Problem solve

Problem solve

Get help with specific problems with your technologies, process and projects.

• Is EAL4 certification necessary for enterprise firewall products?

  EAL4 certification ensures integrity in security products, but is it a must when buying enterprise firewall products? Expert Brad Casey explains. Continue Reading

• Assessing the threat of proxy auto-config malware

  Expert Nick Lewis explains how attackers are taking advantage of proxy auto-config capabilities in browsers and what mitigations can be put in place. Continue Reading

• How to manage TeamViewer security risk, mitigate the TeamSpy malware

  In light of the recent TeamSpy malware, Nick Lewis examines whether TeamViewer's security risk has reached an acceptable level for enterprises. Continue Reading

• Identifying and preventing router, switch and firewall vulnerabilities

  Routers, switches and firewalls are easy targets for hackers. Network security expert Brad Casey offers advice on keeping network devices secure. Continue Reading

• Heap spray attacks: Details and mitigations for new techniques

  Expert Nick Lewis details a new heap spray attack technique and provides mitigations for both new and old heap spray attacks. Continue Reading

• Incident response lessons from Facebook's red team exercises

  Expert Nick Lewis provides advice for enterprises looking to take inspiration for an incident response plan from Facebook's red team exercises.Continue Reading

• Is FTP malware threatening network port security?

  A diligent enterprise must watch for FTP attacks over non-standard ports, says network security expert Brad Casey.Continue Reading

• Use John the Ripper to test network devices against brute forcing

  Enterprise IT security organizations should test network devices using John the Ripper to ensure they are not susceptible to brute-force attacks.Continue Reading

• How to test for and protect against firewall vulnerabilities

  Vulnerabilities in a firewall operating system can render the firewall useless. Learn how to test for and protect against them.Continue Reading

• The implications of mobile hotspot security vulnerabilities

  Learn how enterprises can ensure mobile hotspot security by guarding against security vulnerabilities in 3G and 4G modems.Continue Reading

• How do different browsers handle SSL certificate revocation?

  Application security expert Michael Cobb explores how different Web browsers handle SSL certificate revocation.Continue Reading

• PCI DSS version 3.0: The five most important changes for merchants

  PCI DSS version 3.0 isn't a wholesale revision, but longtime PCI expert Ed Moyle says merchants' transitions must start now to avoid problems later.Continue Reading

• Web browser extension security: Mitigating browser plug-in threats

  Application security expert Michael Cobb discusses the risks of Web browser extensions and what enterprises can do to counter browser plug-in threats.Continue Reading

• Inside the BREACH attack: How to avoid HTTPS traffic exploits

  Enterprise threats expert Nick Lewis examines how the BREACH attack exploits HTTPS traffic and what enterprises can do to mitigate the attack risk.Continue Reading

• Open source code reuse: What are the security implications?

  Reusing open source code can present a security risk. Application security expert Michael Cobb explains why and how to protect applications.Continue Reading

• CRM, ERP security best practices: How to secure aging software

  Enterprises rely on ERP and CRM systems, but they pose a risk if left unpatched. Michael Cobb reviews enterprise application security best practices.Continue Reading

• AutoIt script in malware attacks: Defensive best practices

  Industry expert Nick Lewis outlines the growing popularity of AutoIt script code in malware attacks and how to defend against these attacks.Continue Reading

• Encryption key management: Should keys still be stored in the cloud?

  Expert Joe Granneman explains whether encryption key management in the cloud is still possible after a slew of revelations around the NSA.Continue Reading

• Evaluating vendor promises: How to create a vendor security checklist

  For enterprises that need to weigh security requirements versus vendors' claims, a vendor security checklist can help. Expert Joe Granneman advises.Continue Reading

• Adaptive authentication: An introduction to risk-based authentication

  Enterprise use of adaptive authentication is growing internally and for Web applications. Brad Causey details the allure of risk-based authentication.Continue Reading

• Social media regulations and compliance: What enterprises should know

  Nick Hayes of Forrester Research details social media regulations and compliance issues, including five compliance areas that enterprises must manage.Continue Reading

• Data governance 2.0: Adapting to a new data governance framework

  Data governance 2.0, an updated enterprise data governance framework, brings challenges and opportunities. Henry Peyret of Forrester Research details.Continue Reading

• For a PCI-compliant database, implement database security controls

  Expert Mike Chapple details the necessary database security controls that an organization must implement to achieve a PCI-compliant database.Continue Reading

• Does running end-of-life software lead to compliance violations?

  There are several risks involved when using end-of-life software, including the possibility of compliance violations. Expert Mike Chapple explains.Continue Reading

• How threat intelligence can give enterprise security the upper hand

  Expert Nick Lewis covers the benefits of threat intelligence for enterprises, plus how to integrate intel feeds with existing security programs.Continue Reading

• How to ensure legacy serial port security on enterprise networks

  In the wake of H.D. Moore's discovery of rampant serial port security problems, learn how to secure legacy, Internet-connected serial port servers.Continue Reading

• The role of the enterprise intrusion prevention system in APT defense

  One research group says an enterprise IPS can't help detect APTs. But network security expert Brad Casey explains why that isn't necessarily true.Continue Reading

• VDI security: The benefits and pitfalls of virtualizing endpoints

  With the rise of endpoint virtualization, enterprises need to grasp the positives and manage the negatives of VDI security. Expert Brad Casey details.Continue Reading

• Use SIEM technology to identify unauthorized access attempts

  Analyst Anton Chuvakin explains how to use SIEM technology to identify unauthorized access attempts that can lead to data theft.Continue Reading

• Keys to a successful network-based malware detection deployment

  Network-based malware detection is an attractive alternative to traditional AV, but deployment challenges loom large. Expert Michael Cobb advises.Continue Reading

• Will a password-strength meter lead to stronger passwords?

  Security expert Michael Cobb explores the benefits of password-strength meters in the enterprise and how they help users create strong passwords.Continue Reading

• The value of 2,048-bit encryption: Why encryption key length matters

  Leading browsers are required to use 2,048-bit length keys by the end of the year, but what effect does this have on security?Continue Reading

• How certificate pinning improves certificate authority security

  Certificate pinning reduces reliance on trusting certificates authorities and improves digital certificate trustworthiness. Michael Cobb explains how.Continue Reading

• IT compliance planning: How to maintain IT compliance documentation

  Documentation is a key requirement for many IT security regulations. Expert Mike Chapple offers tips for maintaining documentation the right way.Continue Reading

• A decade later: SOX program management best practices

  After 11 years of Sarbanes-Oxley and other mandates, enterprises have finally embraced holistic compliance program management as a best practice.Continue Reading

• The 2013 OWASP Top 10 list: What's changed and how to respond

  Expert Michael Cobb highlights the changes made in the 2013 OWASP Top 10 list, including new vulnerabilities and what they mean for enterprises.Continue Reading

• Do two-factor authentication vulnerabilities outweigh the benefits?

  Two-factor authentication vulnerabilities are a real concern, but should they deter enterprises from deploying 2FA? Expert Michael Cobb discusses.Continue Reading

• Can an unqualified domain name cause man-in-the-middle attacks?

  An unqualified domain name can make reaching internal resources easier, but expert Michael Cobb warns that man-in-the-middle attacks could result.Continue Reading

• RC4 attack details: Can the RC4 encryption algorithm protect SSL/TLS?

  Expert Michael Cobb provides background on the RC4 encryption algorithm and determines whether a recent RC4 attack signals trouble for SSL/TLS users.Continue Reading

• Data-classification levels for compliance: Why simple is best

  The best data-classification programs are simple and easy to use. Expert Mike Chapple outlines his four must-have data-classification categories.Continue Reading

• Understanding the PCI DSS prioritized approach to compliance

  You can take a phased approach to achieving PCI DSS compliance, but expert Mike Chapple says you aren't compliant until you meet all its requirements.Continue Reading

• How does steganography work and does it threaten enterprise data?

  Expert Joe Granneman explains how steganography works, and the ways it can both protect and threaten enterprise data.Continue Reading

• Hitting the books: How to study for the CISSP exam

  Expert Joe Granneman offers insights on different ways to prepare for the CISSP exam, and outlines what he thinks is the best way to study.Continue Reading

• What is the value of the Lockheed Martin cyber kill chain?

  Expert Brad Casey analyzes the value of the Lockheed Martin cyber kill chain strategy, emphasizing data exfiltration over intrusion prevention.Continue Reading

• TPM security overview: Defining the benefits of TPM devices

  The nearly ubiquitous TPM device is an often-overlooked tool in an infosec pro's arsenal. Expert Michael Cobb details the benefits of TPM security.Continue Reading

• OpenFlow security: Does OpenFlow secure software-defined networks?

  Expert Brad Casey answers a question on OpenFlow security implications: Can the OpenFlow protocol foster software-defined networking (SDN) security?Continue Reading

• Security incident response procedures: When to do a system shutdown

  At times, security incident response procedures require drastic measures. Expert Nick Lewis explains when and how to perform a system shutdown.Continue Reading

• Open source code management: How to safely use open source libraries

  Expert Michael Cobb explains why enterprises need better open source code management to negate the security risks posed by open source libraries.Continue Reading

• Advanced threat-detection products emerge: Benefits and challenges

  Traditional security tools are no longer sufficient for defending against new breeds of attacks, forcing advanced threat-detection products to emerge.Continue Reading

• Why securing internal applications is as important as Web-facing apps

  Securing internal applications requires the same due diligence as their Web-facing counterparts. Expert Michael Cobb explains why.Continue Reading

• How a DNS reflection attack differs from a standard DoS attack program

  A DNS reflection attack is like a regular denial-of-service attack, but much worse. Nick Lewis explains why.Continue Reading

• CASP certification: Does CompTIA's security certification offer value?

  The new CompTIA Advanced Security Practitioner certification won't replace the CISSP, but it may offer critical value to one specific group.Continue Reading

• How to detect malware with changing file sizes

  Malware authors change the size of malware files to avoid detection by antivirus software. Learn how to detect this malware from expert Nick Lewis.Continue Reading

• Foxit Reader vulnerability: Time to find an alternative PDF reader?

  Does the latest Foxit Reader vulnerability mean it's time to find an alternative PDF reader? Expert Nick Lewis offers his advice.Continue Reading

• The advantages of digital watermarking in enterprise data protection

  Expert Michael Cobb explains the advantages of digital watermarking and analyzes whether improved data security is one of them.Continue Reading

• Web application session management issues, and how to avoid a hijacking

  Continue Reading

• Whistleblower policy: Preventing insider information leak incidents

  NSA-level incidents are rare, but they do happen. Learn how to prevent a whistleblower scenario and limit the risk of insider information leaks.Continue Reading

• Two-factor authentication options, use cases and best practices

  It may seem daunting, but two-factor authentication options are manageable for nearly all enterprises. Learn how to get started in this 2FA primer.Continue Reading

• VPN use in China: Protecting sensitive business data

  With VPN use in China prohibited, businesses have reason to be concerned about the privacy of their data.Continue Reading

• Recommended tools for remote access Trojan detection

  Expert Brad Casey suggests tools that can detect remote access Trojans, or RATs, like FAKEM.Continue Reading

• How to enact Apache security best practices for Web server security

  With Apache Web servers becoming ever more popular with attackers, organizations should follow Apache security best practices to avoid compromise.Continue Reading

• Unmanaged endpoints? Rethink the defense-in-depth security model

  Today's endpoint security model is failing. What's next? Learn why endpoint defense-in-depth controls must assume the endpoint is compromised.Continue Reading

• Application security risks posed by open source Java frameworks

  Expert Michael Cobb says security issues with open source Java applications have more to do with misconfigurations than the frameworks themselves.Continue Reading

• Is Firefox PDF reader a secure alternative to Adobe Reader?

  Expert Michael Cobb examines Mozilla’s Firefox PDF reader and discusses whether it is more secure than Adobe Reader.Continue Reading

• What is OCSP? Understanding the Online Certificate Status Protocol

  Expert Michael Cobb explains the CASC's Online Certificate Status Protocol (OCSP) and OCSP stapling.Continue Reading

• BB10 security: The risks of running Android apps on BlackBerry 10

  Expert Michael Cobb explains the implications of running Android apps on BB10 and the system's new security features, including Balance.Continue Reading

• No firewall? How disabling the firewall can improve network security

  Having no perimeter firewall may seem ludicrous, but Joel Snyder explains why disabling the firewall can actually improve enterprise network security.Continue Reading

• Understanding logic bomb attacks: Examples and countermeasures

  In light of the attacks on South Korean organizations, expert Nick Lewis defines logic bomb attacks and offers other examples and countermeasures.Continue Reading

• PCI e-commerce compliance guidelines for third-party payment processors

  Expert Mike Chapple details the PCI SSC's third-party processor rules and how to outsource card processing and stay PCI DSS compliant.Continue Reading

• How key MDM features affect mobile security policy management

  As MDM features become more robust, enterprises must not only look for mature products, but also evolve mobile security policies accordingly.Continue Reading

• Intro to two-factor authentication in Web authentication scenarios

  The Web's top brands are implementing two-factor authentication for consumer Web authentication. Learn 2FA benefits, burdens and how to get started.Continue Reading

• Google Chrome clickjacking vulnerability: Time to switch browsers?

  Expert Nick Lewis explains the Google Chrome clickjacking vulnerability, including why avoiding the issue isn't as simple as switching browsers.Continue Reading

• How to reduce IT security risk with IT asset management

  IT asset management expert Barb Rembiesa explains how ITAM best practices like IT asset standardization and rationalization reduce IT security risk.Continue Reading

• Open source security tools: Getting more out of an IT security budget

  Open source security tools can help stretch your IT security budget further -- that is, if you use them strategically. Joseph Granneman explains how.Continue Reading

• Using network flow analysis to improve network security visibility

  To overcome network security issues from advanced attackers and BYOD, security professionals are turning to network flow analysis to gain improved network security visibility.Continue Reading

• Goals for how to become a CISO if you're a security technologist

  Security technologists aspiring to become CISOs must develop a variety of business skills, as Joe Granneman explains in this Ask the Expert Q&A.Continue Reading

• Using EMET to harden Windows XP and other legacy applications

  Expert Michael Cobb details how using EMET, a free tool from Microsoft, can harden Windows XP and other legacy applications.Continue Reading

• Exploit kits evolved: How to defend against the latest attack toolkits

  Expert Nick Lewis details how automated exploit kits are evolving and offers mitigations for the latest methods employed by these attack toolkits.Continue Reading

• A HIPAA compliance checklist for corporate mergers and acquisitions

  Learn about the important HIPAA compliance best practices that can help maintain compliance before and after a corporate merger or acquisition.Continue Reading

• Web application security testing: Is a pen test or code review better?

  For Web application security testing, if cash is tight, should a penetration test top an application code review? Michael Cobb explains his choice.Continue Reading

• How will the cloud affect future network security skills requirements?

  Will the ongoing adoption of cloud technology affect the skills that network security engineers need in the future? Matt Pascucci discusses.Continue Reading

• SIEM best practices for advanced attack detection

  SIEM struggles are common, but Mike Rothman explains why SIEM products are critical for advanced attack detection, and offers a SIEM tuning step-by-step.Continue Reading

• Fiber optic networking: Assessing security risks

  Matthew Pascucci discusses the potential security risks associated with fiber optic networking.Continue Reading

• The fundamentals of designing a secure network

  When designing a secure network segmentation, monitoring, logging and encryption should be a priority. Matt Pascucci explains in this expert Q&A.Continue Reading

• How to use compliance automation to reduce compliance risk

  Tony UcedaVelez offers tips for automating compliance tasks to reduce IT security and compliance risk while easing the pain of arduous compliance audits.Continue Reading

• The evolution of threat detection and management

  Enterprises must understand the latest threat detection options to keep up with advanced cybercriminals who can bypass enterprise security defenses.Continue Reading

• Antimalware software introduction: Business benefits and drawbacks

  Mike Rothman discusses how antimalware software has evolved to develop various business and technology issues, but also still holds many benefits.Continue Reading

• PCI DSS compliance: What to do when agents email credit card numbers

  Emailing unencrypted credit card numbers is a violation of PCI DSS. Learn how to stop customer service agents from practicing this dangerous act.Continue Reading

• Prevent DDoS DNS amplification attacks by securing DNS resolvers

  Expert Nick Lewis details how misconfigured DNS resolvers can be used for DDoS DNS attacks and how organizations can secure them.Continue Reading

• Does ISO 27001 certification mean HIPAA and HITECH compliance?

  Mike Chapple clarifies the difference between ISO 27001 certification and HIPAA and HITECH compliance.Continue Reading

• The Narilam malware: How to protect SQL databases, corporate records

  Expert Nick Lewis explains how the Narilam malware infects SQL databases and destroys corporate records, and offers advice on mitigation.Continue Reading

• How to configure a VLAN to achieve the benefits of VLAN security

  Expert Brad Casey explains how to configure a VLAN in order to achieve the benefits of VLAN security, including protection against insider attacks.Continue Reading

• How to limit penetration test risks by defining testing scope

  Expert Nick Lewis explains how to reduce penetration testing risks by limiting the scope of the test.Continue Reading

• Stopping privilege creep: Limiting user privileges with access reviews

  Most enterprises suffer from privilege creep among long-time employees. Peter Gregory explains how to limit user privileges with access reviews and automation.Continue Reading

• NoSQL security: Do NoSQL database security features stack up to RDBMS?

  With NoSQL databases increasingly being used to tackle big data challenges, expert Michael Cobb examines NoSQL security in comparison to RDBMS.Continue Reading

• To nullify targeted attacks, limit out-of-office message security risk

  Expert Michael Cobb details how to reduce out-of-office message security risk --and thus targeted attacks -- by limiting personal info given.Continue Reading

• How to prevent SQL injection attacks by validating user input

  Expert Michael Cobb discusses how to prevent SQL injection attacks by validating user input and utilizing parameterized stored procedures.Continue Reading

• DLP management tools and reporting: Key considerations

  When it comes to DLP management tools, installation and maintenance of a single centralized management console to house all rules and alerts are key.Continue Reading

• Using DLP tools for data leakage alerting and preventive actions

  When evaluating DLP tools, it's important to determine data leakage alerting and preventive action needs for potential violations and blocking.Continue Reading

• DLP monitoring: Defining policies to monitor data

  DLP monitoring policies help define what data to evaluate, how data monitoring processes should occur, and what enforcement and alerting actions to take.Continue Reading