Home > Articles > Security > Network Security

Network Security

56 Items

Sort by Date | Title

Software [In]security: Technology Transfer
By Gary McGraw
Oct 26, 2010
Gary McGraw discusses the evolution of a source code scanning tool from research project to commercial project and details the transfer of technology that made it all happen.
Software [In]security: The Smart (Electric) Grid and Dumb Cybersecurity
By Gary McGraw
Mar 26, 2010
Security expert Gary McGraw explains why the rush to upgrade our power grid may lead to security vulnerabilities in critical infrastructure.
Software [In]security: Third-Party Software and Security
By Gary McGraw, Brian Chess, Sammy Migues
Nov 30, 2011
How do you gauge the security of third-party code? A recent security conference examined that question, and Gary McGraw presents the findings in this article.
Software [In]security: Top 11 Reasons Why Top 10 (or Top 25) Lists Don’t Work
By Gary McGraw
Jan 13, 2009
Gary McGraw explains why there’s more to software security than watching the bug parade march by.
Software [In]security: Twitter Security
By Gary McGraw
May 15, 2009
Gary McGraw details Twitter's fundamental security vulnerabilities.
Software [In]security: vBSIMM (BSIMM for Vendors)
By Gary McGraw, Sammy Migues
Apr 12, 2011
How do you ensure that your third-party software vendors practice good software security? Software security expert Gary McGraw explains how the Building Security In Maturity Model can play a central role in this effort.
Software [In]security: vBSIMM Take Two (BSIMM for Vendors Revised)
By Gary McGraw, Sammy Migues
Jan 26, 2012
Gary McGraw and Sammy Migues introduce a revised, compact version of the BSIMM for vendors called vBSIMM, which can be thought of as a foundational security control for vendor management of third-party software providers.
Software [In]security: What Works in Software Security
By Gary McGraw, Brian Chess, Sammy Migues
Feb 26, 2010
15 of the 110 activities in the BSIMM are very commonly observed. Gary McGraw, Brian Chess, and Sammy Migues list and explain these activities.
Software [In]security: You Really Need a Software Security Group
By Gary McGraw
Dec 21, 2009
Gary McGraw explains why having a software security group is necessary for a software security initiative.
Talk Is Cheap: Why the Security Industry Needs to Improve Its Bedside Manner
By Michael Kemp
Aug 17, 2007
Michael Kemp explores an often-overlooked aspect of security practice, namely communicating with clients so that they can be assured of expertise instead of being awed by it.
The Anatomy of a Digital Investigation
By Michael W. Graves
Oct 8, 2013
Michael W. Graves discusses the details of a digital investigation, including understanding the scope of the investigation, identifying the stakeholders, and understanding documentation,
The CERT Guide to Insider Threats: Insider Theft of Intellectual Property
By Dawn M. Cappelli, Andrew P. Moore, Randall F. Trzeciak
Mar 2, 2012
This chapter offers a model to prevent insider theft of intellectual property. The first half of this chapter describes the model at a high level.The second half of the chapter digs deeper into the technical methods used in committing these crimes and mitigation strategies that you should consider based on all of this information.
Visualization: How to Present Security Data to Get Your Point Across
By Andrew Jaquith
Dec 21, 2007
Learn how to present security data in a style that truly gets your point across.
Why IT Pros Need to Learn About IPv6 Security Now: An Interview with Scott Hogg and Eric Vyncke
By Linda Leung, Scott Hogg, Eric Vyncke
Jul 4, 2009
Linda Leung talks with Scott Hogg and Eric Vyncke about IPv6 transition and security issues.
Will Cell Phones be Responsible for the Next Internet Worm?
By Norm Laudermilch
Apr 28, 2006
The mobile devices you know and love are great for productivity, but they have completely changed the vulnerability state of our networks. Norm Laudermilch tells you why you should be afraid, very afraid.
ZigBee Wireless Security: A New Age Penetration Tester's Toolkit
By Brad Bowers
Jan 9, 2012
Brad Bowers takes a closer look at the ZigBee protocol, some of the attacks that have been leveraged against it, and the security tools that penetration testers can use.

<< < Prev Page 1 2 3