Tips

Tips

• Operation Aurora: Tips for thwarting zero-day attacks, unknown malware

  In December 2009, Google, Adobe and other companies were the victims of a damaging cyberattack called Operation Aurora. In this tip, expert Nick Lewis outlines the lessons learned from this attack, and how companies can avoid falling victim to ...  Continue Reading

• UTM appliances in the enterprise: Are they enough?

  UTM appliances are in high demand at small and midsize companies looking to secure the network. But how do UTM appliances fit into a defense-in-depth strategy in the enterprise? In this tip, Michael Cobb weighs the pros and cons of using UTM devices...  Continue Reading

• Data encryption methods: Securing emerging endpoints

  Enterprises face a new challenge in the form of endpoint encryption for emerging devices. In this tip, Mike Chapple explains how companies can go about evaluating and choosing data encryption methods for emerging endpoints such as iPads, netbooks ...  Continue Reading

• Creating a proactive enterprise security incident response program

  Every organization should develop a proactive security incident response program to ensure that when an incident does occur, it can be handled quickly and efficiently. Contributor Marcos Christodonte II explains how.  Continue Reading

• How to use Malwarebytes to scan for and remove malware

  This month, Peter Giannoulis from TheAcademyPro.com offers a video demonstration of Malwarebytes' Anti-Malware, a free tool that can eliminate many of the especially difficult or hidden viruses and malware on infected machines.  Continue Reading

• How risk management standards can work for enterprise IT

  Every organization should be able to articulate how IT threats can harm a business. Forrester Research Analyst Chris McClean explains how a five-step risk management strategy, based on a risk management standard like ISO 31000, makes it easier to ...  Continue Reading

• How to buy an IPS: Features, testing and review

  If you're considering IPS for your enterprise, make sure you know what to look for in the products you're reviewing. In this tip, network security expert David Meier describes how to conduct an IPS comparison and review of various features, ...  Continue Reading

• Leveraging an effective information security career network

  Building an effective information security career network is a difficult task, but leveraging it can also be a challenge. In this tip, infosec career experts Lee Kushner and Mike Murray explain how to best use your information security career ...  Continue Reading

• How to use COBIT for compliance

  While the COBIT framework has been around for a long time, it can still be very useful in terms of understanding goals and benchmarks for a security program that can, in turn, aid compliance with many regulations.  Continue Reading

• Forensic incident response: Integrating a SIM system and an IAM system

  SIM systems and identity management systems are designed to operate independently; by understanding where each technology's integration points are and how to maintain their effectiveness once they're joined, it's possible to create a more effective ...  Continue Reading

• Scapy tutorial: How to use Scapy to test Snort rules

  When creating Snort rules, it's often difficult to test them before they go live. In this Scapy tutorial, Judy Novak explains how to use Scapy, a tool that simplifies packet crafting, to test new Snort rules.  Continue Reading

• Clientless SSL VPN vulnerability and Web browser protection

  In a recent US-CERT advisory, clientless SSL VPN vulnerabilities were listed as posing serious threats to Web browser security. In this tip, learn possible actions to take for Web browser protection.  Continue Reading

• Preventing iPhone spying and other mobile management tips

  So you have an iPhone, you don't access the Internet, you use a PIN to authenticate and you never let the device out of your site. Michael Cobb explains why iPhone spying still isn't out of the question.  Continue Reading

• How to use hping to craft packets

  A packet crafting tool that's been around for a long time, hping can be used to test if ports are open, as well as for firewall testing. Learn how to use hping in this tutorial.  Continue Reading

• PCI compliance requirements affect IT risk assessments

  In their book PCI Compliance: Understand and Implement Effective PCI Data Security Standard Compliance, authors Dr. Anton Chuvakin and Branden Williams discuss how to best approach PCI compliance requirements in your organization.  Continue Reading

• Networking for career success in the information security industry

  Networking for career success in information security can be a difficult task. In this month's infosec career tip, learn how to build an effective information security career network, and why doing so can enhance your career.  Continue Reading

• Securing naming and directory services for application defense-in-depth

  There are several aspects of naming and directory services when it comes to security. In this tip, part of the SearchSecurity.com Application Security School lesson, learn how to secure LDAP, as well as how application security teams can work with ...  Continue Reading

• Five endpoint DLP deployment data security tips

  Deploying data loss prevention technology on endpoints requires a careful roll-out. Expert Rich Mogull offers five tips, including the need to start slowly with a set of power users and how to manage endpoint discovery.  Continue Reading

• Improving software with the Building Security in Maturity Model (BSIMM)

  Learn about the Building Security in Maturity Model (BSIMM), a software security framework that emphasizes attack models, software security testing, code review and compliance policies. Also, does your company have a software security group (SSG)?  Continue Reading

• Defending against RAM scraper malware in the enterprise

  A new type of malware attack, RAM scraper, may pose a serious threat to enterprise security. Learn what a RAM scraper attack is, and how you can defend your organization from this potentially damaging new malware attack.  Continue Reading

• How to properly implement firewall egress filtering

  Deploying outbound rules on a firewall can be a tricky task; if not done properly, it can lead to business interruptions. Scott Floyd reviews best practices for avoiding mistakes when blocking outbound network traffic.  Continue Reading

• Server Message Block Version 2 security in question: Disable or patch?

  Nick Lewis reviews the recent vulnerability discovered in a popular Windows file-sharing and printing protocol. Yes, there's a patch, but should you deploy it, or simply disable SMBv2?  Continue Reading

• What to do with network penetration test results

  It takes a lot of time and effort to plan and conduct an enterprise network penetration test, but the work doesn't stop there. Contributor David Meier explains how to conduct an analysis of pen testing results.  Continue Reading

• Cloud computing in 2010: Be ready for risk management challenges

  As our tip series continues, Michael Cobb predicts some risk management challenges in 2010 as more companies get caught with their head in the 'cloud.'  Continue Reading

• How to use TrueCrypt for disk encryption

  Learn how to use TrueCrypt to create an encrypted drive on a Windows PC, as well as how to create a hidden drive within a drive as an additional data protection measure.  Continue Reading

• Stay or jump ship? How to be happy with your infosec job

  Don't leave your job just yet. Lee Kushner and Mike Murray suggest ways to maximize your role and stay satisfied with your career path.  Continue Reading

• Preparing for future security threats, evolving malware

  Security expert Nick Lewis predicts how infosec threats will evolve in 2010. Luckily, enterprise defenses will evolve, too.  Continue Reading

• The future of PCI DSS encryption requirements? Tokenization for PCI

  Can tokenization help reduce the scope of PCI DSS? How does tokenization interact with PCI DSS encryption requirements? Learn more about this technology and whether it's right for your enterprise.  Continue Reading

• Security compliance predictions for 2010: New regulations, new technology

  What will 2010 hold for security compliance? Security management expert David Mortman discusses HITECH, changes to PCI and cloud computing compliance strategies for the new year.  Continue Reading

• IAM trends: Rebuilding security with provisioning technologies

  There's no question that the coming year will bring new demands for IAM technologies. In this tip, learn what expert Randall Gamby believes will be the best technologies on which to focus your efforts and dollars for increased IAM security.  Continue Reading

• Compliance strategy: How to become an internal IT auditor

  The word "auditor" can make many information security pros cringe. But in this tip, learn how to become an internal IT auditor to help advance your enterprise's regulatory compliance programs.  Continue Reading

• Distributed denial-of-service protection: How to stop DDoS attacks

  In this tip, which is a part of our Web Application Attacks Security Guide, you will learn what a distributed denial-of service (DDoS) attack is, and learn how to stop and prevent DDoS attacks by using intrusion prevention technologies and products.  Continue Reading

• Prevent cross-site scripting hacks with tools, testing

  In this tutorial, learn how to prevent cross-site scripting (XSS) attacks, how to avoid a hack, and how to fix vulnerabilities and issues with cross-site scripting prevention tools, system and application testing and several other defense and ...  Continue Reading

• How to stop buffer-overflow attacks and find flaws, vulnerabilities

  In this tip, which is part of our Web Application Attack Security Guide, learn how to stop buffer-overflow attacks from infiltrating your systems and learn how to find buffer-overflow flaws and vulnerabilities with protection and defense methods and...  Continue Reading

• Preventing and stopping SQL injection hack attacks

  In this tip, which is a part of our Web Application Attack Security Guide, you will learn methods, tools and best practices for preventing, avoiding and stopping SQL injection hack attacks.  Continue Reading

• PuTTY configuration tips: How to connect to remote network systems

  Peter Giannoulis reviews PuTTY and explains how to use the Windows-based program as an SSH, telnet and rlogin client.  Continue Reading

• How to prevent memory dump attacks

  Because databases are often encrypted, some attackers have switched to memory dump attacks. Michael Cobb explains how to protect your unencrypted transactions.  Continue Reading

• GRC customers point to better efficiency, convergence and consistency

  There's no getting around the need for corporate governance, risk and compliance management, but a GRC platform can improve efficiency, convergence and consistency. Forrester Research explains the benefits of a GRC platform implementation.  Continue Reading

• Using unique device identification for bank website security

  Almost everyone has been asked a password challenge question on a website. Learn how to prevent identity fraud with unique device identification.  Continue Reading

• Entering 2010: The economy and the state of information security

  The year 2009 will be remembered as a paradigm-shift in the information security employment market, say career experts Lee Kushner and Mike Murray. See why they predict an even more competitive environment in 2010.  Continue Reading

• Risk-based multifactor authentication implementation best practices

  A multifactor authentication implementation can be a hard sell to enterprise executives and users alike. In this tip, learn four key strategies to ensure that both groups understand and support the project.  Continue Reading

• A guide to internal and external network security auditing

  Contributor Stephen Cobb reviews the baseline network audit processes that a security professional should absolutely conduct regularly.  Continue Reading

• Best practices for (small) botnets

  Your enterprise might have a strategy to deal with a large-scale botnet attack, but how would you deal with a micro-botnet that knows how to bypass antivirus and firewalls? Get botnet help with this expert advice.  Continue Reading

• Benefits of ISO 27001 and ISO 27002 certification for your enterprise

  If your enterprise is considering becoming ISO 27001 and 27002 certified, there are several important questions to ask. Learn about the potential benefits of ISO 27001 and 27002 certification with this expert advice.  Continue Reading

• How to keep networks secure when deploying an 802.11n upgrade

  Before you upgrade to 802.11n, Lisa Phifer has seven questions that every network security pro should consider.  Continue Reading

• Screencast: Find rogue wireless access points with Vistumbler

  Peter Giannoulis of TheAcademyHome.com and TheAcademyPro.com explains how to use the basic features of the free Vistumbler tool.  Continue Reading

• How to protect distributed information flows

  In a book excerpt from "The Shortcut Guide to Prioritizing Security Spending," author Dan Sullivan explains how to get a handle on enterprise data that may be moving around the globe.  Continue Reading

• Identity lifecycle management for security and compliance

  Enterprise identities and their associated roles need to be provisioned for access to a variety of services and systems around the organization. In many cases, the entitlements provided to these various entities have a significant effect on ...  Continue Reading

• Interpreting 'risk' in the Massachusetts data protection law

  After many changes, it appears that the recent Massachusetts data protection law is here to stay. Contributor David Navetta reviews the important, ambiguous places in the legislation that your legal and compliance teams must zero in on in order to ...  Continue Reading

• Cut down on calls to help desk with cybersecurity awareness training

  It's no secret that human error accounts for many security blunders. But what's the best way to implement cybersecurity awareness training in your enterprise to keep employees from clicking on phishing links or downloading viruses? In this tip, ...  Continue Reading

• Black box and white box testing: Which is best?

  There's no question that testing application security is essential for enterprises, but which is better: black box security testing or white box security testing? Learn more in this expert tip.  Continue Reading

• Straight from the inbox: Your infosec career questions answered

  Lee Kushner and Mike Murray answer this month's batch of information security career questions. Readers asked about the value of infosec certifications, information security officer training and online master's degrees.  Continue Reading

• How to prepare for a secure network hardware upgrade

  Thanks to the spread of 64-bit technologies and the growing interest in IPv6 -- not to mention the possibility of a merger or acquisition -- a major network hardware upgrade is a definite possibility for many organizations. Michael Cobb shows you ...  Continue Reading

• How to detect software tampering

  In their book Surreptitious Software, authors Christian Collberg and Jasvir Nasvir reveals how to tamperproof your software and make sure it executes as intended.  Continue Reading

• Preventing SQL injection attacks: A network admin's perspective

  Your database administrators and application developers should certainly be following best practices to avoid SQL injections, but Michael Cobb explains how network admins can do their part to fight those security exploits.  Continue Reading

• FTC Red Flags Rules: How to create an identity theft prevention plan

  Under FTC's Red Flags Rules, all financial institutions and creditors with covered accounts are required to create an identity theft prevention plan. But who is a creditor and what is a covered account? Learn more in this expert tip.  Continue Reading

• Breach prevention: How to keep track of data and applications

  The well-known Heartland Payment Systems breach demonstrates the importance of data security. Michael Cobb reviews which tools best monitor a company's valuable enterprise applications and keep track of where sensitive and confidential data is ...  Continue Reading

• Screencast: How to launch an OpenVAS scan

  In this screencast, Peter Giannoulis demonstrates the OpenVAS Linux/Unix-based assessment and penetration testing tool.  Continue Reading

• Creating a HIPAA employee training program

  Want to get your employees on board the HIPPA/HITECH compliance train? Learn how to create a HIPAA employee awareness training program to make sure employees understand what's at stake.  Continue Reading

• Wireless network guidelines for PCI DSS compliance

  The PCI Security Standards Council recently released additional guidance for WLANs, but do they make the compliance process easier? Contributor Ben Rothke examines the key points of the new guidelines and offers additional advice for organizations ...  Continue Reading

• How to prevent phishing attacks with social engineering tests

  Is your enterprise capable of withstanding today's phishing attacks? Sherri Davidoff reviews how you can test your employees.  Continue Reading

• Creating a personal brand in information security

  In this month's Information Security Career Advisor column, experts Lee Kushner and Mike Murray explain how security pros can better demonstrate their abilities and stand out from the crowd.  Continue Reading

• Content-aware IAM: Uniting user access and data rights

  In the world of IT security, IAM and data protection have generally kept to their separate corners. That trend, however, may be shifting with the onset of content-aware IAM that merges granular user access with advanced data protection.  Continue Reading

• Aligning network security with business priorities

  Too often, network security administrators have their security budget requests nixed by executives because they weren't able to align their requests with business priorities. In this tip, learn how to make sure your security and business priorities ...  Continue Reading

• Data protection tips for corporate compliance leaders

  Author Rebecca Herold explains why compliance professionals need to understand data protection issues in order to successfully do their job.  Continue Reading

• An enterprise strategy for Web application security threats

  People Security founder Hugh Thompson reviews the tools and tactics, from security assessments to Web application firewalls, that are essential to an application security strategy.  Continue Reading

• Scanning with N-Stalker offers basic Web application security assessment

  In this month's SearchSecurity.com screencast video demo, Peter Giannoulis of TheAcademyHome.com and TheAcademyPro.com introduces N-Stalker, a free Web application security assessment scanner available for Windows.  Continue Reading

• How SSL-encrypted Web connections are intercepted

  Enterprises and attackers alike have found ways to sniff private Web traffic, even when it's encrypted. Sherri Davidoff reviews how encrypted Web connections can be sniffed, and ways that users can reduce their risk.  Continue Reading

• PCI DSS compliance requirements: Ensuring data integrity

  Want to make sure you have secure data for PCI DSS? One of the first steps is making sure the data you're trying to secure is the right data. Security management expert David Mortman explains how to ascertain and maintain data integrity.  Continue Reading

• Lifecycle of a network security vulnerability

  In a chapter excerpt from Practical Intrusion Analysis: Prevention and Detection for the Twenty-First Century,author Ryan Trost reveals the full process of providing intrusion detection system coverage for a security vulnerability.  Continue Reading

• How to prepare for an information security job interview

  Lee Kushner and Mike Murray offer tips on how to impress possible employers after finally nailing down an information security job interview.  Continue Reading

• Security on a budget: How to make the most of authentication tools

  Working on an identity and access management project can be hard enough without having to worry about sufficient funding. In this tip, learn how to leverage existing identity and access management tools and software to keep your budget lean and your...  Continue Reading

• How a corporate Twitter policy can combat social network threats

  Despite the recent security risks, there is no reason to completely shut down Twitter use in the enterprise. There are, however, important policy controls and technologies that need to be put in place before you let the microblogging site into your ...  Continue Reading

• Understanding PCI DSS compliance requirements for log management

  Proper PCI DSS compliance requires effective event log management, but many enterprises fail to not only gather all the relevant data, but also analyze and remediate the results. Forrester Research Senior Analyst John Kindervag offers best practices...  Continue Reading

• Screencast: BackTrack 4 offers an arsenal of penetration testing tools

  Peter Giannoulis of TheAcademyPro.com and TheAcademyHome.com demonstrates BackTrack 4, the final version of the venerable pen-testing live Linux-based CD distribution.  Continue Reading

• Information security management hype: Debunking best practices

  The phrase "best practices" gets tossed around frequently in the security industry, but what does it really mean? Are enterprises actually implementing these best practices in information security, or are they just a bunch of security hype?  Continue Reading

• Cyberwarfare and the enterprise: Is the threat real?

  Recently, there has been a great deal of press about massive botnets and killer denial-of-service attacks. So how concerned should you really be about cyberwarfare? The threat is real, says contributor Sherri Davidoff, but the underlying problems ...  Continue Reading

• Top social networking sites to boost your information security career

  Information security professionals who are not using LinkedIn, Facebook and Twitter could be missing out on potentially valuable opportunities to advance their careers. In this month's Information Security Career Advisor column, experts Lee Kushner ...  Continue Reading

• Network access control technology: Over-hyped or underused?

  Thinking of deploying network access control (NAC) technology in your enterprise, but aren't sure if its capabilities have finally caught up to its hype? In this expert tip, Mike Chapple offers an update on NAC and whether it might be right for your...  Continue Reading

• Are 'strong authentication' methods strong enough for compliance?

  If multifactor authentication is so great, why hasn't it replaced the password? Michael Cobb reviews the hype surrounding strong authentication. There are more drawbacks than you think.  Continue Reading

• Strategies for using technology to enable automated compliance

  Enterprise compliance programs depend on a variety of people, data and processes, so it's no surprise that many organizations seek to implement automated compliance with the help of technology. However, such efforts can easily fail without due ...  Continue Reading

• Smoothwall video: Smoothwall firewall offers defense in lean times

  Peter Giannoulis of TheAcademyHome.com and TheAcademyPro.com details why Smoothwall may be a smart choice to protect SMBs or lower-priority assets on the cheap  Continue Reading

• Monitoring program data and internal controls for risk management

  It's sad but true: Some employees are going to leak or even steal sensitive data. But what are the best ways to mitigate that risk? Learn the best ways to create internal controls for risk management in order to keep your data where it belongs.  Continue Reading

• How to prepare for a layoff or 'career incident'

  Information security professionals carry valuable skills, but they're still not immune to today's economic downturn. In this month's Information Security Career Advisor column, experts Lee Kushner and Mike Murray explain how workers currently in the...  Continue Reading

• An introduction to Information Security Career Advisor

  SearchSecurity.com is pleased to partner with infosec career experts Lee Kushner and Mike Murray to bring you a new monthly column on information security careers. In their debut article, they explain why information security career coaching is ...  Continue Reading

• How to find virtual machines for greater virtualization compliance

  When it comes to compliance and virtualization, security vulnerabilities and privacy concerns are not the only issues of interest to auditors. Managing internal virtual machines can be a major security and compliance hurdle, particularly in ...  Continue Reading

• Making the case for enterprise IAM centralized access control

  Central access to multiple applications and systems can raise the level of security while getting rid of lots of red tape, so how do you go about creating central access management? In this tip, IAM expert David Griffeth explains the steps.  Continue Reading

• How to defend against rogue DHCP server malware

  Rogue DHCP server malware is a new twist on an old concept. The good news is that effective threat mitigation strategies exist; the bad news is that many organizations haven't bothered to deploy them.  Continue Reading

• PCI management: The case for Web application firewalls

  Expert Michael Cobb lays out the compliance and security benefits of Web application firewalls.  Continue Reading

• Common PCI questions: Web application firewalls or source code review?

  Is it better to use Web application firewalls, automated source code security reviews or vulnerability scans? Michael Cobb reviews your options.  Continue Reading

• Screencast: Samurai offers pen-testing nirvana

  Peter Giannoulis of The AcademyPro and The Academy Home demonstrates the Samurai Web Testing Framework, a free, live Linux distro pre-configured to function as a stand-alone Web pen-testing environment.  Continue Reading

• Firewall rule management best practices

  Given the growing complexity of firewalls, organizations often have hundreds, even thousands, of rules to review and manage. But configuration doesn't have to be overly complicated. Michael Cobb offers best practices that can allow you to make ...  Continue Reading

• When BIOS updates become malware attacks

  Most security pros don't give the system BIOS a second thought, or even a first one, but today's BIOS types are highly susceptible to malicious hackers. Information security threats expert Sherri Davidoff explains how attackers can plant BIOS ...  Continue Reading

• The basics of enterprise GRC project management

  Implementing an enterprise GRC project requires not only the right technology and training, it also requires cooperation with the executives and employees whose systems and daily work functions may change as a result of the implementation. In this ...  Continue Reading

• Best practices for a privileged access policy to secure user accounts

  Enterprises need to secure accounts belonging to actual users by reviewing and monitoring their privileged access.  Continue Reading

• Mac OS memory flaws pose challenges for enterprise endpoint protection

  Recent research suggests that poor memory protections in the Mac OS make it much less secure than previously believed. Dee-Ann LeBlanc details how the Mac OS can be exploited and whether new defenses are needed to protect Mac endpoints on enterprise...  Continue Reading

• How to align an information security framework to your business model

  CISOs should consider blending traditional business models with information security frameworks, and not rely solely on regulations to drive security programs.  Continue Reading

• Rootkit Hunter demo: Detect and remove Linux rootkits

  Peter Giannoulis of The Academy Home and The Academy Pro demonstrates how to install and use Rootkit Hunter, a free rootkit scanner for Linux and BSD distributions.  Continue Reading

• Enterprise UTM security: The best threat management solution?

  Unified threat management technology is touted as the cure-all for enterprise network security. But is UTM the best product for keeping threats at bay? Expert Mike Chapple explains the pros and cons of UTM and when UTM might be right for your ...  Continue Reading

• Best practices: How to implement and maintain enterprise user roles

  Effective enterprise role management is essential for properly managing user access rights and enforcing access policies, but the implementation process can be challenging. In this tip, Forrester Research Principal Analyst Andras Cser offers a ...  Continue Reading