Home
Ask the Experts

How to block a malicious file upload

Do your Web app users upload files to your servers? Find out the dangers of malicious file uploads and learn six steps to stop file-upload attacks.
EU cookie regulations: Advice for non-UK firms

Expert Alan Calder responds to a reader’s question: Must companies outside the EU change their websites to comply with EU cookie regulations?
Advice on mobile device security training courses

Expert Davey Winder suggests some good security training courses for the IT administrator who must manage their organisation’s mobile devices.
Meet All Experts

Expert Answers

Understanding and halting forced browsing attacks

Forced browsing is when an attacker discovers the URL of a restricted webpage. Expert Rob Shapland explains how to halt this browser attack method.
How to prevent Facebook hacking and Twitter hijacking

Organisations should guard against Facebook hacking and Twitter hijacking. Expert Davey Winder discusses Twitter and Facebook security tools that can help.
Pros and cons: Touch-gesture recognition systems

Touch-gesture recognition is an alternative authentication system for Windows 8 mobile devices. Expert Davey Winder examines the pros and cons.
How to understand and prevent session fixation attacks

Session fixation attacks rely on poorly managed Web application cookies. Rob Shapland answers a reader’s question on session fixation protection.
Open source software tools: Are they too insecure?

A reader asks how to judge the security of open source software products. Expert Michael Cobb lists three areas to check.
How to utilize free spam-filtering services for SMBs

Learn how a Web-based free spam-filtering service can secure email and prevent spam from attacking your enterprise.
Creating employee privacy policies

Are your employees aware of their workplace privacy rights? More specifically, are they aware of what privacy rights they don't retain? Learn how to create effective employee privacy policies.
How to ensure secure email exchange with external business partners

When sensitive documents are frequently travelling back and forth between a company and its business partners, email security becomes very important. In this expert response, Peter Wood gives advic...
Are there Web service security standards or risk assessment checklists?

As more organisations integrate business-critical functions with Web services, the security of those services becomes of greater importance. But are there Web service security standards whereby bus...
Dynamic code analysis vs. static analysis source code testing

Managing vulnerabilities involves a wide array of security testing, including both dynamic and static source code analysis. Learn how the two differ, as well as how they are performed in this exper...
How to meet the PCI DSS compliance deadline on an IT security budget

Learn how to meet the upcoming PCI DSS compliance deadline while sticking to an IT security budget by leveraging existing security infrastructure in this response from expert Mathieu Gorge.
PCI PTS: Understanding PCI PIN security requirements

What is PTS, and how does it relate to PCI DSS? In this expert response, learn about the differences between PCI DSS, PA DSS and PTS, as well as recent updates to PCI PTS requirements.
Alternatives to buying full-on network access control (NAC) systems

In this expert response, Peter Wood outlines some alternatives to NAC systems, and explains why, sometimes, NAC systems really are the best choice.
Database activity monitoring technology vs. SIEM tools

In this expert response, Peter Wood explains the difference between database activity monitoring systems and security information and event management (SIEM) tools.
Mobile encryption options for mobile devices: Built-in vs. manual encryption

There are a few different ways to approach mobile encryption. In this expert response, Peter Wood discusses the pros and cons of different mobile encryption options.
Pwn2Own results: The most secure Internet browser for enterprises

Which browsers are secure enough for enterprise use, and which should be avoided at all costs? In this expert response, Richard Brain examines the results of the 2010 CanSecWest Pwn2Own competition...
Google cloud applications: Secure enough for the enterprise?

Google cloud applications aren't necessarily known for their security. In this expert response, learn what to watch out for when considering using such apps in the enterprise.
Securing Web applications with Web application firewalls

Are Web application firewalls the best choice for securing Web applications? In this expert response, find out what other Web application security options are out there.
How to prevent Adobe hacks from affecting your organisation

In this expert response, find out why Adobe has been an enticing target for PDF attacks recently.
Getting the most out of the gap analysis process

In this expert response, Neil O'Connor explains how to get the most out of the gap analysis process in your organization.

Latest Headlines

IT in Europe: Security Edition

Topics

Hot Topics

Advice & Tutorials

Technology Dictionary

Tips

Answers

Ask a Question

Research Library

Product Demos

Blogs

Expert Answers

More from Related TechTarget Sites