Problem solve
Get help with specific problems with your technologies, process and projects.
Problem solve
Get help with specific problems with your technologies, process and projects.
Improve disaster preparedness with the National Mitigation Framework
Businesses can use FEMA's National Mitigation Framework to improve disaster preparedness planning. Expert Joseph Granneman explains how. Continue Reading
DLL preloading: Making malware detection more difficult
DLL preloading makes malware detection difficult. Effective enterprise mitigation requires antimalware, Microsoft FixIt, and keeping programs current. Continue Reading
Using the Google Transparency Report to enhance website blacklisting
Threats expert Nick Lewis explores whether Google's Transparency Report can be used to enhance blacklisting of malicious websites in the enterprise. Continue Reading
-
Can Windows EFS hinder malware detection?
A new malware strain leverages the Encrypting File System to thwart forensic analysis. Learn how to handle attacks that involve Windows EFS. Continue Reading
Locking the backdoor: Reducing the risk of unauthorized system access
Rampant backdoors in enterprise IT products too often provide unauthorized access to attackers and governments. Learn how to defend against the risks. Continue Reading
Using DNS monitoring to detect network breaches
Brad Casey highlights three DNS data-monitoring methods that can help organizations determine if their networks have been breached.Continue Reading
Using microVM isolation to improve malware detection and defense
Use of microVMs for malware detection and isolation is growing, but expert Brad Casey cautions that the tactic isn't a cure-all for fighting malware.Continue Reading
Is EAL4 certification necessary for enterprise firewall products?
EAL4 certification ensures integrity in security products, but is it a must when buying enterprise firewall products? Expert Brad Casey explains.Continue Reading
Assessing the threat of proxy auto-config malware
Expert Nick Lewis explains how attackers are taking advantage of proxy auto-config capabilities in browsers and what mitigations can be put in place.Continue Reading
How to manage TeamViewer security risk, mitigate the TeamSpy malware
In light of the recent TeamSpy malware, Nick Lewis examines whether TeamViewer's security risk has reached an acceptable level for enterprises.Continue Reading
-
Identifying and preventing router, switch and firewall vulnerabilities
Routers, switches and firewalls are easy targets for hackers. Network security expert Brad Casey offers advice on keeping network devices secure.Continue Reading
Heap spray attacks: Details and mitigations for new techniques
Expert Nick Lewis details a new heap spray attack technique and provides mitigations for both new and old heap spray attacks.Continue Reading
Incident response lessons from Facebook's red team exercises
Expert Nick Lewis provides advice for enterprises looking to take inspiration for an incident response plan from Facebook's red team exercises.Continue Reading
W3af tutorial: How to use w3af for a Web application security scan
In this screencast video, Keith Barker of CBT Nuggets offers a tutorial on how to perform a thorough Web application security scan using w3af.Continue Reading
Mitigate malicious apps with mobile device security training
Mobile device security training can help reduce the threat of malicious mobile apps by making users think twice before clicking download.Continue Reading
Is FTP malware threatening network port security?
A diligent enterprise must watch for FTP attacks over non-standard ports, says network security expert Brad Casey.Continue Reading
Use John the Ripper to test network devices against brute forcing
Enterprise IT security organizations should test network devices using John the Ripper to ensure they are not susceptible to brute-force attacks.Continue Reading
How to test for and protect against firewall vulnerabilities
Vulnerabilities in a firewall operating system can render the firewall useless. Learn how to test for and protect against them.Continue Reading
The implications of mobile hotspot security vulnerabilities
Learn how enterprises can ensure mobile hotspot security by guarding against security vulnerabilities in 3G and 4G modems.Continue Reading
How do different browsers handle SSL certificate revocation?
Application security expert Michael Cobb explores how different Web browsers handle SSL certificate revocation.Continue Reading
PCI DSS version 3.0: The five most important changes for merchants
PCI DSS version 3.0 isn't a wholesale revision, but longtime PCI expert Ed Moyle says merchants' transitions must start now to avoid problems later.Continue Reading
Web browser extension security: Mitigating browser plug-in threats
Application security expert Michael Cobb discusses the risks of Web browser extensions and what enterprises can do to counter browser plug-in threats.Continue Reading
Inside the BREACH attack: How to avoid HTTPS traffic exploits
Enterprise threats expert Nick Lewis examines how the BREACH attack exploits HTTPS traffic and what enterprises can do to mitigate the attack risk.Continue Reading
Open source code reuse: What are the security implications?
Reusing open source code can present a security risk. Application security expert Michael Cobb explains why and how to protect applications.Continue Reading
CRM, ERP security best practices: How to secure aging software
Enterprises rely on ERP and CRM systems, but they pose a risk if left unpatched. Michael Cobb reviews enterprise application security best practices.Continue Reading
AutoIt script in malware attacks: Defensive best practices
Industry expert Nick Lewis outlines the growing popularity of AutoIt script code in malware attacks and how to defend against these attacks.Continue Reading
Encryption key management: Should keys still be stored in the cloud?
Expert Joe Granneman explains whether encryption key management in the cloud is still possible after a slew of revelations around the NSA.Continue Reading
Evaluating vendor promises: How to create a vendor security checklist
For enterprises that need to weigh security requirements versus vendors' claims, a vendor security checklist can help. Expert Joe Granneman advises.Continue Reading
Adaptive authentication: An introduction to risk-based authentication
Enterprise use of adaptive authentication is growing internally and for Web applications. Brad Causey details the allure of risk-based authentication.Continue Reading
How to analyze malware with REMnux's reverse-engineering malware tools
Video: Keith Barker of CBT Nuggets demonstrates how to use the free reverse engineering malware tools in REMnux to analyze malware in apps and PDFs.Continue Reading
Social media regulations and compliance: What enterprises should know
Nick Hayes of Forrester Research details social media regulations and compliance issues, including five compliance areas that enterprises must manage.Continue Reading
Data governance 2.0: Adapting to a new data governance framework
Data governance 2.0, an updated enterprise data governance framework, brings challenges and opportunities. Henry Peyret of Forrester Research details.Continue Reading
For a PCI-compliant database, implement database security controls
Expert Mike Chapple details the necessary database security controls that an organization must implement to achieve a PCI-compliant database.Continue Reading
Does running end-of-life software lead to compliance violations?
There are several risks involved when using end-of-life software, including the possibility of compliance violations. Expert Mike Chapple explains.Continue Reading
How threat intelligence can give enterprise security the upper hand
Expert Nick Lewis covers the benefits of threat intelligence for enterprises, plus how to integrate intel feeds with existing security programs.Continue Reading
How to ensure legacy serial port security on enterprise networks
In the wake of H.D. Moore's discovery of rampant serial port security problems, learn how to secure legacy, Internet-connected serial port servers.Continue Reading
The role of the enterprise intrusion prevention system in APT defense
One research group says an enterprise IPS can't help detect APTs. But network security expert Brad Casey explains why that isn't necessarily true.Continue Reading
VDI security: The benefits and pitfalls of virtualizing endpoints
With the rise of endpoint virtualization, enterprises need to grasp the positives and manage the negatives of VDI security. Expert Brad Casey details.Continue Reading
Use SIEM technology to identify unauthorized access attempts
Analyst Anton Chuvakin explains how to use SIEM technology to identify unauthorized access attempts that can lead to data theft.Continue Reading
Keys to a successful network-based malware detection deployment
Network-based malware detection is an attractive alternative to traditional AV, but deployment challenges loom large. Expert Michael Cobb advises.Continue Reading
Will a password-strength meter lead to stronger passwords?
Security expert Michael Cobb explores the benefits of password-strength meters in the enterprise and how they help users create strong passwords.Continue Reading
The value of 2,048-bit encryption: Why encryption key length matters
Leading browsers are required to use 2,048-bit length keys by the end of the year, but what effect does this have on security?Continue Reading
How certificate pinning improves certificate authority security
Certificate pinning reduces reliance on trusting certificates authorities and improves digital certificate trustworthiness. Michael Cobb explains how.Continue Reading
IT compliance planning: How to maintain IT compliance documentation
Documentation is a key requirement for many IT security regulations. Expert Mike Chapple offers tips for maintaining documentation the right way.Continue Reading
How to use Nikto to scan for Web server vulnerabilities
Video: Keith Barker of CBT Nuggets shows how to use Nikto, a free and open source tool, to scan for outdated or vulnerable Web servers.Continue Reading
A decade later: SOX program management best practices
After 11 years of Sarbanes-Oxley and other mandates, enterprises have finally embraced holistic compliance program management as a best practice.Continue Reading
The 2013 OWASP Top 10 list: What's changed and how to respond
Expert Michael Cobb highlights the changes made in the 2013 OWASP Top 10 list, including new vulnerabilities and what they mean for enterprises.Continue Reading
Do two-factor authentication vulnerabilities outweigh the benefits?
Two-factor authentication vulnerabilities are a real concern, but should they deter enterprises from deploying 2FA? Expert Michael Cobb discusses.Continue Reading
Can an unqualified domain name cause man-in-the-middle attacks?
An unqualified domain name can make reaching internal resources easier, but expert Michael Cobb warns that man-in-the-middle attacks could result.Continue Reading
RC4 attack details: Can the RC4 encryption algorithm protect SSL/TLS?
Expert Michael Cobb provides background on the RC4 encryption algorithm and determines whether a recent RC4 attack signals trouble for SSL/TLS users.Continue Reading
Data-classification levels for compliance: Why simple is best
The best data-classification programs are simple and easy to use. Expert Mike Chapple outlines his four must-have data-classification categories.Continue Reading
Why sandboxing technology is integral for advanced malware detection
Expert Brad Casey details how advanced malware detection products rely heavily on sandboxing technology, though it's not a cure all for enterprises.Continue Reading
Understanding the PCI DSS prioritized approach to compliance
You can take a phased approach to achieving PCI DSS compliance, but expert Mike Chapple says you aren't compliant until you meet all its requirements.Continue Reading
How does steganography work and does it threaten enterprise data?
Expert Joe Granneman explains how steganography works, and the ways it can both protect and threaten enterprise data.Continue Reading
Security Onion tutorial: Analyze network traffic using Security Onion
Video: In this Security Onion tutorial, Keith Barker of CBT Nuggets shows how to analyze network traffic using Security Onion's many free features.Continue Reading
Hitting the books: How to study for the CISSP exam
Expert Joe Granneman offers insights on different ways to prepare for the CISSP exam, and outlines what he thinks is the best way to study.Continue Reading
What is the value of the Lockheed Martin cyber kill chain?
Expert Brad Casey analyzes the value of the Lockheed Martin cyber kill chain strategy, emphasizing data exfiltration over intrusion prevention.Continue Reading
TPM security overview: Defining the benefits of TPM devices
The nearly ubiquitous TPM device is an often-overlooked tool in an infosec pro's arsenal. Expert Michael Cobb details the benefits of TPM security.Continue Reading
OpenFlow security: Does OpenFlow secure software-defined networks?
Expert Brad Casey answers a question on OpenFlow security implications: Can the OpenFlow protocol foster software-defined networking (SDN) security?Continue Reading
Security incident response procedures: When to do a system shutdown
At times, security incident response procedures require drastic measures. Expert Nick Lewis explains when and how to perform a system shutdown.Continue Reading
Open source code management: How to safely use open source libraries
Expert Michael Cobb explains why enterprises need better open source code management to negate the security risks posed by open source libraries.Continue Reading
Identifying and locking down known Java security vulnerabilities
Expert Michael Cobb discusses why known Java security vulnerabilities are on so many endpoints and how to contain them -- without updating Java.Continue Reading
Advanced threat-detection products emerge: Benefits and challenges
Traditional security tools are no longer sufficient for defending against new breeds of attacks, forcing advanced threat-detection products to emerge.Continue Reading
Why securing internal applications is as important as Web-facing apps
Securing internal applications requires the same due diligence as their Web-facing counterparts. Expert Michael Cobb explains why.Continue Reading
How a DNS reflection attack differs from a standard DoS attack program
A DNS reflection attack is like a regular denial-of-service attack, but much worse. Nick Lewis explains why.Continue Reading
Armitage tutorial: How to use Armitage for vulnerability assessments
Video: In this Armitage tutorial, Keith Barker of CBT Nuggets shows how to use the Metasploit add-on to perform vulnerability assessments.Continue Reading
CASP certification: Does CompTIA's security certification offer value?
The new CompTIA Advanced Security Practitioner certification won't replace the CISSP, but it may offer critical value to one specific group.Continue Reading
How to detect malware with changing file sizes
Malware authors change the size of malware files to avoid detection by antivirus software. Learn how to detect this malware from expert Nick Lewis.Continue Reading
Foxit Reader vulnerability: Time to find an alternative PDF reader?
Does the latest Foxit Reader vulnerability mean it's time to find an alternative PDF reader? Expert Nick Lewis offers his advice.Continue Reading
The advantages of digital watermarking in enterprise data protection
Expert Michael Cobb explains the advantages of digital watermarking and analyzes whether improved data security is one of them.Continue Reading
Web application session management issues, and how to avoid a hijacking
Whistleblower policy: Preventing insider information leak incidents
NSA-level incidents are rare, but they do happen. Learn how to prevent a whistleblower scenario and limit the risk of insider information leaks.Continue Reading
Two-factor authentication options, use cases and best practices
It may seem daunting, but two-factor authentication options are manageable for nearly all enterprises. Learn how to get started in this 2FA primer.Continue Reading
VPN use in China: Protecting sensitive business data
With VPN use in China prohibited, businesses have reason to be concerned about the privacy of their data.Continue Reading
Recommended tools for remote access Trojan detection
Expert Brad Casey suggests tools that can detect remote access Trojans, or RATs, like FAKEM.Continue Reading
How to enact Apache security best practices for Web server security
With Apache Web servers becoming ever more popular with attackers, organizations should follow Apache security best practices to avoid compromise.Continue Reading
Unmanaged endpoints? Rethink the defense-in-depth security model
Today's endpoint security model is failing. What's next? Learn why endpoint defense-in-depth controls must assume the endpoint is compromised.Continue Reading
Application security risks posed by open source Java frameworks
Expert Michael Cobb says security issues with open source Java applications have more to do with misconfigurations than the frameworks themselves.Continue Reading
Is Firefox PDF reader a secure alternative to Adobe Reader?
Expert Michael Cobb examines Mozilla’s Firefox PDF reader and discusses whether it is more secure than Adobe Reader.Continue Reading
What is OCSP? Understanding the Online Certificate Status Protocol
Expert Michael Cobb explains the CASC's Online Certificate Status Protocol (OCSP) and OCSP stapling.Continue Reading
How to use ThreadFix to simplify the vulnerability management process
Video: Keith Barker of CBT Nuggets demonstrates how Denim Group's ThreadFix helps simplify the enterprise vulnerability management process.Continue Reading
BB10 security: The risks of running Android apps on BlackBerry 10
Expert Michael Cobb explains the implications of running Android apps on BB10 and the system's new security features, including Balance.Continue Reading
No firewall? How disabling the firewall can improve network security
Having no perimeter firewall may seem ludicrous, but Joel Snyder explains why disabling the firewall can actually improve enterprise network security.Continue Reading
Understanding logic bomb attacks: Examples and countermeasures
In light of the attacks on South Korean organizations, expert Nick Lewis defines logic bomb attacks and offers other examples and countermeasures.Continue Reading
PCI e-commerce compliance guidelines for third-party payment processors
Expert Mike Chapple details the PCI SSC's third-party processor rules and how to outsource card processing and stay PCI DSS compliant.Continue Reading
How key MDM features affect mobile security policy management
As MDM features become more robust, enterprises must not only look for mature products, but also evolve mobile security policies accordingly.Continue Reading
Intro to two-factor authentication in Web authentication scenarios
The Web's top brands are implementing two-factor authentication for consumer Web authentication. Learn 2FA benefits, burdens and how to get started.Continue Reading
Google Chrome clickjacking vulnerability: Time to switch browsers?
Expert Nick Lewis explains the Google Chrome clickjacking vulnerability, including why avoiding the issue isn't as simple as switching browsers.Continue Reading
How to reduce IT security risk with IT asset management
IT asset management expert Barb Rembiesa explains how ITAM best practices like IT asset standardization and rationalization reduce IT security risk.Continue Reading
Open source security tools: Getting more out of an IT security budget
Open source security tools can help stretch your IT security budget further -- that is, if you use them strategically. Joseph Granneman explains how.Continue Reading
Using network flow analysis to improve network security visibility
To overcome network security issues from advanced attackers and BYOD, security professionals are turning to network flow analysis to gain improved network security visibility.Continue Reading
Goals for how to become a CISO if you're a security technologist
Security technologists aspiring to become CISOs must develop a variety of business skills, as Joe Granneman explains in this Ask the Expert Q&A.Continue Reading
Using EMET to harden Windows XP and other legacy applications
Expert Michael Cobb details how using EMET, a free tool from Microsoft, can harden Windows XP and other legacy applications.Continue Reading
Zed Attack Proxy tutorial: Uncover Web app vulnerabilities using ZAP
Video: Keith Barker of CBT Nuggets offers a OWASP Zed Attack Proxy tutorial. Learn how to find and nullify Web application vulnerabilities using ZAP.Continue Reading
Exploit kits evolved: How to defend against the latest attack toolkits
Expert Nick Lewis details how automated exploit kits are evolving and offers mitigations for the latest methods employed by these attack toolkits.Continue Reading
A HIPAA compliance checklist for corporate mergers and acquisitions
Learn about the important HIPAA compliance best practices that can help maintain compliance before and after a corporate merger or acquisition.Continue Reading
Web application security testing: Is a pen test or code review better?
For Web application security testing, if cash is tight, should a penetration test top an application code review? Michael Cobb explains his choice.Continue Reading
How will the cloud affect future network security skills requirements?
Will the ongoing adoption of cloud technology affect the skills that network security engineers need in the future? Matt Pascucci discusses.Continue Reading
SIEM best practices for advanced attack detection
SIEM struggles are common, but Mike Rothman explains why SIEM products are critical for advanced attack detection, and offers a SIEM tuning step-by-step.Continue Reading
Fiber optic networking: Assessing security risks
Matthew Pascucci discusses the potential security risks associated with fiber optic networking.Continue Reading