Problem solve

Problem solve

Get help with specific problems with your technologies, process and projects.

• Buying an IPS: Decide which applications and protocols your IPS will protect

  Application and protocol coverage varies in signature-, rate- and behavior-based intrusion prevention systems. Understanding the differences is crucial to your IPS investments. This is the third in a seven-part series. Continue Reading

• How to test Windows operating system patches

  Windows patch testing may be easy when it comes to applications like Outlook. Tom Chmielarski reviews how to test more difficult updates to the operating system. Continue Reading

• How to set up Apache Web server access control

  If you're hoping to allow or deny Apache Web server access based on IP address, check out this expert response from Randall Gamby. Continue Reading

• Evaluating tools for online bank security

  Criminals are hijacking online bank accounts with sophisticated bank Trojans but a variety of technologies promise online bank security. In this tip, Dave Shackleford examines the pros and cons of tools designed to thwart online banking fraud. Continue Reading

• How to block port scan attempts on a public wireless network

  Network security expert Anand Sastry explains how to block port scan attempts on a public wireless network at the host level. Continue Reading

• Zeus botnet analysis: Past, present and future threats

  The Zeus botnet isn't showing signs of fading. In fact, it now threatens a wider scope of organizations beyond the banking industry. Expert Nick Lewis offers a Zeus botnet analysis, looking at why it's been so effective, what it's doing now and how ...Continue Reading

• Choosing smartphone encryption software for mobile smartphone security

  If your enterprise users have smartphones, then your enterprise may need smartphone encryption. In this tip, expert Dave Shackleford describes what to look for in smartphone encryption software, from cost to management capabilities.Continue Reading

• Your USB port management options

  When it comes to managing USB ports, the choice is yours. Mike Chapple reviews your three best options.Continue Reading

• Endpoint fingerprinting: How to improve NAC security for 'dumb devices'

  Many enterprises underestimate the potential security problems posed by "dumb devices" like network printers or IP phones. Forrester Research analyst Usman Sindhu explains how endpoint fingerprinting can be used as a NAC add-on to identify and ...Continue Reading

• How to perform an Active Directory security audit

  As a security professional, you depend on Active Directory to provision users, but how secure is your implementation of AD itself? Learn how to perform an Active Directory security audit in this expert tip.Continue Reading

• Secure OpenVPN config with PAM

  Network security expert Anand Sastry explains the relationship between OpenVPN and TLS, and points out where to learn about using OpenVPN and PAM.Continue Reading

• OpenLDAP migration: OpenLDAP from an Active Directory schema

  While integrating user provisioning products may seem like a lot of work, there are strategies to make it go smoothly. In this expert response, Randall Gamby describes how to incorporate OpenLDAP into an Active Directory schema.Continue Reading

• Enterprise PDF attack prevention best practices

  Malicious PDF exploits are at an all-time high. Should enterprises dump PDFs altogether? Expert Michael Cobb answers that question and offers his key enterprise PDF attack prevention tactics.Continue Reading

• The pros and cons of automated user provisioning software

  Automated user provisioning software can offer many benefits to enterprises, but its high cost and labor-intensive implementation may mean it's not right for yours. IAM expert Randall Gamby addresses the topic.Continue Reading

• Secure DMZ Web server setup advice

  Network security expert Anand Sastry describes how to ensure a secure DMZ Web server setup involving network attached storage (NAS).Continue Reading

• Identity management SSO security: Hardening single sign-on systems

  Get information on how to harden single sign-on systems for greater security in this response from IAM expert Randall Gamby.Continue Reading

• Biometric security technology: The safest types of biometric devices

  Expert Randall Gamby explains which biometrics devices are most secure, and which could work best in your enterprise.Continue Reading

• Static source code analysis tools: Pros and cons

  Static source code analysis tools can greatly improve application security, but it takes knowledge and expertise to use them correctly. Expert Michael Cobb explains why.Continue Reading

• What controls should be used to block social networking sites?

  Find out what controls companies can use to block social networking sites.Continue Reading

• Should black-box, white-box testing be used together?

  Learn why black-box, white-box testing should be used together when searching for Web application code vulnerabilities.Continue Reading

• Tips on how to remove malware manually

  In this expert response, Nick Lewis explains how to remove malware manually, step by step.Continue Reading

• Database activity monitoring (DAM) software deployment issues to avoid

  Database activity monitoring software deployments can have their shortcomings. For example, issues with network monitoring and policy overload can impact compliance audits and database performance.Continue Reading

• Creating a security risk management plan format

  Enterprises without a codified risk management plan are much more susceptible to threats. In this expert response from Ernie Hayden, learn how to create a risk management plan that covers all the bases.Continue Reading

• Which tools will help in validating form input in a website?

  Find out how to validate form input in a website.Continue Reading

• How to defend against a sync flood attack

  Nick Lewis explains how to protect your organization from sync flood attacks.Continue Reading

• MD5 security: Time to migrate to SHA-1 hash algorithm?

  Many organizations have been replacing the MD5 hash algorithm with the SHA-1 hash function, but can the MD5 hash algorithm still be used securely?Continue Reading

• How to manage compliance as Chief Information Security Officer (CISO)

  When it comes to IT compliance management, creating an effective compliance program is one of many jobs of a Chief Information Security Officer (CISO). In this tip from security management expert Ernie Hayden, learn how to create such a program.Continue Reading

• FFIEC security requirements: Physical security management and logging

  In this expert response from Ernie Hayden, learn about FFIEC security requirements for creating physical security logs.Continue Reading

• Penetration test methodology: Creating a network pen testing agreement

  Network pen testing can be very useful when it comes to detecting vulnerabilities, but it's important to work with the IT department to prevent network downtime. In this expert response, learn how to draw up pen testing rules of engagement for ...Continue Reading

• Using fuzzing for internal application security testing

  Superstar security researchers often use fuzzing to find flaws in major vendors' applications, and you can use fuzzers to find vulnerabilities during internal software development. Expert Michael Cobb explains how.Continue Reading

• Using a digital signature, electronic signature and digital certificate

  While they may seem similar, a digital signature, electronic signature and digital certificate all have unique functions. In this IAM expert response from Randall Gamby, learn the differences and how each is used.Continue Reading

• Conducting a user access review with a small information security staff

  Has there been cutbacks on your company's information security staff? It would be easy for certain security tasks to fall through the cracks. Learn how to keep access controls tight without spending a lot of time or energy.Continue Reading

• Privacy laws in the workplace: Creating employee privacy policies

  Are your employees aware of their workplace privacy rights? More specifically, are they aware of what privacy rights they don't retain? Learn how to create effective employee privacy policies in this expert response.Continue Reading

• HTML 5 features present new security risks

  Find out why new HTML 5 features are going to represent a new opportunity for malware writers.Continue Reading

• Create a data breach response plan in 10 easy steps

  Having a solid data breach response plan in place can make the threat of a security breach less intimidating. In this tip, learn 10 steps to take that will lead to an effective data breach response plan.Continue Reading

• How to determine the net value of an asset for risk impact analysis

  Asset valuation and impact analysis are two different but equally important aspects of risk analysis. Expert Ernie Hayden explains.Continue Reading

• Detecting kernel intrusion attacks through network monitoring

  Learn how to detect kernel intrusion attacks by monitoring your network closely and thoroughly.Continue Reading

• Proxy server security: Defending against DoS and other attacks

  In this expert response, find out how to boost proxy server security in the enterprise.Continue Reading

• Is the 3DES encryption algorithm the best choice for S/MIME protocol?

  The triple DES encryption algorithm was originally designed for the S/MIME protocol, but is it still the best choice for encryption? In this expert response, Randall Gamby describes the advantages and disadvantages to using 3DES.Continue Reading

• Creating a user account management policy to delete old accounts

  If you're not deleting orphaned accounts, you may be leaving the door wide open to attackers. In this expert response from Randall Gamby, learn how to create an effective user account management policy for getting rid of old accounts.Continue Reading

• Performing a security risk analysis to assess acceptable level of risk

  No organization is ever completely without risk, but there are steps that can be taken to establish an acceptable level of risk that can be appropriately mitigated. In this tip, Michael Cobb explains how to perform a security risk analysis to help ...Continue Reading

• Is an SMTP TLS certificate the same as an FTP SSL certificate?

  Are all security transportation-level certificates (TLSes) the same, or are there different certificates for different protocols? In this expert response, Randall Gamby discusses SMTP and FTP certificates.Continue Reading

• SMS two-factor authentication for electronic identity verification

  Tokens are no longer the only choice when it comes to OTPs and electronic identity verification. Learn about new two-factor authentication options involving SMS and mobile phones.Continue Reading

• Is a touchscreen virtual keyboard good for keeping passwords secure?

  Recently, touchscreen virtual keyboards have been showing up on sites as an added security measure. What are the pros and cons of these virtual keyboards, and are they capable of stopping keylogging?Continue Reading

• The difference between a digital signature and digital certificate

  A digital signature and a digital certificate, while both security measures, are different in the ways they are implemented and what they are implemented for. In this expert response, Randall Gamby explains the difference.Continue Reading

• Gap analysis methodology for IT security and compliance

  If your enterprise is faced with multiple-standard compliance, having a set gap analysis methodology can save a lot of time and effort. Learn more in this expert response from Ernie Hayden.Continue Reading

• How to configure IIS authorization and manager permissions

  David Shackleford reviews authorization rules that will help you secure your IIS 7 Web server.Continue Reading

• Operation Aurora: Tips for thwarting zero-day attacks, unknown malware

  In December 2009, Google, Adobe and other companies were the victims of a damaging cyberattack called Operation Aurora. In this tip, expert Nick Lewis outlines the lessons learned from this attack, and how companies can avoid falling victim to ...Continue Reading

• Using Windows software restriction policies to stop executable code

  Software restriction policies are one way to prevent known malware and file-sharing applications from taking control of your network.Continue Reading

• SANS Top 25 programming errors: Application security best practices

  Learn the SANS Top 25 programming errors and the best practices for application security.Continue Reading

• Separation of duties: Internal user account controls

  If your user account administration is dispersed among different departments, you might be looking into centralizing it. This can work, provided you have a trustworthy administrator and separation of duties controls.Continue Reading

• Creating a proactive enterprise security incident response program

  Every organization should develop a proactive security incident response program to ensure that when an incident does occur, it can be handled quickly and efficiently. Contributor Marcos Christodonte II explains how.Continue Reading

• DBMS security: Data warehouse advantages

  Are there data warehouse advantages in regard to security? Without question. Michael Cobb explains.Continue Reading

• OpenOffice security: Concerns when moving from Microsoft Office

  What are the major OpenOffice security concerns when transitioning from Microsoft Office? Security expert Michael Cobb explains the potential vulnerabilities between open source and commercial software.Continue Reading

• How to decode a cipher: Identifying a cryptographic hash algorithm

  While it is possible to identify a cryptographic algorithm by way of cipher bit sequences, it can be difficult, and is sometimes illegal. IAM expert Randall Gamby gives advice and a warning.Continue Reading

• How risk management standards can work for enterprise IT

  Every organization should be able to articulate how IT threats can harm a business. Forrester Research Analyst Chris McClean explains how a five-step risk management strategy, based on a risk management standard like ISO 31000, makes it easier to ...Continue Reading

• How to buy an IPS: Features, testing and review

  If you're considering IPS for your enterprise, make sure you know what to look for in the products you're reviewing. In this tip, network security expert David Meier describes how to conduct an IPS comparison and review of various features, ...Continue Reading

• The benefits of application proxy firewalls

  Michael Cobb explains the benefits of application proxy firewalls as compared to other firewall technologies including packet filtering firewalls and stateful inspection firewalls or circuit-level gateways.Continue Reading

• How to use COBIT for compliance

  While the COBIT framework has been around for a long time, it can still be very useful in terms of understanding goals and benchmarks for a security program that can, in turn, aid compliance with many regulations.Continue Reading

• How to update a disaster recovery, contingency planning strategy

  Have your disaster recovery plans fallen woefully behind the current state of your business? In this expert response, Ernie Hayden discusses how to conduct tabletop exercises to get your plans back on track.Continue Reading

• Advanced Encryption Standard and AES ciphers: Can they be cracked?

  No encryption standard is unbreakable, but Advanced Encryption Standard may come close. Michael Cobb discusses why AES ciphers are so tough to beat.Continue Reading

• Scapy tutorial: How to use Scapy to test Snort rules

  When creating Snort rules, it's often difficult to test them before they go live. In this Scapy tutorial, Judy Novak explains how to use Scapy, a tool that simplifies packet crafting, to test new Snort rules.Continue Reading

• Digital signature implementation: How to verify email addresses

  When implementing digital signatures in Outlook, learn what pitfalls to avoid and how to verify the email addresses and digital signatures of the senders.Continue Reading

• Clientless SSL VPN vulnerability and Web browser protection

  In a recent US-CERT advisory, clientless SSL VPN vulnerabilities were listed as posing serious threats to Web browser security. In this tip, learn possible actions to take for Web browser protection.Continue Reading

• Smart card security: Disable a lost smart card and track with GPS?

  Is it possible to track a lost or stolen smart card with GPS? In this IAM expert response, Randall Gamby gives advice on enhancing smart card security in such a situation.Continue Reading

• Preventing iPhone spying and other mobile management tips

  So you have an iPhone, you don't access the Internet, you use a PIN to authenticate and you never let the device out of your site. Michael Cobb explains why iPhone spying still isn't out of the question.Continue Reading

• Screencasts: On-screen demonstrations of security tools

  SearchSecurity.com's screencast series allows top experts to demonstrate popular information security tools and techniques, including tools for vulnerability scanning, network auditing, security reviews and more.Continue Reading

• A written information security policy (WISP) example for compliance

  Looking for a Written Information Security Policy (WISP) example for compliance with the Massachusetts data protection law? In this expert response, Ernie Hayden gives readers just that.Continue Reading

• How to use hping to craft packets

  A packet crafting tool that's been around for a long time, hping can be used to test if ports are open, as well as for firewall testing. Learn how to use hping in this tutorial.Continue Reading

• How to encrypt emails in Outlook

  Mike Chapple reviews how cryptography can be used to validate senders and keep important emails confidential.Continue Reading

• Can secure FTP services protect sensitive data from hackers?

  Does secure FTP services protect against hackers and attacks? In this expert response, Michael Cobb explains why using a secure FTP service is vital for handling sensitive data transfers.Continue Reading

• Five endpoint DLP deployment data security tips

  Deploying data loss prevention technology on endpoints requires a careful roll-out. Expert Rich Mogull offers five tips, including the need to start slowly with a set of power users and how to manage endpoint discovery.Continue Reading

• Encryption basics: How asymmetric and symmetric encryption works

  Before you encrypt your files, emails and Web transactions, make sure you know the cryptography basics.Continue Reading

• Best practices: Separation of duties for security administrators

  In this Q&A, expert Michael Cobb explores separation of duties for security administrators with access to domain controllers and servers running Windows, UNIX and Linux.Continue Reading

• Improving software with the Building Security in Maturity Model (BSIMM)

  Learn about the Building Security in Maturity Model (BSIMM), a software security framework that emphasizes attack models, software security testing, code review and compliance policies. Also, does your company have a software security group (SSG)?Continue Reading

• Remote webcam security surveillance: Invasion of privacy?

  Using remote webcam security surveillance to check the whereabouts of stolen laptops might seem like a good idea, but is it an invasion of privacy? In this expert response, Ernie Hayden discusses the best ways to maintain privacy and keep laptops ...Continue Reading

• How to grant local admin rights with Global Policy Objects

  When granting local admin rights, it's important to do it securely. Learn how to use Global Policy Objects and global security groups to do it correctly.Continue Reading

• Defending against RAM scraper malware in the enterprise

  A new type of malware attack, RAM scraper, may pose a serious threat to enterprise security. Learn what a RAM scraper attack is, and how you can defend your organization from this potentially damaging new malware attack.Continue Reading

• How to properly implement firewall egress filtering

  Deploying outbound rules on a firewall can be a tricky task; if not done properly, it can lead to business interruptions. Scott Floyd reviews best practices for avoiding mistakes when blocking outbound network traffic.Continue Reading

• Is a PCI DSS report on compliance confidential?

  Learn about the confidentiality of a PCI report on compliance, and a compliance audit report in general in this expert response from Ernie Hayden.Continue Reading

• Electronic access control system and biometrics authentication

  Biometrics authentication and an electronic access control system can be closely related, but they're not the same thing. In this IAM expert response, Randall Gamby explains the difference.Continue Reading

• Tips for writing secure SQL database code

  Writing secure code is always a challenge, but it is particularly necessary for SQL databases that would otherwise be vulnerable to SQL injection attacks. Get tips on how to write secure SQL database code in this expert response.Continue Reading

• Security report template: How to write an executive report

  Writing a security report for executives doesn't have to be difficult or extensive, but security management expert Ernie Hayden describes how to make it comprehensive and clear.Continue Reading

• Endpoint DLP fills data protection gap

  Learn how endpoint data loss prevention technology complements network DLP and secures data that users interact with on laptops, mobile and portable storage devices.Continue Reading

• What to do with network penetration test results

  It takes a lot of time and effort to plan and conduct an enterprise network penetration test, but the work doesn't stop there. Contributor David Meier explains how to conduct an analysis of pen testing results.Continue Reading

• Server Message Block Version 2 security in question: Disable or patch?

  Nick Lewis reviews the recent vulnerability discovered in a popular Windows file-sharing and printing protocol. Yes, there's a patch, but should you deploy it, or simply disable SMBv2?Continue Reading

• Considerations for buying and implementing DLP solutions

  Financial institutions are looking to data loss prevention solutions to prevent costly data security breaches. In this tip, Dave Shackleford explains key issues to weigh before buying and installing a DLP product.Continue Reading

• Is it possible to crack the public key encryption algorithm?

  Is it possible to create a PKI encryption key that is unbreakable? IAM expert Randall Gamby weighs in.Continue Reading

• HIPAA and Social Security numbers in a hospital computer network

  Learn when Social Security numbers can be used for patient identification without violating HIPAA patient confidentiality requirements.Continue Reading

• Prevent cross-site scripting hacks with tools, testing

  In this tutorial, learn how to prevent cross-site scripting (XSS) attacks, how to avoid a hack, and how to fix vulnerabilities and issues with cross-site scripting prevention tools, system and application testing and several other defense and ...Continue Reading

• Distributed denial-of-service protection: How to stop DDoS attacks

  In this tip, which is a part of our Web Application Attacks Security Guide, you will learn what a distributed denial-of service (DDoS) attack is, and learn how to stop and prevent DDoS attacks by using intrusion prevention technologies and products.Continue Reading

• Preventing and stopping SQL injection hack attacks

  In this tip, which is a part of our Web Application Attack Security Guide, you will learn methods, tools and best practices for preventing, avoiding and stopping SQL injection hack attacks.Continue Reading

• What are the top three network intrusion techniques?

  Nick Lewis reviews the top three technologies used by hackers to cover their tracks after a network intrusion.Continue Reading

• PuTTY configuration tips: How to connect to remote network systems

  Peter Giannoulis reviews PuTTY and explains how to use the Windows-based program as an SSH, telnet and rlogin client.Continue Reading

• PKI vulnerabilities: How to update PKI with secure hash functions

  Learn how to prevent PKI vulnerabilities recently announced by Dan Kaminsky from being exploited at your enterprise with advice from IAM expert Randall Gamby.Continue Reading

• Disaster recovery and business continuity tabletop exercises

  When disaster strikes, will your enterprise be ready? In this security management expert response, David Mortman explains what questions to ask during disaster recovery and business continuity tabletop exercises.Continue Reading

• How to prevent memory dump attacks

  Because databases are often encrypted, some attackers have switched to memory dump attacks. Michael Cobb explains how to protect your unencrypted transactions.Continue Reading

• How to protect a laptop: Biometrics vs. encryption

  How has biometrics changed the laptop security landscape? Is full disk encryption even necessary on a laptop with a biometric scanner? Learn more in this expert response.Continue Reading

• Personally identifiable information guidelines for U.S. passport numbers

  Do U.S. passport numbers count as personally identifiable information? Learn more about guidelines for PII in this security management expert response from David Mortman.Continue Reading

• Manage access to social networking sites with an acceptable use policy

  Social networking sites can cause security issues, but sites like Twitter and Facebook can also open up significant business opportunities. Learn how to manage employee access to social networking sites to make sure only those employees who need ...Continue Reading