Vulnerability and threat management are important aspects of an enterprise security solution. Get the latest information about managing threats, how to conduct a vulnerability assessment, vulnerability scanning, testing and assessment tools.
The future of exploit vulnerability research
SearchSecurity.co.UK | 12 Feb 2009 VIDEO - At Information Security Decisions 2008, security researchers discuss the most vulnerable network points and the future of the SDLC.
NAC and endpoint security: The hard questions
SearchSecurity.co.UK | 05 Feb 2009 VIDEO - Joel Snyder covers challenging endpoint security questions and explains how NAC technology can address them.
Cybercrime attacks, IT outsourcing, mobile malware top ISF threat list
SearchSecurity.co.uk | 24 Jun 2009 ARTICLE - Crimeware, cloud computing and an erosion of network boundaries are just a few of the security threats that corporate members of the Information Security Forum fear the most.
Gartner sees better days ahead for security budgets
SearchSecurity.com | 22 Jun 2009 ARTICLE - Investments in managed security services, intrusion prevention systems and multifunction firewalls help buoy IT security budgets.
How to defend against rogue DHCP server malware
02 Jul 2009 TIP - Rogue DHCP server malware is a new twist on an old concept. The good news is that defenses exist; the bad news is that many organizations haven't bothered to deploy them.
Firewall rule management best practices
24 Jun 2009 TIP - Michael Cobb offers best practices that can allow you to make changes to your company's firewall rule set without losing any sleep.
Web application firewall's value depends on effort you put in
Submitted By: SearchMidmarketSecurity.com | 24 Jun 2009 TIP - SMBs are buying Web application firewalls (WAF) for PCI DSS compliance, but if they are installed and forgotten, they won't be compliant or secure.
Computer misuse cases: Get there before the bad guys
21 Jun 2009 ROYAL HOLLOWAY EBOOK SERIES - By defining the scenarios in which computer systems could be misused, security professionals can test more thoroughly and assess risk more quickly.
Coping with top security in a world of deperimeterization
21 Jun 2009 ROYAL HOLLOWAY EBOOK SERIES - Royal Holloway authors explain how basic deperimeterization principles can ensure that security does not suffer when traditional boundaries are eroded.
How to secure the Border Gateway Protocol
21 Jun 2009 ROYAL HOLLOWAY EBOOK SERIES - The Border Gateway Protocol is used to link the multiple networks that make up the Internet. Although it performs well, it suffers from many security weaknesses.
The Art of Software Security Testing Published by: SearchSecurity.com | 11 Jun 2007 CHAPTER EXCERPT - In Chapter 11, "Local Fault Injection," the authors of "The Art of Software Security Testing" explain the proper methods for examining file formats.
Nessus Published by: Tenable | 01 Mar 2006 DOWNLOAD - Nessus may be the best free vulnerability scanner available. Although Tenable has moved Nessus from being open source to closed source, the company states that "to continue the goodwill that Nessus and Tenable have provided, ...
More from SearchSecurity.com -- May 2007 Information Security magazine | 01 May 2007 MONTHLY MAGAZINE HIGHLIGHTS - Online content from the May 2007 edition of Information Security magazine, examining best practices for the protection of sensitive information.
Centre for the Protection of National Infrastructure
10 Jan 2008 WORD - The Centre for the Protection of National Infrastructure (CPNI) is the agency charged with providing advice to any entity within the United Kingdom that owns or operates services or property critical to commerce, public ...
Serious Organized Crime Agency
09 Jan 2008 WORD - The Serious Organized Crime Agency (SOCA) is a policing agency dedicated to the identification of criminal activity related to drug trafficking, money laundering, identity theft and immigration. SOCA is based in the United ...
TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.