We've created Learning Guides targeting specific topics to provide you with all the resouces you need in one place. Check out our collection and
what other guides you would like to see on SearchSecurity.com. Bookmark this page to check back often for new additions.
Guide to passing PCI's five toughest requirements
As data security breach threats increase and the Payment Card Industry (PCI) Data Security Standard's authority continues to expand, credit card-processing companies have little choice but to implement PCI's dozen requirements. Some best practices, however, are more difficult to achieve than the others. In this learning guide, Craig Norris explains how to successfully implement the five PCI DSS requirements that have been continuously stumping security professionals.
Corporate Mergers and Acquisitions Security Learning Guide
Although it may be difficult to predict what a corporate merger will do for company profits, M&A activity will almost certainly have an effect on the employees of the two organizations. In this SearchSecurity.com Learning Guide, an expert panel breaks down merger security priorities and explains the best ways to manage disparate staffs, technologies and policies.
Information Security Governance Guide
While security governance and security programs are often discussed in tandem, many security practitioners have difficulty understanding how the concepts relate to each other and how an organization can apply them to develop a successful information security governance framework. Created in collaboration with security management expert Shon Harris, our Information Security Governance Guide covers the components needed to ensure your information security governance program is focused, precise and effective.
Nmap Technical Manual
By now, most infosec pros have heard of Nmap, and most would agree that even though the popular freeware tool is invaluable, installing, configuring and running it in the enterprise is no easy task. With that in mind, SearchSecurity.com, in collaboration with security expert Michael Cobb, has produced an Nmap Technical Manual, detailing how this free tool can help make your organization more secure.
Insider Risk Management Guide
Learn how to protect your network from the inside out with our new Insider Risk Management Guide. Contributor Gideon Rasmussen reviews how to fortify your organization's current insider threat controls to ensure the threat from within is reduced.
Web Browser Security Learning Guide
If not properly secured, Web browsers can serve as a gateway for malicious hackers who want to infect your network. Created in partnership with SearchWindowsSecurity.com, this learning guide identifies the inherent flaws of Internet Explorer and Mozilla Firefox, introduces viable Web browser alternatives, and provides tools and tactics to maximize your Web browsing security.
Network Access Control Learning Guide
From PDAs to insecure wireless modems, users have myriad options for connecting to -- and infecting -- the network. Created in partnership with our sister site SearchWindowsSecurity.com, this guide offers tips and expert advice on network access control. Learn how unauthorized users gain network access, how to block and secure untrusted endpoints, and get Windows-specific and universal access control policies and procedures. As a bonus, this learning guide is also available as a PDF download.
Web Application Attacks Learning Guide
From buffer-overflows to SQL injection, hackers have various techniques at their disposal to attack Web applications. This guide explains how Web application attacks occur, identifies common and obscure Web application attacks, and provides Web application security tools and tactics to protect against them. As a bonus, this learning is also available as a PDF download.
Have you been searching for an inexpensive vulnerability scanner? Check out our Nessus Tutorial. It not only examines the benefits of this free open source tool, but also walks you through the processes of using it in the enterprise, from installation and configuration to using Nessus with the SANS Top 20 to identify critical vulnerabilities.
Spyware Learning Guide
As spyware continues to threaten the stability of corporate infrastructures, it's crucial to understand how this malicious software works and how to defend against it. This guide is a compilation of resources that explain what spyware is, how it attacks and most importantly what you can to do to win the war on spyware.
SOX Compliance for the Security Practitioner
This collection of resources offers security practitioners tips and strategies for keeping their organizations compliant with the ongoing demands of the Sarbanes-Oxley Act. Learn how other security practitioners are handling SOX compliance, financial woes, internal controls, auditing, steps for achieving compliance, avoiding product hype and what happens when you don't comply.
Firewall Architecture Guide
Designing and implementing a firewall solution for an enterprise can be a daunting task. Choices made early in the design process can have far-reaching security implications for years to come. This guide provides a detailed look at the process used to implement a firewall and helps guide you through the design process.
Intrustion Detection and Prevention Learning Guide
It's no secret that a layered security structure is the key to protecting networks from pernicious intrusions. One of the major components in that structure is having solid intrusion detection and prevention. Created in partnership with our sister site, SearchNetworking.com, this guide is a compilation of resources that explain what intrusion detection and prevention are, how they work, troubleshooting, configurations and more.
Understanding Your Authentication Options
At a time when identity theft is running rampant, it's crucial to have sound practices for authenticating your users, customers and partners. This learning guide is a comprehensive compilation of tips, expert advice, featured articles, and other original materials that will help you understand today's authentication challenges.
How to deploy a successful patch
Security patch management is a proactive procedure enterprises should use to eliminate security vulnerabilities and mitigate the risk of a compromised computer. This guide explains how to successfully deploy a patch through each phase of the deployment cycle.
SAP Security Learning Guide
Need to bulletproof your SAP system? This handy Learning Guide pulls SAP security information from both SearchSecurity.com and its sister site, SearchSAP.com, to provide the most comprehensive resource around. Get the scoop on everything from authentication and RFID security to compliance and auditing here.
Firewall Learning Guide
Firewalls are an essential tool in protecting your network from various threats. Created in partnership with our sister site, SearchNetworking.com, this guide is a compilation of resources that explain what firewalls are, how they work, vulnerabilities, troubleshooting, configurations and more.
VoIP Security Learning Guide
More organizations are choosing to implement VoIP telephony for its cost savings. However, securing the technology comes with its own price tag. Created in partnership with our sister site, SearchEnterpriseVoice.com, this SearchSecurity guide is a compilation of resources that review the importance of VoIP security, protocols and standards, LAN security, vulnerabilities, troubleshooting, threats and more.
Thwarting Hacker Techniques
In our series on Thwarting Hacker Techniques, you learned common strategies used by hackers to attack your network, as well as some methods for preventing them. This follow-up guide provides you with a plethora of tips, expert advice and Web resources that offer more in-depth information about each technique and various tactics you can employ to protect your network.
Snort Technical Guide
Arguably one of the best network intrusion-detection systems (NIDS) is the free and open source Snort package. It has a large and active community, and is backed by the commercial company SourceFire, making Snort a strong contender in the NIDS market. The package itself is free. All that's required is some hardware to run it on and the time to install, configure and maintain it. Snort runs on any modern operating system (including Windows and Linux), but some consider it to be complicated to operate. The goal of this guide is to take some of the mystery out of Snort.
Bluetooth Security Basics
As with all networking technologies, the mere presence of Bluetooth on a device introduces security risks, especially when the end user is unaware of Bluetooth's presence, or of how to secure the technology. So, how can you protect your network from Bluetooth threats? Here are five steps for securing Bluetooth devices in the enterprise.
HIPAA Learning Guide
HIPAA deadlines come and go, but compliance is forever. Whether you've met all the deadlines or you've fallen severely behind, this HIPAA Learning Guide from SearchSecurity.com is full of news articles, analysis reports, expert advice, white papers and case studies that will help keep you on track.
XML Security Learning Guide
Securing XML is an essential element in keeping Web services secure. Created in partnership with our sister site, SearchWebServices.com, this SearchSecurity.com Learning Guide is a compilation of resources that review different types of XML security standards and approaches for keeping your XML Web services secure.
Guide to Infosec Certifications
Navigating the security certification landscape can be dizzying. Simply identifying the vast array of offerings can be time consuming and overwhelming -- never mind determining which certification best suits your needs. This Guide to Infosec Certifications provides an overview of the myriad options, whether you're just embarking on your journey up the infosec career ladder or wish to hone your skills in a specialized area.
Guide to vendor-specific security certs
Despite a burgeoning battery of vendor-specific security certifications, identifying which ones best suit your educational or career needs remains fairly straightforward. In this semi-annual vendor-specific certification survey, you'll find an alphabetized list of security certification programs from various vendors, a brief description of each cert and pointers to further details. We also give you some tips on choosing the right certification.