: Packet-filtering firewalls versus proxy firewalls

    Stateful packet-filtering firewalls account for more than 90% of the market, but the proxy firewall folks haven't rolled up their tents yet. In this firewall comparision you will discover which is better for your enterprise?

  • October 14, 2003 14 Oct'03

    Logical integration: Physical and IT security

    In this interview, the security officer for Terminal 4 at JFK International Airport talks about the integration of logical and physical security, and the role biometrics can play.

  • August 19, 2003 19 Aug'03

    Benevolent Nachi worm doing more harm than good

    The Nachi worm, which tries to delete the Lovsan worm and patch infected systems, is clogging internal networks with trash traffic.

  • August 03, 2003 03 Aug'03

    Examining device-based authentication

    Combining device-based authentication technology with existing user-based authentication would be appealing for many organizations, but technical details remain unclear.

  • June 02, 2003 02 Jun'03

    How to learn IT security in your spare time

    When considering how to learn IT security, never underestimate the power of a few minutes of downtime.

  • April 01, 2003 01 Apr'03

    Network packet analyzers enable enterprise 'packet peeking'

    Marcus Ranum explains how network packet analyzers offer a worm's-eye view of what's traversing an enterprise network.

  • January 22, 2003 22 Jan'03

    Remote Access Trojans warrant attention

    Smell a RAT? Some security experts predict you will at some point during 2003. Remote access Trojans often leave backdoors wide open for attackers to prowl through your company's networks or systems.

  • December 20, 2002 20 Dec'02

    The virus name game

    If you're a virus writer, don't expect to have your nefarious work named after your favorite dog, diet drink or exotic dancer. Antivirus researchers have first dibs on virus names.

  • October 24, 2002 24 Oct'02

    Debugging IPsec VPNs: Questions and answers

    SearchSecurity recently invited networking expert Lisa Phifer to speak about troubleshooting IPSec VPNs. We ran out of time during the Webcast for her to answer several questions from the audience, but, she answers those questions here. Phifer is ...

  • October 03, 2002 03 Oct'02

    SANS, FBI identify top 20 Windows, Unix vulnerabilities

    SANS, FBI identify top 20 Windows, Unix vulnerabilities

  • March 18, 2002 18 Mar'02

    Authentication questions and answers

    SearchSecurity invited author and security expert Dr. Richard Smith to speak about authentication and his recently published book on the subject last month. We ran out of time during the Webcast for him to answer several questions from the audience,...

  • December 13, 2000 13 Dec'00

    Political hacking: Crime or activism?