- Clickjacking: What You Need to Know
- Jan 5, 2009
- pdp explains how clickjacking attacks can hijack your mouse clicks in an attempt to trick you into giving away control of your privacy, your computer system, and possibly even your bank account.
|
- Setting Up Web Filtering for a Network Using OpenDNS (Part 3)
- Dec 26, 2008
- Eric Geier shows you how to manage multiple networks with one account using OpenDNS.
|
- Botnets II: Emerging Threats, Tactics, and Defenses
- Dec 19, 2008
- Carolyn Meinel describes some of the more promising efforts to combat threats from botnets.
|
- Setting Up Web Filtering for a Network Using OpenDNS (Part 2)
- Dec 19, 2008
- Eric Geier continues his guide on using OpenDNS, a free Domain Name System (DNS) service that helps provide a safer, faster, smarter, and more reliable Internet.
|
- Software [In]security: Software Security Top 10 Surprises
- Dec 15, 2008
- In the course of analyzing real-world data from top software security firms, Gary McGraw, Brian Chess, and Sammy Migues unearthed some surprises.
|
- Setting Up Web Filtering for a Network Using OpenDNS (Part 1)
- Dec 12, 2008
- Eric Geier helps you configure your router and the OpenDNS service so you’ll experience a safer, faster, smarter, and more reliable Internet.
|
- Botnets, Part 1: Why They Strike and How to Defend Against Them
- Dec 5, 2008
- Carolyn Meinel describes the threats posed by increasingly sophisticated botnets and dives into some of the latest technology designed to stop them.
|
- Installing and Configuring TrueCrypt for Full Disk Encryption
- Nov 24, 2008
- Security expert Randy Nash describes how he deployed a FDE solution using the free, cross-platform, and open-source solution from TrueCrypt.
|
- Software [In]security: Web Applications and Software Security
- Nov 14, 2008
- Gary McGraw argues that by understanding the relationship between Web application security and traditional software security, we can better understand security issues on both fronts.
|
- Safety First on craigslist
- Oct 22, 2008
- This chapter shows you how to protect yourself when using craigslist.
|
- Software [In]security: A Software Security Framework: Working Towards a Realistic Maturity Model
- Oct 15, 2008
- Gary McGraw and Brian Chess introduce a software security framework (SSF) to help understand and plan a software security initiative.
|
- Software [In]security: Getting Past the Bug Parade
- Sep 17, 2008
- Gary McGraw explains why more attention should be paid to finding software flaws through the use of threat modeling and architectural risk analysis.
|
- Security Analysis of a Scan-to-PC Solution
- Sep 12, 2008
- Seth Fogie provides a Security Analysis of "Scan-to-PC" solutions and highlights several security issues that need to be addressed before implementation.
|
- Spam: Unwanted Email from Hell
- Sep 9, 2008
- Andy Walker explains what spam is, where it comes from, and what to do about it.
|
- No Time to Patch
- Sep 5, 2008
- Randy Nash discusses the problems of exploits and malicious code and offers some suggestions to reduce the time to patch these vulnerabilities.
|
- Visual Security Analysis
- Aug 26, 2008
- Raffael Marty shows different ways of analyzing security data using visual approaches.
|
- Attacking and Defending the Internet with Border Gateway Protocol (BGP)
- Aug 25, 2008
- Carolyn Meinel explains how sysadmins can take advantage of resources offered by several organizations to detect and defeat BGP problems.
|
- Software [In]security: Software Security Demand Rising
- Aug 11, 2008
- Gary McGraw breaks down the numbers from 2007, showing that software security is making headway in the enterprise even against economic headwinds.
|
- Perception of Security Risk: Fear, Uncertainty, and Doubt
- Jul 28, 2008
- Why do so many security product vendors use it as part of the sales pitch? As Randy Nash explains, because it works.
|
- A Brief History of (Internet) Time: From the Beginnings of Malicious Code to Their Likely Future
- Jul 21, 2008
- Randy Nash looks at the complex relationship between computing power, the growth of the Internet, and the changes in malicious code over time.
|