Problem solve

Problem solve

Get help with specific problems with your technologies, process and projects.

• Targeted Cyber Attacks

  In this excerpt of Targeted Cyber Attacks, authors Aditya Sood and Richard Enbody outline the cyberattack model and different vectors used to attack targets. Continue Reading

• The Basics of Information Security

  In this excerpt of The Basics of Information Security, author Jason Andress outlines methods for improving operating systems security. Continue Reading

• How can vishing attacks be prevented?

  Enterprise threats expert Nick Lewis explains what vishing attacks are and offers best practices for defending against them. Continue Reading

• How vulnerable is Silverlight security?

  Microsoft Silverlight has been in the spotlight due to an increase in the number of exploit kits it is included in. Expert Nick Lewis explains the threat's severity and how to mitigate it. Continue Reading

• Malware Forensics Field Guide for Linux Systems: Digital Forensics Field Guides

  In this excerpt of Malware Forensics Field Guide for Linux Systems: Digital Forensics Field Guides, the authors explain how to discover and extract malware from a Linux system. Continue Reading

• Introduction to Information Security: A Strategic-Based Approach

  In this excerpt of Introduction to Information Security: A Strategic-Based Approach, authors Timothy J. Shimeall and Jonathan M. Spring discuss the importance of intrusion detection and prevention.Continue Reading

• NSA TAO: What Tailored Access Operations unit means for enterprises

  The NSA's top-secret Tailored Access Operations offensive hacking unit offers enterprise defense strategy lessons. Expert Nick Lewis discusses.Continue Reading

• Authentication caching: How it reduces enterprise network congestion

  Michael Cobb explores the pros and cons of authentication caching and whether the practice can truly calm network strain.Continue Reading

• Why TCP traffic spikes with source port zero should sound an alarm

  Are spikes in TCP traffic with source port zero warning signs that future attacks are imminent? Discover why enterprises should be concerned.Continue Reading

• Preventing plaintext password problems in Google Chrome

  Plaintext passwords are risky business. Michael Cobb discusses what Google says about the Chrome password vulnerability and potential exploits.Continue Reading

• Femtocell security: Defending against a femtocell hack

  The risk of a femtocell hack is a real enterprise concern. Nick Lewis explains why and explores how to defend against an attack.Continue Reading

• Locking the backdoor: Reducing the risk of unauthorized system access

  Rampant backdoors in enterprise IT products too often provide unauthorized access to attackers and governments. Learn how to defend against the risks.Continue Reading

• Heap spray attacks: Details and mitigations for new techniques

  Expert Nick Lewis details a new heap spray attack technique and provides mitigations for both new and old heap spray attacks.Continue Reading

• Use John the Ripper to test network devices against brute forcing

  Enterprise IT security organizations should test network devices using John the Ripper to ensure they are not susceptible to brute-force attacks.Continue Reading

• PCI DSS version 3.0: The five most important changes for merchants

  PCI DSS version 3.0 isn't a wholesale revision, but longtime PCI expert Ed Moyle says merchants' transitions must start now to avoid problems later.Continue Reading

• Inside the BREACH attack: How to avoid HTTPS traffic exploits

  Enterprise threats expert Nick Lewis examines how the BREACH attack exploits HTTPS traffic and what enterprises can do to mitigate the attack risk.Continue Reading

• The value of 2,048-bit encryption: Why encryption key length matters

  Leading browsers are required to use 2,048-bit length keys by the end of the year, but what effect does this have on security?Continue Reading

• Can an unqualified domain name cause man-in-the-middle attacks?

  An unqualified domain name can make reaching internal resources easier, but expert Michael Cobb warns that man-in-the-middle attacks could result.Continue Reading

• Security incident response procedures: When to do a system shutdown

  At times, security incident response procedures require drastic measures. Expert Nick Lewis explains when and how to perform a system shutdown.Continue Reading

• Are FedRAMP security controls enough?

  Cloud service providers are working with authorized third-party auditors to meet FedRAMP security controls. The 3PAOs tell us how it’s going, so far.Continue Reading

• Amazon S3 encryption overview: How to secure data in the Amazon cloud

  Learn details for employing Amazon S3 encryption features. Expert Dave Shackleford compares S3 encryption to other cloud provider offerings.Continue Reading

• Fiber optic networking: Assessing security risks

  Matthew Pascucci discusses the potential security risks associated with fiber optic networking.Continue Reading

• How to configure a VLAN to achieve the benefits of VLAN security

  Expert Brad Casey explains how to configure a VLAN in order to achieve the benefits of VLAN security, including protection against insider attacks.Continue Reading

• Bing security: Is search engine poisoning a problem for Bing users?

  Is Microsoft's Bing search engine more susceptible to search engine poisoning than Google? Expert Michael Cobb discusses Bing security.Continue Reading

• Antivirus evasion techniques show ease in avoiding antivirus detection

  In the wake of the New York Times attack, a look at antivirus evasion techniques show how easy it is to avoid antivirus detection and why new defenses are needed.Continue Reading

• What risk does the Apple UDID security leak pose to iOS users?

  Expert Michael Cobb details Apple's Unique Device Identifiers, plus why iOS users should be concerned about the Anonymous UDID security leak.Continue Reading

• How to implement firewall policy management with a 5-tuple firewall

  Matt Pascucci explains how to implement firewall policy management for 5-tuple firewalls when ports must be kept open for business reasons.Continue Reading

• BYOD security: How to remotely wipe iPhone and Android devices

  Remote data wipe is key to any BYOD security policy, but each OS handles it differently. Lisa Phifer covers how to use it with other controls to protect data.Continue Reading

• Windows Server 2012 security: Is it time to upgrade?

  Expert Michael Cobb wades through the security features of Windows Server 2012 to find out what's new and beneficial in Microsoft's latest release.Continue Reading

• Security incident management in the cloud: Tackling the challenges

  Identifying security incidents in cloud environments isn't easy, but there are steps companies can take to ease the process.Continue Reading

• With JOBS Act, Sarbanes-Oxley compliance likely won't get easier

  While SMBs may benefit from the JOBS Act, Sarbanes-Oxley compliance for enterprises may remain largely unchanged. Expert Mike Chapple explains why.Continue Reading

• Examining Kindle Fire security, Silk browser security in the enterprise

  Do Kindle Fire security issues, combined with weak Silk browser security, make the red-hot consumer device too risky for enterprises? Michael Cobb explains.Continue Reading

• Does .cc domain malware demand domain blocking?

  Learn how to deal with .cc domain malware threats found within DNS traffic. Is domain blocking at the perimeter the best defense strategy?Continue Reading

• Is it possible to prevent DDoS attacks?

  A distributed denial-of-service (DDoS) attack can consume all your network bandwidth. Learn how to prevent a DDoS attack in this expert response.Continue Reading

• SEC disclosure rules: Public company reporting requirements explained

  Learn the public company reporting requirements necessary to comply with CF Disclosure Guidance Topic No. 2, the SEC's cybersecurity reporting rules.Continue Reading

• P2P encryption: Pros and cons of point-to-point encryption

  P2P encryption is an emerging technology; one that may be helpful for many companies, especially merchants. Mike Chapple dissects the pros and cons.Continue Reading

• OAuth 2.0: Pros and cons of using the federation protocol

  Learn the advantages and disadvantages of using Open Authorization for Web application authentication.Continue Reading

• Comparing relational database security and NoSQL security

  In this introduction to database security, expert Michael Cobb explains the differences between relational database and NoSQL security.Continue Reading

• Insufficient authorization: Hardening Web application authorization

  Insufficient authorization errors can lead to Web app compromises and data loss. Learn how to fix these authorization errors.Continue Reading

• Comparing certifications: ISO 27001 vs. SAS 70, SSAE 16

  Learn about ISO 27001 vs. SAS 70, and why enterprises should pay attention to SSAE 16 over SAS 70.Continue Reading

• How to mitigate the risk of a TOCTTOU attack

  Are TOCTTOU attacks, exploiting time-of-check-to-time-of-use race conditions, a threat to your enterprise file systems? Expert Michael Cobb discusses the dangers and how to mitigate them.Continue Reading

• How MAC and HMAC use hash function encryption for authentication

  Hash function encryption is the key for MAC and HMAC message authentication. See how this differs from other message authentication tools from expert Michael Cobb.Continue Reading

• Locate IP address location: How to confirm the origin of a cyberattack

  What's the best way to determine the origin of a cyberattack? Expert Nick Lewis weighs in.Continue Reading

• IEEE 802.11: Handling the standard's wireless network vulnerabilities

  IEEE 802.11 has several known vulnerabilities, so what's the best way for enterprises to handle them? Expert Anand Sastry explains.Continue Reading

• Securing a multi-tenant environment

  Learn some of the key elements for secure multi-tenancy.Continue Reading

• Identity and access management concepts and predictions to watch in 2011

  Forrester's Andras Cser discusses the emerging identity and access management concepts and market predictions enterprises should be prepared for in 2011.Continue Reading

• Log Parser examples: Using the free log analysis tool

  Log analysis is an essential security function for almost all enterprises, and, with Log Parser, much of it can be done for free. Learn how to use Microsoft's free Log Parser in this expert tip.Continue Reading

• Security in virtualization: IDS/IPS implementation strategy

  Considering virtualization? Take into account that your IDS or IPS may not work the same way in a virtualized environment as it does in a physical one. Expert Dave Shackleford explains how to address this potential problem.Continue Reading

• PCI requirement 7: PCI compliance policy for access control procedures

  Though PCI DSS is generally prescriptive, when it comes to requirement 7, organizations have more leeway -- and, thus, more potential for error -- than other sections of the standard. Learn how to handle PCI DSS requirement 7 in this expert tip.Continue Reading

• The hypervisor security patch management process

  Enterprises using virtualization must include hypervisor patching in their patch management process. Robbie Higgins explains why.Continue Reading

• Digital forensic challenges in a cloud computing environment

  Cloud computing creates difficulties for digital forensic investigators.Continue Reading

• Cloud security standards provide assessment guidelines

  The Cloud Security Alliance Cloud Controls Matrix helps cloud providers and customers to evaluate security controls.Continue Reading

• ngrep: Learn how to find new malware with ngrep examples

  In this video, Peter Giannoulis of the AcademyPro.com uses several ngrep examples to show how to find new malware that antivirus or IPS might not pick up on with this free tool.Continue Reading

• User provisioning best practices: Access recertification

  User access recertification is the process of continually auditing users' permissions to make sure they have access only to what they need. Implementing recertification, however, can be challenging. Get best practices on creating a recertification ...Continue Reading

• Are you in compliance with the ISO 31000 risk management standard?

  The ISO 31000 risk management standard is becoming an important development tool for shaping existing and new programs. Learn if your programs are in compliance with the standard.Continue Reading

• Data classification best practices in financial services

  Data classification is critical in the highly regulated financial industry. Learn key steps for data classification.Continue Reading

• Self-service user identity management: Pitfalls and processes

  While it might seem that self-service user identity management can save time and money, as well as keep information more current, there are a number of potential pitfalls. In this expert tip, Randall Gamby explains how to avoid these issues.Continue Reading

• PAN truncation and PCI DSS compliance

  What do Visa's PAN truncation guidelines mean for merchants and their acquiring banks? Security experts Ed Moyle and Diana Kelley provide analysis.Continue Reading

• How to avoid attacks that exploit a Web browser vulnerability

  Beyond patching, Tom Chmielarski explains what you'll need to do to avoid application exploits caused by Web browser vulnerabilities.Continue Reading

• Why it's important to turn on DEP and ASLR Windows security features

  In the quest for application security, many developers are disabling or incorrectly implementing two important Windows security features. In this expert response, Michael Cobb explains why ASLR and DEP should always be turned on.Continue Reading

• Your USB port management options

  When it comes to managing USB ports, the choice is yours. Mike Chapple reviews your three best options.Continue Reading

• Enterprise PDF attack prevention best practices

  Malicious PDF exploits are at an all-time high. Should enterprises dump PDFs altogether? Expert Michael Cobb answers that question and offers his key enterprise PDF attack prevention tactics.Continue Reading

• Secure DMZ Web server setup advice

  Network security expert Anand Sastry describes how to ensure a secure DMZ Web server setup involving network attached storage (NAS).Continue Reading

• Which tools will help in validating form input in a website?

  Find out how to validate form input in a website.Continue Reading

• Tips on how to remove malware manually

  In this expert response, Nick Lewis explains how to remove malware manually, step by step.Continue Reading

• MD5 security: Time to migrate to SHA-1 hash algorithm?

  Many organizations have been replacing the MD5 hash algorithm with the SHA-1 hash function, but can the MD5 hash algorithm still be used securely?Continue Reading

• Performing a security risk analysis to assess acceptable level of risk

  No organization is ever completely without risk, but there are steps that can be taken to establish an acceptable level of risk that can be appropriately mitigated. In this tip, Michael Cobb explains how to perform a security risk analysis to help ...Continue Reading

• Operation Aurora: Tips for thwarting zero-day attacks, unknown malware

  In December 2009, Google, Adobe and other companies were the victims of a damaging cyberattack called Operation Aurora. In this tip, expert Nick Lewis outlines the lessons learned from this attack, and how companies can avoid falling victim to ...Continue Reading

• Using Windows software restriction policies to stop executable code

  Software restriction policies are one way to prevent known malware and file-sharing applications from taking control of your network.Continue Reading

• Applying the ISO 27005 risk management standard

  The ISO 27005 risk management methodology standard has weaknesses when it comes to risk measurement. "Fuzzy math" theory can help fill the gaps.Continue Reading

• Best practices and requirements for GLBA compliance

  GLBA requirements to protect personal information have become more relevant than ever. In this tip, Paul Rohmeyer examines best practices for GLBA compliance.Continue Reading

• Security report template: How to write an executive report

  Writing a security report for executives doesn't have to be difficult or extensive, but security management expert Ernie Hayden describes how to make it comprehensive and clear.Continue Reading

• Lack of incident response plan leaves hole in compliance strategy

  Without an incident response plan, businesses can tend to be reactive rather than proactive when data breaches occur. Here are some steps to follow.Continue Reading

• Is it possible to crack the public key encryption algorithm?

  Is it possible to create a PKI encryption key that is unbreakable? IAM expert Randall Gamby weighs in.Continue Reading

• Personally identifiable information guidelines for U.S. passport numbers

  Do U.S. passport numbers count as personally identifiable information? Learn more about guidelines for PII in this security management expert response from David Mortman.Continue Reading

• How to protect employee information in email paystubs

  Many companies are moving to a system of paperless paystubs. Learn how to protect the information contained in these email paystubs with the use of secure email in this expert response.Continue Reading

• Security benefits of virtual desktop infrastructures

  In a highly regulated industry where security is critical, financial-services firms are turning to virtual desktop infrastructures. In this tip, Eric Ogren explains the security benefits of virtualized desktops and virtual workspace projects, ...Continue Reading

• What is an encryption collision?

  Michael Cobb reviews how encryption collision attacks on cryptographic hash functions could compromise the security of all kinds of digital systems.Continue Reading

• Determine your Microsoft Windows patch level

  A handful of patch management tools from Microsoft and third -parties can help your organization determine your Windows patch level and identify missing security patches.Continue Reading

• How to prevent ActiveX security risks

  Application expert Michael Cobb explains why ActiveX security relies entirely on human judgment.Continue Reading

• Does using ISO 27000 to comply with PCI DSS make for better security?

  PCI DSS is under fire for not providing enough security in the process of securing credit card data. Using ISO 27000 to complement PCI may provide better compliance and security.Continue Reading

• What are new and commonly used public-key cryptography algorithms?

  Expert Michael Cobb breaks down a variety of encryption algorithms and reviews the use cases for several types of cryptography.Continue Reading

• What are the export limitations for AES data encryption?

  Although AES is free for any use public or private, commercial or non-commercial programs that provide encryption capabilities are subject to U.S. export controls. Expert Michael Cobb reviews the limitations.Continue Reading

• PCI DSS compliance requires new vendor management strategy

  Requirement 12.8 requires a better vendor management strategy for PCI DSS compliance.Continue Reading

• Port scan attack prevention best practices

  While it's impossible to prevent against all port scanning attacks, there are best practices for port scanning security (such as a port scanning firewall) that can keep your network secure. Expert Mike Chapple weighs in.Continue Reading

• Making the case for enterprise IAM centralized access control

  Central access to multiple applications and systems can raise the level of security while getting rid of lots of red tape, so how do you go about creating central access management? In this tip, IAM expert David Griffeth explains the steps.Continue Reading

• How to defend against rogue DHCP server malware

  Rogue DHCP server malware is a new twist on an old concept. The good news is that effective threat mitigation strategies exist; the bad news is that many organizations haven't bothered to deploy them.Continue Reading

• Should enterprises be running multiple firewalls?

  While there may be scenarios where a single firewall is an appropriate architecture for an organization, it's equally true that many environments may benefit from the use of more than one network deviceContinue Reading

• When BIOS updates become malware attacks

  Most security pros don't give the system BIOS a second thought, or even a first one, but today's BIOS types are highly susceptible to malicious hackers. Information security threats expert Sherri Davidoff explains how attackers can plant BIOS ...Continue Reading

• How to mitigate operational, compliance risk of outsourcing services

  Companies must have an approach to evaluating partner risk, the level of risk of both the service and the provider, and the adequacy of the security practices of the provider.Continue Reading

• Comparing an application proxy firewall and a gateway server firewall

  There are many types of firewalls in use in today's enterprises, so it's easy to get confused about the functions of each. In this expert response, learn the difference between a proxy server firewall and a gateway server firewall.Continue Reading

• Five steps to eliminate rogue wireless access

  Unauthorized wireless access points aren't always malicious. Learn how to distinguish between them and mitigate threats posed by rogue APs.Continue Reading

• How to analyze a TCP and UDP network traffic spike

  What does it mean when TCP and UDP network traffic spikes? Network security expert Mike Chapple explains what this means for enterprise network security management.Continue Reading

• How to avoid HIPAA Social Security number compliance violations

  It can be difficult to decipher what a HIPAA Social Security number violation is. In this information security management expert response, David Mortman explains how to avoid HIPAA SSN violations as an employer.Continue Reading

• How many firewalls do you need?

  Whether your organizations needs multiple sets of firewalls depends on whether they will protect clients, servers or both and what kind of traffic they will monitor.Continue Reading

• From the gateway to the application: Effective access control strategies

  Organizations need to strike a balance between so-called front-door access control and more fine grained controls established within an application itself. This article discusses the difference between products designed to set access at the gateway ...Continue Reading

• How does a Web server model differ from an application server model?

  A Web server model and an application server model share many similarities but require different defense methods. Each model, for example, calls for distinct placement of application servers.Continue Reading

• What controls can compensate when segregation of duties isn't economically feasible?

  Having a strong log management capability is a good way to start when security segregation isn't possible. Mike Rothman explains.Continue Reading

• What are the ethical issues when consulting for two competing companies?

  Security consulting is a job in which privacy is paramount. Leaking security strategies to the wrong people -- especially a company's competition -- could lead to breaches or break ins. In this expert response, David Mortman gives best practices for...Continue Reading

• How to perform a network device audit

  From unauthorized applications to rogue devices like data-slurping USB sticks, enterprise networks face a growing number of security risks. For financial-services firms, the data loss or network intrusions that can result from unauthorized network ...Continue Reading