Tips

Tips

• How to prevent a WPS flaw from damaging enterprise wireless security

  The recent WPS flaw isn't just a consumer issue. Nick Lewis explains the effect on enterprise wireless security and how to avoid security issues.  Continue Reading

• DNS attack prevention: Inside DNS components vulnerable to attack

  DNS attack prevention demands an understanding of the four core DNS components attackers often target. Expert Char Sample explains.  Continue Reading

• Types of DNS attacks reveal DNS defense tactics

  A thorough understanding of the types of DNS attacks, including DoS, reflector attacks and DNS cache poisoning, reveal key DNS defense tactics.  Continue Reading

• HTML5 security: Will HTML5 replace Flash and increase Web security?

  Will HTML5 replace Flash? Expert Michael Cobb discusses whether HTML5 security is better than Flash, and why HTML5 traffic can be harder to secure.  Continue Reading

• DoS attack responses demand better business continuity plans

  Expert Nick Lewis says an effective DoS attack responses demand better business continuity plans, including pre-negotiating with providers.  Continue Reading

• How to test a firewall: A three-step guide for testing firewalls

  There are three steps when testing firewalls for your organization. Expert Joel Snyder explains how to test a firewall.  Continue Reading

• Web-facing applications: Mitigating likely Web application threats

  New, interactive Web-facing applications are popping up all the time, but expert Nick Lewis advises enterprises on how to be vigilant against Web application threats.  Continue Reading

• How to set up your own secure enterprise Android app store

  Reduce the risk posed by smartphones and mobile applications by setting up a corporate app store for users that helps ensure Android application security.  Continue Reading

• SIEM technology primer: SIEM platforms have improved significantly

  After a rocky start with early SIEM technologies, current offerings are easier to use and provide more reliable automated responses.  Continue Reading

• For U.S. companies, EU cookie compliance calls for website changes

  With recent changes to European data privacy laws, U.S. enterprises must make website changes to meet EU cookie compliance deadlines.  Continue Reading

• Security event log management, analysis needs effective ways to search log files

  Search is a key discipline for security log management. John Burke explains how to better search log files to improve security event log management.  Continue Reading

• Securing the SIEM system: Control access, prioritize availability

  The prospect of a SIEM system crash should scare any enterprise. Guard against a compromised SIEM system to protect the security nerve center.  Continue Reading

• Key steps to perform a successful information security gap analysis

  Need to assess the holes in your organization’s network? Learn how an information security gap analysis can help you find network security weaknesses.  Continue Reading

• How to ensure data security by spotting enterprise security weaknesses

  How can a specialized organization spot security weaknesses? Nick Lewis offers a process to help niche companies ensure data security.  Continue Reading

• Employee risk assessment: Helping security spot high-risk employees

  Expert Ernie Hayden offers a brief primer on employee risk assessment using CERT guidelines to help security teams spot high-risk employees.  Continue Reading

• SEC disclosure rules: Public company reporting requirements explained

  Learn the public company reporting requirements necessary to comply with CF Disclosure Guidance Topic No. 2, the SEC's cybersecurity reporting rules.  Continue Reading

• Exploring Google Chromebook security for the enterprise

  The Chromebook is unique among new entrants in the mobile device arena. Mike Cobb breaks down the key Google Chromebook security issues enterprises need to know.  Continue Reading

• Android security settings and controls for Android enterprise security

  Can Androids ever be secure enough for corporate use? Learn about Android security controls to enable effective Android enterprise security.  Continue Reading

• Adopt Zero Trust to help secure the extended enterprise

  Forrester Analyst John Kindervag explains Zero Trust Model and how it can be applied to protect data in today’s extended enterprise.  Continue Reading

• Metadata security and preventing leakage of sensitive information

  Without accounting for metadata security, sensitive document data can easily be extracted. Mike Chapple explores technologies to support metadata security.  Continue Reading

• VoIP eavesdropping: Hardening network security to contain VoIP risks

  Mike Chapple analyzes the VoIP risks posed by implementing a VoIP network and exposes the reality of telephone eavesdropping.  Continue Reading

• Privileged user access management: How to avoid access creep

  One of the most difficult areas of privileged user access management is avoiding access creep. John Burke covers how to keep privileged users in check.  Continue Reading

• How to implement an enterprise threat assessment methodology

  Learn how incorporating an assessment of external threats can increase the accuracy and comprehensiveness of risk assessments.  Continue Reading

• P2P encryption: Pros and cons of point-to-point encryption

  P2P encryption is an emerging technology; one that may be helpful for many companies, especially merchants. Mike Chapple dissects the pros and cons.  Continue Reading

• Building a compliance culture means learning from mistakes

  In this bonus to our "Compliance scorecard" Security School lesson, Eric Holmquist covers the importance of learning from failure by assessing how and why mistakes happen.  Continue Reading

• Modern security management strategy requires security separation of duties

  Contributor Matthew Pascucci argues that enterprises need security separation of duties to ensure an effective, modern security management strategy.  Continue Reading

• Anti-social engineering training: The first line of defense against human error

  Security team member Jeffrey Catalfamo details the key elements of a successful anti-social engineering training program.  Continue Reading

• How to write an effective enterprise mobile device security policy

  Expert Lisa Phifer explains the process for creating a winning enterprise mobile device security policy that reduces the risk of mobile data threats.  Continue Reading

• Four VDI security concepts for every virtual desktop deployment

  Traditional IT security measures don’t always apply well to virtual desktop infrastructures; apply these four VDI security concepts.  Continue Reading

• How to create a problem management process flow to minimize incidents

  Most organizations have an incident response team, but how many have a problem management team? Michael Cobb explains how problem management can prevent incidents.  Continue Reading

• Best practices for enterprise database compliance

  Successful enterprise database compliance means, for starters, access must be tightly controlled and monitored. Get an understanding of key database compliance essentials.  Continue Reading

• Securing Android devices with a mobile device security policy

  Secure employee-liable Android devices with workable security policies that discover, enroll, protect and monitor all Android endpoints.  Continue Reading

• Zero-day vulnerabilities and the patch management process: To test or not to test?

  Learn whether it’s better to risk exposure and take time to test zero-day patches, or risk business disruption and patch without testing.  Continue Reading

• Using standardized enterprise security practices to secure and defend your network

  PCI DSS, HIPAA, ISO and other enterprise compliance guidelines offer a foundation to build repeatable information security processes and procedures. Marcos Christodonte II explains how.  Continue Reading

• Remediating IT vulnerabilities: Quick hits for risk prioritization

  There's no way to eradicate all IT vulnerabilities, but spotting the most critical ones is essential. Read these quick hits for risk prioritization.  Continue Reading

• How to prevent phishing attacks: User awareness and training

  In this expert tip, David Sherry describes how a combination of technical controls and user awareness training can help put a dent in phishers’ attempts at spear phishing.  Continue Reading

• How to know if you need file activity monitoring to track file access

  Is file activity monitoring, a new product meant to integrate with DLP to provide more granular file access tracking, right for your enterprise?  Continue Reading

• Role-based access control for effective security management

  Effective role-based access control is vital for properly managing user access rights and enforcing access policies, but avoiding role sprawl can be challenging.  Continue Reading

• XACML tutorial: Using XACML as a foundation for entitlement management

  Learn how to use XACML to externalize fine-grained authorization from application logic and support cloud-based IAM initiatives.  Continue Reading

• Spear phishing examples: How to stop phishing from compromising users

  Spear phishing targets the weakest link in most security programs: users. These spear phishing examples can help your enterprise thwart attacks.  Continue Reading

• SOX compliance checklist: Five ways to refine a SOX compliance program

  SOX compliance is still too burdensome for many enterprises. Here are five ways to streamline a lagging SOX compliance program.  Continue Reading

• How to use OWASP Broken Web Apps to prevent vulnerabilities

  OWASP Broken Web Apps allows pen testers to attack applications that are intentionally insecure to hone their skills at securing their own apps.  Continue Reading

• COBIT 5: A first look at the recent updates

  In this tip, learn how to integrate the new management practices from COBIT 5 into current IT security framework implementations.  Continue Reading

• Proactive security measures: How to prevent malware attacks

  Security teams don't always need to be on the reactive. Learn how to implement proactive security strategies that prevent malware infections.  Continue Reading

• Mitigating security risks of mobile location-based services technology

  What can enterprises do to mitigate the security risk of mobile location-based services technology and the like? Start by limiting smartphone apps.  Continue Reading

• Secure tokens: Preventing two-factor token authentication exploits

  What are the most common attacks against two-factor authentication, and how can you protect against them? Expert Nick Lewis weighs in.  Continue Reading

• An inside look into OWASP’s Mantra tool

  OWASP’s Mantra tool is being praised by security pro’s for its abundance of options and ease of use. In this screencast, Mike McLaughlin takes a look at what Mantra has to offer.  Continue Reading

• How to collect Windows Event logs to detect a targeted attack

  Targeted attacks are growing, and eventually your enterprise will be a target. Expert Richard Bejtlich covers how to collect Windows Event logs to detect an intrusion.  Continue Reading

• Understanding iPad security concerns for better iPad enterprise management

  Are iPad security concerns burdening your company’s adoption of the technology? Expert Michael Cobb discusses common security concerns and iPad enterprise management issues.  Continue Reading

• Business partner security: Managing business risk

  Allowing outside business partner access to your systems and data always comes with some level of risk. Nick Lewis examines what those risks are and strategies for managing business risk.  Continue Reading

• WebScarab tutorial: Demonstration of WebScarab proxy functionalities

  In this WebScarab tutorial video, get step-by-step advice on how to install and use this free tool, including the WebScarab proxy features, among others.  Continue Reading

• Requirements for secure IPv6 deployments include better IPv6 tester tools

  More staff training, industry research and improved IPv6 tester tools are essential for secure IPv6 deployments in the enterprise. Expert Fernando Gont explains why.  Continue Reading

• Choosing the best security certifications for your career

  Whether starting your career or planning your next step as an IT security professional, this tip will guide you toward the best certifications for your interests and experience.  Continue Reading

• Using an IAM maturity model to hone identity and access management strategy

  Forrester Research’s Andras Cser discusses how to use an IAM maturity model to assess your identity and access management strategy.  Continue Reading

• Is private browsing really private? Identifying Web browser risk

  Private browsing may offer users a false sense of security when surfing the Web. In this expert tip, learn how private browsing really works, and how to mitigate its risks.  Continue Reading

• IPv6 myths: Debunking misconceptions regarding IPv6 security features

  Aggressive marketing has helped perpetuate a number of security-related IPv6 myths. Expert Fernando Gont helps separate myth from fact to ensure a secure IPv6 deployment.  Continue Reading

• How to detect content-type attacks in information security

  Malicious attackers have increasingly turned to exploiting vulnerabilities in client-side software. Learn how to detect and prevent these types of attacks in your environment.  Continue Reading

• Auditing virtualization: Security training for infosec pros

  This chapter discusses auditing virtualized environments, and begins with an overview of common virtualization technologies and key controls.  Continue Reading

• IPv6 security issues: IPv6 transition mechanisms

  Several IPv6 transition mechanisms have been created to ease the transition from IPv4, but Fernando Gont explains why they present IPv6 security concerns for enterprises.  Continue Reading

• Cybersecurity insurance: Choosing a cyber insurance policy

  A cybersecurity insurance policy can help defray the costs of a data breach, should one occur, but is it worth the cost? Expert Ernie Hayden weighs in.  Continue Reading

• Top 5 mobile data protection best practices

  In this tip, we highlight five essential best practices for protecting business data stored on mobile devices and tablets, and identify readily available technologies that can be used to implement them.  Continue Reading

• Internal controls checklist for corporate data protection, compliance

  Expert Eric Holmquist details four key governance items that should be on every enterprise’s internal controls checklist to ensure corporate data protection.  Continue Reading

• How to use the free eEye Retina scanner community edition

  In this screencast, learn how to use the free community edition of the eEye Retina scanner.  Continue Reading

• Botnet removal: Detect botnet infection and prevent re-infiltration

  Though botnet mitigation tactics continue to mature, so do the botnets themselves. In this tip, expert Nick Lewis gives best practices for detecting and removing cutting edge botnets.  Continue Reading

• Firewall deployment scenarios for new types of security threats

  Is the firewall still an effective defense against new types of security threats? Network security expert Anand Sastry offers up contemporary firewall deployment scenarios for improving security.  Continue Reading

• PCI DSS questions answered: Solutions to tough PCI problems

  Experts Diana Kelley and Ed Moyle answer your PCI DSS questions and give advice on how to solve your enterprise's toughest PCI problems.  Continue Reading

• Understanding SCAP NIST guidance and using SCAP tools to automate security

  The Security Content Automation Protocol (SCAP) is intended to help automate vulnerability management, but is it really effective? Learn how NIST guidance can help you navigate an SCAP implementation.  Continue Reading

• Security sandbox program: Defense-in-depth or layered vulnerabilities?

  Recently, companies like Adobe and Google have been using sandboxes to aid measures in their applications, but how can sandboxes be useful in the enterprise, and do they just add more vulnerabilities than they're worth?  Continue Reading

• Database monitoring best practices: Using DAM tools

  To effectively use DAM tools, admins must prioritize which transactions are important, learn how to collect events, and write and implement database security policies.  Continue Reading

• Log Parser examples: Using the free log analysis tool

  Log analysis is an essential security function for almost all enterprises, and, with Log Parser, much of it can be done for free. Learn how to use Microsoft's free Log Parser in this expert tip.  Continue Reading

• Security in virtualization: IDS/IPS implementation strategy

  Considering virtualization? Take into account that your IDS or IPS may not work the same way in a virtualized environment as it does in a physical one. Expert Dave Shackleford explains how to address this potential problem.  Continue Reading

• PCI requirement 7: PCI compliance policy for access control procedures

  Though PCI DSS is generally prescriptive, when it comes to requirement 7, organizations have more leeway -- and, thus, more potential for error -- than other sections of the standard. Learn how to handle PCI DSS requirement 7 in this expert tip.  Continue Reading

• A step-by-step SMB IT security risk assessment process

  Assessing your organization's security threats and risks takes just five steps, says Robbie Higgins. Check out his quick guide to the SMB security risk assessment process.  Continue Reading

• Netcat tutorial: How to use the free Netcat command-line tool

  Helpful for penetration testers and network admins who need to debug infected systems, the netcat command-line tool boasts many free features for enterprise use.  Continue Reading

• Understanding the value of an enterprise application-aware firewall

  Today's enterprise application-aware firewall technology offers a host of features to manage application and Web 2.0 traffic. Expert Michael Cobb takes a look at the features and how to make the most of them.  Continue Reading

• Data sanitization policy: How to ensure thorough data scrubbing

  Could you be inadvertently leaking sensitive data via poorly sanitized devices? Learn techniques for thorough data scrubbing in this tip.  Continue Reading

• P0f: A free collection of passive OS fingerprinting tools

  In this screencast, learn how to use p0f, a collection of free passive OS fingerprinting tools.  Continue Reading

• How to plan a secure network by practicing defense-in-depth

  When designing an enterprise network that includes hosted infrastructure components, many different layers must work together to keep it secure. Learn how to build network security in by practicing defense in depth.  Continue Reading

• Linux security best practices for Linux server systems

  Linux servers are used throughout many enterprises, and their security posture shouldn't be overlooked. In this tip, King Ables discusses risk assessment pointers for Linux server systems.  Continue Reading

• SOC 2.0: Three key steps toward the next-generation security operations center

  According to Forrester Research, traditional security operations are no longer practical. Forrester's John Kindervag discusses the new model, SOC 2.0, why it's important, and how to make it happen.  Continue Reading

• Three pen test tools for free penetration testing

  Nmap, Nessus and Nikto are penetration testing tools that security operators can use to conduct pentests on their networks and applications.  Continue Reading

• Why attackers exploit multiple zero-day attacks and how to respond

  A recent and disturbing malware trend involves attacks that attempt to compromise multiple zero-day flaws at once. Threats expert Nick Lewis explains what you can do to protect your enterprise.  Continue Reading

• IDS vs. IPS: How to know when you need the technology

  IDS and IPS are useful security technologies, but how do you know whether your enterprise can benefit from one? In this tip, infosec pro Jennifer Jabbusch offers a few specific use cases to help you know when to consider IDS/IPS.  Continue Reading

• Insider fraud detection and prevention

  Financial institutions need to monitor and recognize changes in employee behavior in order to detect potential insider fraud.  Continue Reading

• Honeypots for network security: How to track attackers' activity

  Honeypots have long been used to track attackers' activity and defend against coming threats. In this tip, network security expert Anand Sastry describes the different types of honeypots and which is best for your enterprise.  Continue Reading

• Smartphone security implications of Microsoft Exchange Activesync

  How can employees securely sync their smartphones to your company's Exchange email system? Greg Braunton details the features and products you need to keep data secure.  Continue Reading

• Security management plan reveals essential business security upgrades

  As companies create their security management plan for the coming year, they should look to upgrades in Linux and Windows operating systems, Adobe applications and Internet browsers to improve their overall security position.  Continue Reading

• User provisioning best practices: Access recertification

  User access recertification is the process of continually auditing users' permissions to make sure they have access only to what they need. Implementing recertification, however, can be challenging. Get best practices on creating a recertification ...  Continue Reading

• Android enterprise security: Mobile phone data protection advice

  Android devices are increasingly popular among enterprise users, but is Android enterprise security where it needs to be to ensure the safety of important enterprise documents? Expert Michael Cobb offers his take.  Continue Reading

• WPA security: Enabling the best Wi-Fi security for SMBs

  To choose the best Wi-Fi security for the small or midsized business, consider using WPA Enterprise or wireless access points with WPA-E authentication, or use a Windows hosted RADIUS service. Network security expert Mike Chapple explains how to ...  Continue Reading

• Outsourcing data center services: SMB security best practices

  Learn best practices for outsourcing data center services and about the security and compliance considerations that influence whether an SMB should outsource data center services.  Continue Reading

• SSL vulnerabilities: Trusted SSL certificate generation for enterprises

  Presentations at both Black Hat and Defcon 2010 demonstrated serious vulnerabilities in the SSL protocol, which, considering how widely used SSL is, could mean security problems for many enterprises. In this tip, Nick Lewis examines the researchers'...  Continue Reading

• Firewall logging: Telling valid traffic from network 'allows' threats

  While tracking firewall "deny" actions is a good way to identify threats, logging the "allow" actions can give greater insight into malicious traffic that could be both more subtle and more dangerous.  Continue Reading

• Value and limitations of Windows Data Execution Prevention

  When attackers inject malicious code into an application, Microsoft's Data Execution Prevention (DEP) technique can thwart the attack and save the day. But expert Tom Chmielarski says DEP does have some limitations.  Continue Reading

• Holistic fraud reduction through customer security management

  Monitoring customer behavior across multiple channels would help banks fight fraud, but today's fraud detection technology isn't there yet. In this tip, financial services expert Jerry Silva explains how banks could benefit from the concept of "...  Continue Reading

• PDF document security: A look inside Google Chrome PDF viewer

  You don't have to rely on Adobe's Acrobat Reader as your only PDF viewer; Google Chrome provides a secure PDF viewer that cuts down on your chances of falling victim to a PDF exploit.  Continue Reading

• How to install an OSSEC server on Linux and an OSSEC Windows agent

  Learn how to install the free, host-based intrusion detection system OSSEC, with step-by-step instructions on setting up an OSSEC Linux server with an OSSEC Windows agent.  Continue Reading

• Resist credit card data compromise threats due to memory-scraping malware

  PCI DSS does a good job of making sure credit card data in persistent storage is secure, however, such data in non-persistent storage -- such as files stored temporarily in memory -- can still be vulnerable to compromise, particularly via ...  Continue Reading

• Database security best practices: Tuning database audit tools

  Database auditing requires more than just the right tools: Those tools also have to be properly configured to offer the information that's needed and database performance that's required. Learn more about tuning database audit tools in this tip.  Continue Reading

• Microsoft IIS 7 security best practices

  Are you up to date with Microsoft IIS security best practices? Don't allow your enterprise to become vulnerable.  Continue Reading