Problem solve
Get help with specific problems with your technologies, process and projects.
Problem solve
Get help with specific problems with your technologies, process and projects.
How can vishing attacks be prevented?
Enterprise threats expert Nick Lewis explains what vishing attacks are and offers best practices for defending against them. Continue Reading
How vulnerable is Silverlight security?
Microsoft Silverlight has been in the spotlight due to an increase in the number of exploit kits it is included in. Expert Nick Lewis explains the threat's severity and how to mitigate it. Continue Reading
Malware Forensics Field Guide for Linux Systems: Digital Forensics Field Guides
In this excerpt of Malware Forensics Field Guide for Linux Systems: Digital Forensics Field Guides, the authors explain how to discover and extract malware from a Linux system. Continue Reading
-
Introduction to Information Security: A Strategic-Based Approach
In this excerpt of Introduction to Information Security: A Strategic-Based Approach, authors Timothy J. Shimeall and Jonathan M. Spring discuss the importance of intrusion detection and prevention. Continue Reading
NSA TAO: What Tailored Access Operations unit means for enterprises
The NSA's top-secret Tailored Access Operations offensive hacking unit offers enterprise defense strategy lessons. Expert Nick Lewis discusses. Continue Reading
Authentication caching: How it reduces enterprise network congestion
Michael Cobb explores the pros and cons of authentication caching and whether the practice can truly calm network strain.Continue Reading
Why TCP traffic spikes with source port zero should sound an alarm
Are spikes in TCP traffic with source port zero warning signs that future attacks are imminent? Discover why enterprises should be concerned.Continue Reading
Preventing plaintext password problems in Google Chrome
Plaintext passwords are risky business. Michael Cobb discusses what Google says about the Chrome password vulnerability and potential exploits.Continue Reading
Femtocell security: Defending against a femtocell hack
The risk of a femtocell hack is a real enterprise concern. Nick Lewis explains why and explores how to defend against an attack.Continue Reading
Locking the backdoor: Reducing the risk of unauthorized system access
Rampant backdoors in enterprise IT products too often provide unauthorized access to attackers and governments. Learn how to defend against the risks.Continue Reading
-
Heap spray attacks: Details and mitigations for new techniques
Expert Nick Lewis details a new heap spray attack technique and provides mitigations for both new and old heap spray attacks.Continue Reading
Use John the Ripper to test network devices against brute forcing
Enterprise IT security organizations should test network devices using John the Ripper to ensure they are not susceptible to brute-force attacks.Continue Reading
PCI DSS version 3.0: The five most important changes for merchants
PCI DSS version 3.0 isn't a wholesale revision, but longtime PCI expert Ed Moyle says merchants' transitions must start now to avoid problems later.Continue Reading
Inside the BREACH attack: How to avoid HTTPS traffic exploits
Enterprise threats expert Nick Lewis examines how the BREACH attack exploits HTTPS traffic and what enterprises can do to mitigate the attack risk.Continue Reading
The value of 2,048-bit encryption: Why encryption key length matters
Leading browsers are required to use 2,048-bit length keys by the end of the year, but what effect does this have on security?Continue Reading
Can an unqualified domain name cause man-in-the-middle attacks?
An unqualified domain name can make reaching internal resources easier, but expert Michael Cobb warns that man-in-the-middle attacks could result.Continue Reading
Security incident response procedures: When to do a system shutdown
At times, security incident response procedures require drastic measures. Expert Nick Lewis explains when and how to perform a system shutdown.Continue Reading
Are FedRAMP security controls enough?
Cloud service providers are working with authorized third-party auditors to meet FedRAMP security controls. The 3PAOs tell us how it’s going, so far.Continue Reading
Amazon S3 encryption overview: How to secure data in the Amazon cloud
Learn details for employing Amazon S3 encryption features. Expert Dave Shackleford compares S3 encryption to other cloud provider offerings.Continue Reading
Fiber optic networking: Assessing security risks
Matthew Pascucci discusses the potential security risks associated with fiber optic networking.Continue Reading
How to configure a VLAN to achieve the benefits of VLAN security
Expert Brad Casey explains how to configure a VLAN in order to achieve the benefits of VLAN security, including protection against insider attacks.Continue Reading
Bing security: Is search engine poisoning a problem for Bing users?
Is Microsoft's Bing search engine more susceptible to search engine poisoning than Google? Expert Michael Cobb discusses Bing security.Continue Reading
Antivirus evasion techniques show ease in avoiding antivirus detection
In the wake of the New York Times attack, a look at antivirus evasion techniques show how easy it is to avoid antivirus detection and why new defenses are needed.Continue Reading
What risk does the Apple UDID security leak pose to iOS users?
Expert Michael Cobb details Apple's Unique Device Identifiers, plus why iOS users should be concerned about the Anonymous UDID security leak.Continue Reading
How to implement firewall policy management with a 5-tuple firewall
Matt Pascucci explains how to implement firewall policy management for 5-tuple firewalls when ports must be kept open for business reasons.Continue Reading
BYOD security: How to remotely wipe iPhone and Android devices
Remote data wipe is key to any BYOD security policy, but each OS handles it differently. Lisa Phifer covers how to use it with other controls to protect data.Continue Reading
Windows Server 2012 security: Is it time to upgrade?
Expert Michael Cobb wades through the security features of Windows Server 2012 to find out what's new and beneficial in Microsoft's latest release.Continue Reading
Security incident management in the cloud: Tackling the challenges
Identifying security incidents in cloud environments isn't easy, but there are steps companies can take to ease the process.Continue Reading
With JOBS Act, Sarbanes-Oxley compliance likely won't get easier
While SMBs may benefit from the JOBS Act, Sarbanes-Oxley compliance for enterprises may remain largely unchanged. Expert Mike Chapple explains why.Continue Reading
Examining Kindle Fire security, Silk browser security in the enterprise
Do Kindle Fire security issues, combined with weak Silk browser security, make the red-hot consumer device too risky for enterprises? Michael Cobb explains.Continue Reading
Does .cc domain malware demand domain blocking?
Learn how to deal with .cc domain malware threats found within DNS traffic. Is domain blocking at the perimeter the best defense strategy?Continue Reading
Is it possible to prevent DDoS attacks?
A distributed denial-of-service (DDoS) attack can consume all your network bandwidth. Learn how to prevent a DDoS attack in this expert response.Continue Reading
SEC disclosure rules: Public company reporting requirements explained
Learn the public company reporting requirements necessary to comply with CF Disclosure Guidance Topic No. 2, the SEC's cybersecurity reporting rules.Continue Reading
P2P encryption: Pros and cons of point-to-point encryption
P2P encryption is an emerging technology; one that may be helpful for many companies, especially merchants. Mike Chapple dissects the pros and cons.Continue Reading
OAuth 2.0: Pros and cons of using the federation protocol
Learn the advantages and disadvantages of using Open Authorization for Web application authentication.Continue Reading
Comparing relational database security and NoSQL security
In this introduction to database security, expert Michael Cobb explains the differences between relational database and NoSQL security.Continue Reading
Insufficient authorization: Hardening Web application authorization
Insufficient authorization errors can lead to Web app compromises and data loss. Learn how to fix these authorization errors.Continue Reading
Comparing certifications: ISO 27001 vs. SAS 70, SSAE 16
Learn about ISO 27001 vs. SAS 70, and why enterprises should pay attention to SSAE 16 over SAS 70.Continue Reading
How to mitigate the risk of a TOCTTOU attack
Are TOCTTOU attacks, exploiting time-of-check-to-time-of-use race conditions, a threat to your enterprise file systems? Expert Michael Cobb discusses the dangers and how to mitigate them.Continue Reading
How MAC and HMAC use hash function encryption for authentication
Hash function encryption is the key for MAC and HMAC message authentication. See how this differs from other message authentication tools from expert Michael Cobb.Continue Reading
Locate IP address location: How to confirm the origin of a cyberattack
What's the best way to determine the origin of a cyberattack? Expert Nick Lewis weighs in.Continue Reading
IEEE 802.11: Handling the standard's wireless network vulnerabilities
IEEE 802.11 has several known vulnerabilities, so what's the best way for enterprises to handle them? Expert Anand Sastry explains.Continue Reading
Securing a multi-tenant environment
Learn some of the key elements for secure multi-tenancy.Continue Reading
Identity and access management concepts and predictions to watch in 2011
Forrester's Andras Cser discusses the emerging identity and access management concepts and market predictions enterprises should be prepared for in 2011.Continue Reading
Log Parser examples: Using the free log analysis tool
Log analysis is an essential security function for almost all enterprises, and, with Log Parser, much of it can be done for free. Learn how to use Microsoft's free Log Parser in this expert tip.Continue Reading
Security in virtualization: IDS/IPS implementation strategy
Considering virtualization? Take into account that your IDS or IPS may not work the same way in a virtualized environment as it does in a physical one. Expert Dave Shackleford explains how to address this potential problem.Continue Reading
PCI requirement 7: PCI compliance policy for access control procedures
Though PCI DSS is generally prescriptive, when it comes to requirement 7, organizations have more leeway -- and, thus, more potential for error -- than other sections of the standard. Learn how to handle PCI DSS requirement 7 in this expert tip.Continue Reading
The hypervisor security patch management process
Enterprises using virtualization must include hypervisor patching in their patch management process. Robbie Higgins explains why.Continue Reading
Digital forensic challenges in a cloud computing environment
Cloud computing creates difficulties for digital forensic investigators.Continue Reading
Cloud security standards provide assessment guidelines
The Cloud Security Alliance Cloud Controls Matrix helps cloud providers and customers to evaluate security controls.Continue Reading
ngrep: Learn how to find new malware with ngrep examples
In this video, Peter Giannoulis of the AcademyPro.com uses several ngrep examples to show how to find new malware that antivirus or IPS might not pick up on with this free tool.Continue Reading
User provisioning best practices: Access recertification
User access recertification is the process of continually auditing users' permissions to make sure they have access only to what they need. Implementing recertification, however, can be challenging. Get best practices on creating a recertification ...Continue Reading
Are you in compliance with the ISO 31000 risk management standard?
The ISO 31000 risk management standard is becoming an important development tool for shaping existing and new programs. Learn if your programs are in compliance with the standard.Continue Reading
Data classification best practices in financial services
Data classification is critical in the highly regulated financial industry. Learn key steps for data classification.Continue Reading
Self-service user identity management: Pitfalls and processes
While it might seem that self-service user identity management can save time and money, as well as keep information more current, there are a number of potential pitfalls. In this expert tip, Randall Gamby explains how to avoid these issues.Continue Reading
PAN truncation and PCI DSS compliance
What do Visa's PAN truncation guidelines mean for merchants and their acquiring banks? Security experts Ed Moyle and Diana Kelley provide analysis.Continue Reading
How to avoid attacks that exploit a Web browser vulnerability
Beyond patching, Tom Chmielarski explains what you'll need to do to avoid application exploits caused by Web browser vulnerabilities.Continue Reading
Why it's important to turn on DEP and ASLR Windows security features
In the quest for application security, many developers are disabling or incorrectly implementing two important Windows security features. In this expert response, Michael Cobb explains why ASLR and DEP should always be turned on.Continue Reading
Your USB port management options
When it comes to managing USB ports, the choice is yours. Mike Chapple reviews your three best options.Continue Reading
Enterprise PDF attack prevention best practices
Malicious PDF exploits are at an all-time high. Should enterprises dump PDFs altogether? Expert Michael Cobb answers that question and offers his key enterprise PDF attack prevention tactics.Continue Reading
Secure DMZ Web server setup advice
Network security expert Anand Sastry describes how to ensure a secure DMZ Web server setup involving network attached storage (NAS).Continue Reading
Which tools will help in validating form input in a website?
Find out how to validate form input in a website.Continue Reading
Tips on how to remove malware manually
In this expert response, Nick Lewis explains how to remove malware manually, step by step.Continue Reading
MD5 security: Time to migrate to SHA-1 hash algorithm?
Many organizations have been replacing the MD5 hash algorithm with the SHA-1 hash function, but can the MD5 hash algorithm still be used securely?Continue Reading
Performing a security risk analysis to assess acceptable level of risk
No organization is ever completely without risk, but there are steps that can be taken to establish an acceptable level of risk that can be appropriately mitigated. In this tip, Michael Cobb explains how to perform a security risk analysis to help ...Continue Reading
Operation Aurora: Tips for thwarting zero-day attacks, unknown malware
In December 2009, Google, Adobe and other companies were the victims of a damaging cyberattack called Operation Aurora. In this tip, expert Nick Lewis outlines the lessons learned from this attack, and how companies can avoid falling victim to ...Continue Reading
Using Windows software restriction policies to stop executable code
Software restriction policies are one way to prevent known malware and file-sharing applications from taking control of your network.Continue Reading
Applying the ISO 27005 risk management standard
The ISO 27005 risk management methodology standard has weaknesses when it comes to risk measurement. "Fuzzy math" theory can help fill the gaps.Continue Reading
Best practices and requirements for GLBA compliance
GLBA requirements to protect personal information have become more relevant than ever. In this tip, Paul Rohmeyer examines best practices for GLBA compliance.Continue Reading
Security report template: How to write an executive report
Writing a security report for executives doesn't have to be difficult or extensive, but security management expert Ernie Hayden describes how to make it comprehensive and clear.Continue Reading
Lack of incident response plan leaves hole in compliance strategy
Without an incident response plan, businesses can tend to be reactive rather than proactive when data breaches occur. Here are some steps to follow.Continue Reading
Is it possible to crack the public key encryption algorithm?
Is it possible to create a PKI encryption key that is unbreakable? IAM expert Randall Gamby weighs in.Continue Reading
Personally identifiable information guidelines for U.S. passport numbers
Do U.S. passport numbers count as personally identifiable information? Learn more about guidelines for PII in this security management expert response from David Mortman.Continue Reading
How to protect employee information in email paystubs
Many companies are moving to a system of paperless paystubs. Learn how to protect the information contained in these email paystubs with the use of secure email in this expert response.Continue Reading
Security benefits of virtual desktop infrastructures
In a highly regulated industry where security is critical, financial-services firms are turning to virtual desktop infrastructures. In this tip, Eric Ogren explains the security benefits of virtualized desktops and virtual workspace projects, ...Continue Reading
What is an encryption collision?
Michael Cobb reviews how encryption collision attacks on cryptographic hash functions could compromise the security of all kinds of digital systems.Continue Reading
Determine your Microsoft Windows patch level
A handful of patch management tools from Microsoft and third -parties can help your organization determine your Windows patch level and identify missing security patches.Continue Reading
How to prevent ActiveX security risks
Application expert Michael Cobb explains why ActiveX security relies entirely on human judgment.Continue Reading
Does using ISO 27000 to comply with PCI DSS make for better security?
PCI DSS is under fire for not providing enough security in the process of securing credit card data. Using ISO 27000 to complement PCI may provide better compliance and security.Continue Reading
What are new and commonly used public-key cryptography algorithms?
Expert Michael Cobb breaks down a variety of encryption algorithms and reviews the use cases for several types of cryptography.Continue Reading
What are the export limitations for AES data encryption?
Although AES is free for any use public or private, commercial or non-commercial programs that provide encryption capabilities are subject to U.S. export controls. Expert Michael Cobb reviews the limitations.Continue Reading
PCI DSS compliance requires new vendor management strategy
Requirement 12.8 requires a better vendor management strategy for PCI DSS compliance.Continue Reading
Port scan attack prevention best practices
While it's impossible to prevent against all port scanning attacks, there are best practices for port scanning security (such as a port scanning firewall) that can keep your network secure. Expert Mike Chapple weighs in.Continue Reading
Making the case for enterprise IAM centralized access control
Central access to multiple applications and systems can raise the level of security while getting rid of lots of red tape, so how do you go about creating central access management? In this tip, IAM expert David Griffeth explains the steps.Continue Reading
How to defend against rogue DHCP server malware
Rogue DHCP server malware is a new twist on an old concept. The good news is that effective threat mitigation strategies exist; the bad news is that many organizations haven't bothered to deploy them.Continue Reading
Should enterprises be running multiple firewalls?
While there may be scenarios where a single firewall is an appropriate architecture for an organization, it's equally true that many environments may benefit from the use of more than one network deviceContinue Reading
When BIOS updates become malware attacks
Most security pros don't give the system BIOS a second thought, or even a first one, but today's BIOS types are highly susceptible to malicious hackers. Information security threats expert Sherri Davidoff explains how attackers can plant BIOS ...Continue Reading
How to mitigate operational, compliance risk of outsourcing services
Companies must have an approach to evaluating partner risk, the level of risk of both the service and the provider, and the adequacy of the security practices of the provider.Continue Reading
Comparing an application proxy firewall and a gateway server firewall
There are many types of firewalls in use in today's enterprises, so it's easy to get confused about the functions of each. In this expert response, learn the difference between a proxy server firewall and a gateway server firewall.Continue Reading
Five steps to eliminate rogue wireless access
Unauthorized wireless access points aren't always malicious. Learn how to distinguish between them and mitigate threats posed by rogue APs.Continue Reading
How to analyze a TCP and UDP network traffic spike
What does it mean when TCP and UDP network traffic spikes? Network security expert Mike Chapple explains what this means for enterprise network security management.Continue Reading
How to avoid HIPAA Social Security number compliance violations
It can be difficult to decipher what a HIPAA Social Security number violation is. In this information security management expert response, David Mortman explains how to avoid HIPAA SSN violations as an employer.Continue Reading
How many firewalls do you need?
Whether your organizations needs multiple sets of firewalls depends on whether they will protect clients, servers or both and what kind of traffic they will monitor.Continue Reading
From the gateway to the application: Effective access control strategies
Organizations need to strike a balance between so-called front-door access control and more fine grained controls established within an application itself. This article discusses the difference between products designed to set access at the gateway ...Continue Reading
How does a Web server model differ from an application server model?
A Web server model and an application server model share many similarities but require different defense methods. Each model, for example, calls for distinct placement of application servers.Continue Reading
What controls can compensate when segregation of duties isn't economically feasible?
Having a strong log management capability is a good way to start when security segregation isn't possible. Mike Rothman explains.Continue Reading
What are the ethical issues when consulting for two competing companies?
Security consulting is a job in which privacy is paramount. Leaking security strategies to the wrong people -- especially a company's competition -- could lead to breaches or break ins. In this expert response, David Mortman gives best practices for...Continue Reading
How to perform a network device audit
From unauthorized applications to rogue devices like data-slurping USB sticks, enterprise networks face a growing number of security risks. For financial-services firms, the data loss or network intrusions that can result from unauthorized network ...Continue Reading
What are the security risks of opening port 110 and port 25?
If an external manufacturer wants to remotely access its leased copiers, is it risky to open both port 110 or port 25? Mike Chapple reveals a few security repercussions.Continue Reading
What is the cause of an 'intrusion attempt' message?
Have you ever received a message from your endpoint security product stating that an intrusion attempt has been blocked? Mike Chapple gives three possibilities for the alert's likely cause.Continue Reading