Tips

Tips

• How to use Windows Group Policy to secure and restrict USB devices

  Learn how to use Windows GPOs take control of USB devices in your organization.  Continue Reading

• How to use a PDF redaction tool with a redacted document policy

  It may seem rudimentary, but sensitive data commonly leaks out of corporate networks in plain sight in the form of un-redacted documents. Such files -- those still containing hidden data or Microsoft "Track Changes" data -- can potentially lead to ...  Continue Reading

• Alternatives to password-reset questions tackle social networking cons

  With so much personal information available on the Internet, finding the answers to someone's password-reset questions can be quite easy. In this tip, learn about alternatives to the password-reset question option that can lead to more secure ...  Continue Reading

• Web 2.0 widgets: Enterprise protection for Web add-ons

  Web 2.0 widgets represent a threat vector that should not be overlooked at any enterprise organization. In this tip, Nick Lewis explains what a Web 2.0 widget is, and how companies can protect against them.  Continue Reading

• Free port scan: How to use Angry IP scanner

  Scanning IP ports is a critical part of maintaining enterprise information security. In this screencast, Peter Giannoulis explains how to use the free tool Angry IP scanner for these port scans.  Continue Reading

• Buying an IPS: Decide which applications and protocols your IPS will protect

  Application and protocol coverage varies in signature-, rate- and behavior-based intrusion prevention systems. Understanding the differences is crucial to your IPS investments. This is the third in a seven-part series.  Continue Reading

• How to test Windows operating system patches

  Windows patch testing may be easy when it comes to applications like Outlook. Tom Chmielarski reviews how to test more difficult updates to the operating system.  Continue Reading

• Evaluating tools for online bank security

  Criminals are hijacking online bank accounts with sophisticated bank Trojans but a variety of technologies promise online bank security. In this tip, Dave Shackleford examines the pros and cons of tools designed to thwart online banking fraud.  Continue Reading

• Zeus botnet analysis: Past, present and future threats

  The Zeus botnet isn't showing signs of fading. In fact, it now threatens a wider scope of organizations beyond the banking industry. Expert Nick Lewis offers a Zeus botnet analysis, looking at why it's been so effective, what it's doing now and how ...  Continue Reading

• Choosing smartphone encryption software for mobile smartphone security

  If your enterprise users have smartphones, then your enterprise may need smartphone encryption. In this tip, expert Dave Shackleford describes what to look for in smartphone encryption software, from cost to management capabilities.  Continue Reading

• Endpoint fingerprinting: How to improve NAC security for 'dumb devices'

  Many enterprises underestimate the potential security problems posed by "dumb devices" like network printers or IP phones. Forrester Research analyst Usman Sindhu explains how endpoint fingerprinting can be used as a NAC add-on to identify and ...  Continue Reading

• Your USB port management options

  When it comes to managing USB ports, the choice is yours. Mike Chapple reviews your three best options.  Continue Reading

• How to perform an Active Directory security audit

  As a security professional, you depend on Active Directory to provision users, but how secure is your implementation of AD itself? Learn how to perform an Active Directory security audit in this expert tip.  Continue Reading

• Enterprise PDF attack prevention best practices

  Malicious PDF exploits are at an all-time high. Should enterprises dump PDFs altogether? Expert Michael Cobb answers that question and offers his key enterprise PDF attack prevention tactics.  Continue Reading

• Database activity monitoring (DAM) software deployment issues to avoid

  Database activity monitoring software deployments can have their shortcomings. For example, issues with network monitoring and policy overload can impact compliance audits and database performance.  Continue Reading

• How to manage compliance as Chief Information Security Officer (CISO)

  When it comes to IT compliance management, creating an effective compliance program is one of many jobs of a Chief Information Security Officer (CISO). In this tip from security management expert Ernie Hayden, learn how to create such a program.  Continue Reading

• Conducting a user access review with a small information security staff

  Has there been cutbacks on your company's information security staff? It would be easy for certain security tasks to fall through the cracks. Learn how to keep access controls tight without spending a lot of time or energy.  Continue Reading

• Create a data breach response plan in 10 easy steps

  Having a solid data breach response plan in place can make the threat of a security breach less intimidating. In this tip, learn 10 steps to take that will lead to an effective data breach response plan.  Continue Reading

• Performing a security risk analysis to assess acceptable level of risk

  No organization is ever completely without risk, but there are steps that can be taken to establish an acceptable level of risk that can be appropriately mitigated. In this tip, Michael Cobb explains how to perform a security risk analysis to help ...  Continue Reading

• SMS two-factor authentication for electronic identity verification

  Tokens are no longer the only choice when it comes to OTPs and electronic identity verification. Learn about new two-factor authentication options involving SMS and mobile phones.  Continue Reading

• How to configure IIS authorization and manager permissions

  David Shackleford reviews authorization rules that will help you secure your IIS 7 Web server.  Continue Reading

• Operation Aurora: Tips for thwarting zero-day attacks, unknown malware

  In December 2009, Google, Adobe and other companies were the victims of a damaging cyberattack called Operation Aurora. In this tip, expert Nick Lewis outlines the lessons learned from this attack, and how companies can avoid falling victim to ...  Continue Reading

• Using Windows software restriction policies to stop executable code

  Software restriction policies are one way to prevent known malware and file-sharing applications from taking control of your network.  Continue Reading

• Creating a proactive enterprise security incident response program

  Every organization should develop a proactive security incident response program to ensure that when an incident does occur, it can be handled quickly and efficiently. Contributor Marcos Christodonte II explains how.  Continue Reading

• How risk management standards can work for enterprise IT

  Every organization should be able to articulate how IT threats can harm a business. Forrester Research Analyst Chris McClean explains how a five-step risk management strategy, based on a risk management standard like ISO 31000, makes it easier to ...  Continue Reading

• How to buy an IPS: Features, testing and review

  If you're considering IPS for your enterprise, make sure you know what to look for in the products you're reviewing. In this tip, network security expert David Meier describes how to conduct an IPS comparison and review of various features, ...  Continue Reading

• How to use COBIT for compliance

  While the COBIT framework has been around for a long time, it can still be very useful in terms of understanding goals and benchmarks for a security program that can, in turn, aid compliance with many regulations.  Continue Reading

• Scapy tutorial: How to use Scapy to test Snort rules

  When creating Snort rules, it's often difficult to test them before they go live. In this Scapy tutorial, Judy Novak explains how to use Scapy, a tool that simplifies packet crafting, to test new Snort rules.  Continue Reading

• Clientless SSL VPN vulnerability and Web browser protection

  In a recent US-CERT advisory, clientless SSL VPN vulnerabilities were listed as posing serious threats to Web browser security. In this tip, learn possible actions to take for Web browser protection.  Continue Reading

• Preventing iPhone spying and other mobile management tips

  So you have an iPhone, you don't access the Internet, you use a PIN to authenticate and you never let the device out of your site. Michael Cobb explains why iPhone spying still isn't out of the question.  Continue Reading

• How to use hping to craft packets

  A packet crafting tool that's been around for a long time, hping can be used to test if ports are open, as well as for firewall testing. Learn how to use hping in this tutorial.  Continue Reading

• How to encrypt emails in Outlook

  Mike Chapple reviews how cryptography can be used to validate senders and keep important emails confidential.  Continue Reading

• Five endpoint DLP deployment data security tips

  Deploying data loss prevention technology on endpoints requires a careful roll-out. Expert Rich Mogull offers five tips, including the need to start slowly with a set of power users and how to manage endpoint discovery.  Continue Reading

• Encryption basics: How asymmetric and symmetric encryption works

  Before you encrypt your files, emails and Web transactions, make sure you know the cryptography basics.  Continue Reading

• Improving software with the Building Security in Maturity Model (BSIMM)

  Learn about the Building Security in Maturity Model (BSIMM), a software security framework that emphasizes attack models, software security testing, code review and compliance policies. Also, does your company have a software security group (SSG)?  Continue Reading

• Defending against RAM scraper malware in the enterprise

  A new type of malware attack, RAM scraper, may pose a serious threat to enterprise security. Learn what a RAM scraper attack is, and how you can defend your organization from this potentially damaging new malware attack.  Continue Reading

• How to properly implement firewall egress filtering

  Deploying outbound rules on a firewall can be a tricky task; if not done properly, it can lead to business interruptions. Scott Floyd reviews best practices for avoiding mistakes when blocking outbound network traffic.  Continue Reading

• Server Message Block Version 2 security in question: Disable or patch?

  Nick Lewis reviews the recent vulnerability discovered in a popular Windows file-sharing and printing protocol. Yes, there's a patch, but should you deploy it, or simply disable SMBv2?  Continue Reading

• What to do with network penetration test results

  It takes a lot of time and effort to plan and conduct an enterprise network penetration test, but the work doesn't stop there. Contributor David Meier explains how to conduct an analysis of pen testing results.  Continue Reading

• Considerations for buying and implementing DLP solutions

  Financial institutions are looking to data loss prevention solutions to prevent costly data security breaches. In this tip, Dave Shackleford explains key issues to weigh before buying and installing a DLP product.  Continue Reading

• Prevent cross-site scripting hacks with tools, testing

  In this tutorial, learn how to prevent cross-site scripting (XSS) attacks, how to avoid a hack, and how to fix vulnerabilities and issues with cross-site scripting prevention tools, system and application testing and several other defense and ...  Continue Reading

• Preventing and stopping SQL injection hack attacks

  In this tip, which is a part of our Web Application Attack Security Guide, you will learn methods, tools and best practices for preventing, avoiding and stopping SQL injection hack attacks.  Continue Reading

• Distributed denial-of-service protection: How to stop DDoS attacks

  In this tip, which is a part of our Web Application Attacks Security Guide, you will learn what a distributed denial-of service (DDoS) attack is, and learn how to stop and prevent DDoS attacks by using intrusion prevention technologies and products.  Continue Reading

• PuTTY configuration tips: How to connect to remote network systems

  Peter Giannoulis reviews PuTTY and explains how to use the Windows-based program as an SSH, telnet and rlogin client.  Continue Reading

• How to prevent memory dump attacks

  Because databases are often encrypted, some attackers have switched to memory dump attacks. Michael Cobb explains how to protect your unencrypted transactions.  Continue Reading

• Weighing the pros and cons of end-to-end encryption and tokenization

  With PCI DSS and other compliance requirements, organizations are looking for surefire solutions to protect payment card and other sensitive data. Tokenization and end-to-end encryption have emerged as promising technologies, but as Dave Shackleford...  Continue Reading

• Using unique device identification for bank website security

  Almost everyone has been asked a password challenge question on a website. Learn how to prevent identity fraud with unique device identification.  Continue Reading

• Risk-based multifactor authentication implementation best practices

  A multifactor authentication implementation can be a hard sell to enterprise executives and users alike. In this tip, learn four key strategies to ensure that both groups understand and support the project.  Continue Reading

• A guide to internal and external network security auditing

  Contributor Stephen Cobb reviews the baseline network audit processes that a security professional should absolutely conduct regularly.  Continue Reading

• Benefits of ISO 27001 and ISO 27002 certification for your enterprise

  If your enterprise is considering becoming ISO 27001 and 27002 certified, there are several important questions to ask. Learn about the potential benefits of ISO 27001 and 27002 certification with this expert advice.  Continue Reading

• Identity lifecycle management for security and compliance

  Enterprise identities and their associated roles need to be provisioned for access to a variety of services and systems around the organization. In many cases, the entitlements provided to these various entities have a significant effect on ...  Continue Reading

• How to detect malicious insiders by monitoring antivirus log files

  Antivirus logs can be a low-cost, low-effort approach for resource-strapped companies to look for threats posed by malicious insiders.  Continue Reading

• Black box and white box testing: Which is best?

  There's no question that testing application security is essential for enterprises, but which is better: black box security testing or white box security testing? Learn more in this expert tip.  Continue Reading

• Cut down on calls to help desk with cybersecurity awareness training

  It's no secret that human error accounts for many security blunders. But what's the best way to implement cybersecurity awareness training in your enterprise to keep employees from clicking on phishing links or downloading viruses? In this tip, ...  Continue Reading

• Multifactor authentication options to secure online banking

  Banks are required to deploy multifactor authentication to secure online banking and meet FFIEC requirements. In this tip, Dave Shackleford describes some of the pros and cons associated with traditional forms of multifactor authentication as well ...  Continue Reading

• How to examine a DD image on Windows or Linux

  A slew of open source and commercial tools will help you examine a DD image on either Windows or Linux.  Continue Reading

• How to detect software tampering

  In their book Surreptitious Software, authors Christian Collberg and Jasvir Nasvir reveals how to tamperproof your software and make sure it executes as intended.  Continue Reading

• Preventing SQL injection attacks: A network admin's perspective

  Your database administrators and application developers should certainly be following best practices to avoid SQL injections, but Michael Cobb explains how network admins can do their part to fight those security exploits.  Continue Reading

• Security benefits of virtual desktop infrastructures

  In a highly regulated industry where security is critical, financial-services firms are turning to virtual desktop infrastructures. In this tip, Eric Ogren explains the security benefits of virtualized desktops and virtual workspace projects, ...  Continue Reading

• Screencast: How to launch an OpenVAS scan

  In this screencast, Peter Giannoulis demonstrates the OpenVAS Linux/Unix-based assessment and penetration testing tool.  Continue Reading

• Wireless network guidelines for PCI DSS compliance

  The PCI Security Standards Council recently released additional guidance for WLANs, but do they make the compliance process easier? Contributor Ben Rothke examines the key points of the new guidelines and offers additional advice for organizations ...  Continue Reading

• How to prevent phishing attacks with social engineering tests

  Is your enterprise capable of withstanding today's phishing attacks? Sherri Davidoff reviews how you can test your employees.  Continue Reading

• Creating a personal brand in information security

  In this month's Information Security Career Advisor column, experts Lee Kushner and Mike Murray explain how security pros can better demonstrate their abilities and stand out from the crowd.  Continue Reading

• Determine your Microsoft Windows patch level

  A handful of patch management tools from Microsoft and third -parties can help your organization determine your Windows patch level and identify missing security patches.  Continue Reading

• Automating Microsoft Windows patch management with WSUS

  Microsoft offers Windows Server Update Services (WSUS) as a free download, but there are installation and agent-related issues to contend with.  Continue Reading

• How SSL-encrypted Web connections are intercepted

  Enterprises and attackers alike have found ways to sniff private Web traffic, even when it's encrypted. Sherri Davidoff reviews how encrypted Web connections can be sniffed, and ways that users can reduce their risk.  Continue Reading

• PCI DSS compliance requirements: Ensuring data integrity

  Want to make sure you have secure data for PCI DSS? One of the first steps is making sure the data you're trying to secure is the right data. Security management expert David Mortman explains how to ascertain and maintain data integrity.  Continue Reading

• Vendor risk management: process and documentation

  As part of the vendor risk management process, regulators expect information security officers will document vendor relationships and have proper vendor documentation.  Continue Reading

• How to prepare for an information security job interview

  Lee Kushner and Mike Murray offer tips on how to impress possible employers after finally nailing down an information security job interview.  Continue Reading

• Are 'strong authentication' methods strong enough for compliance?

  If multifactor authentication is so great, why hasn't it replaced the password? Michael Cobb reviews the hype surrounding strong authentication. There are more drawbacks than you think.  Continue Reading

• Remote phone lock and GPS tracking counter smartphone security risks

  Lost or stolen smartphones pose serious security risks to data, but remote device lock technology and GPS tracking can help mitigate those risks. This is the first of two parts.  Continue Reading

• An introduction to Information Security Career Advisor

  SearchSecurity.com is pleased to partner with infosec career experts Lee Kushner and Mike Murray to bring you a new monthly column on information security careers. In their debut article, they explain why information security career coaching is ...  Continue Reading

• How to use Excel for security log data analysis

  Microsoft Excel can be an inexpensive and effective option for firewall, antivirus and server log analysis.  Continue Reading

• Checklist: Three firewall configuration tips

  If you are revisiting your firewall configurations, consider these three tips to help you monitor and manage your network traffic.  Continue Reading

• Acceptable use policy for Internet usage helps data protection efforts

  Acceptable use policies are an inexpensive, yet effective, control in limiting exposure to data breaches.  Continue Reading

• Making the case for enterprise IAM centralized access control

  Central access to multiple applications and systems can raise the level of security while getting rid of lots of red tape, so how do you go about creating central access management? In this tip, IAM expert David Griffeth explains the steps.  Continue Reading

• How to defend against rogue DHCP server malware

  Rogue DHCP server malware is a new twist on an old concept. The good news is that effective threat mitigation strategies exist; the bad news is that many organizations haven't bothered to deploy them.  Continue Reading

• How to use Kerberos and Credential manager for Windows single sign-on

  Windows administrators can avoid the expense of third-party single sign-on software and use Windows Kerberos in Windows Server 2003 and Credential Manager in Windows XP and Vista for client-side SSO.  Continue Reading

• Firewall rule management best practices

  Given the growing complexity of firewalls, organizations often have hundreds, even thousands, of rules to review and manage. But configuration doesn't have to be overly complicated. Michael Cobb offers best practices that can allow you to make ...  Continue Reading

• When BIOS updates become malware attacks

  Most security pros don't give the system BIOS a second thought, or even a first one, but today's BIOS types are highly susceptible to malicious hackers. Information security threats expert Sherri Davidoff explains how attackers can plant BIOS ...  Continue Reading

• The basics of enterprise GRC project management

  Implementing an enterprise GRC project requires not only the right technology and training, it also requires cooperation with the executives and employees whose systems and daily work functions may change as a result of the implementation. In this ...  Continue Reading

• Best practices for a privileged access policy to secure user accounts

  Enterprises need to secure accounts belonging to actual users by reviewing and monitoring their privileged access.  Continue Reading

• How to align an information security framework to your business model

  CISOs should consider blending traditional business models with information security frameworks, and not rely solely on regulations to drive security programs.  Continue Reading

• Rootkit Hunter demo: Detect and remove Linux rootkits

  Peter Giannoulis of The Academy Home and The Academy Pro demonstrates how to install and use Rootkit Hunter, a free rootkit scanner for Linux and BSD distributions.  Continue Reading

• Best practices: How to implement and maintain enterprise user roles

  Effective enterprise role management is essential for properly managing user access rights and enforcing access policies, but the implementation process can be challenging. In this tip, Forrester Research Principal Analyst Andras Cser offers a ...  Continue Reading

• How to find and stop automated SQL injection attacks

  Automated SQL injection worms use search engines to filter through vulnerable Web servers. In this tip, Patrick Szeto explains how to keep your website off of the malware's radar.  Continue Reading

• How to fill patch management gaps using Microsoft MBSA

  Microsoft Baseline Security Analyzer examines and quantitatively summarizes the state of your organization's Windows security.  Continue Reading

• An inside look at security log management forensics investigations

  David Strom provides some examples of log data that provided key clues to enterprise data breaches.  Continue Reading

• How to find sensitive information on the endpoint

  Worried that your enterprise endpoints may be harboring sensitive information like credit card numbers or Social Security numbers? Fear not. Mike Chapple offers algorithms and tools to conduct a search and advice on dealing with the results.  Continue Reading

• Five steps to eliminate rogue wireless access

  Unauthorized wireless access points aren't always malicious. Learn how to distinguish between them and mitigate threats posed by rogue APs.  Continue Reading

• When to use open source security tools over commercial products

  When budgets are cut and open networks still need securing, it may be helpful to try open source security tools as a sufficient and affordable alternative to pricey commercial products.  Continue Reading

• How to spot attacks through Apache Web server log analysis

  Log analysis requires refined search skills that will help you ferret out security issues. Brad Causey explains how to sift through log data and find the relevant security information.  Continue Reading

• Kerberos configuration as an authentication system for single sign-on

  Looking to implement single sign-on in your enterprise, but have a lot of custom applications that don't seem compatible? In this tip, IAM expert David Griffeth takes a look at Kerberos, a non-proprietary IAM tool, as a solution to network ...  Continue Reading

• Data security best practices for PCI DSS compliance

  The glut of recent data breaches, such as the one at Heartland Payment Systems Inc., leaves some security pros wondering if PCI DSS is doing its job. Is it worth all the effort to become PCI compliant if breaches still seem inevitable? In this ...  Continue Reading

• Vulnerability test methods for application security assessments

  Learn what to do when you have a huge portfolio of potentially insecure applications, limited resources and an overwhelming sense of urgency.  Continue Reading

• How to clear out anonymous Web proxy servers in the workplace

  Enterprises may use Web filtering software to limit Internet use, but some employees may respond right back with easily available anonymizing proxies. John Strand explains how to keep your users from bypassing content filters.  Continue Reading

• How to use (almost) free tools to find sensitive data

  No matter how much security awareness training employees get, some of them will still store sensitive data in insecure places. As a security manager, finding that data becomes of paramount importance -- but how to do it? In this tip, John Soltys ...  Continue Reading

• A preview of PCI virtualization specifications

  The PCI Data Security Standard has little to say about virtualization – for now. Michael Cobb explores which best practices are likely to appear in the council's upcoming clarification document.  Continue Reading

• How to integrate the security of both physical and virtual machines

  According to a recent Gartner Inc. research report, 60% of virtual machines will be less secure than their physical counterparts through 2009. Michael Cobb explores the challenges of securing a mixed infrastructure of physical and virtual machines.  Continue Reading

• How many firewalls do you need?

  Whether your organizations needs multiple sets of firewalls depends on whether they will protect clients, servers or both and what kind of traffic they will monitor.  Continue Reading