- Software [In]security: Partly Cloudy with a Chance of Security
- Jun 17, 2011
- Security expert Gary McGraw provides some issues to consider when it comes to adoption of cloud services and their impact on security in your organization.
|
- Software [In]security: Computer Security and International Norms
- May 30, 2011
- The Obama administration recently released its "International Strategy for Cyberspace" outlining America's ideals and strategies for cyberspace. Security expert Gary McGraw explains why he thinks the document is promising in its effort to make our national goals and policies clear when it comes to cyberspace.
|
- Data Leakage During a Time of Economic Recession
- May 25, 2011
- Brad Bowers looks at some of the causes of data leakage and how a weak economy may increase the risks.
|
- 2011 Collegiate Cyber Defense Challenge: Shaping the Cyber Warriors of Tomorrow
- May 2, 2011
- Brad Bowers provides an intriguing look into the 2011 Mid-Atlantic CCDC attack-and-defense competition for information technology students.
|
- Software [In]security: vBSIMM (BSIMM for Vendors)
- Apr 12, 2011
- How do you ensure that your third-party software vendors practice good software security? Software security expert Gary McGraw explains how the Building Security In Maturity Model can play a central role in this effort.
|
- PKI Processes and Procedures
- Apr 1, 2011
- Several processes need to occur in a PKI network for a deployment to function smoothly. To address these processes, this chapter covers enrollment, Certificate Expiration and Renewal, Certificate Verification and Enforcement, and PKI Resiliency.
|
- Software [In]security: Modern Malware
- Mar 22, 2011
- Software security expert and author Gary McGraw looks at where malware is heading — and what we should do about it.
|
- As the Worm Turns: The Stuxnet Legacy
- Mar 14, 2011
- In his ongoing series about the intersections of technology and society, Larry Constantine (an interaction designer specializing in safety-critical applications) discusses the history of the malware known as stuxnet and offers suggestions on how it can be stopped.
|
- Secure Your Windows 7 System Now!
- Mar 9, 2011
- John Traenkenschuh presents three simple tasks to help you secure your Windows 7 system: create backups, consider optional security software, and control the interfaces to the system.
|
- Secure Your Facebook Account Now!
- Mar 2, 2011
- John Traenkenschuh guides you through several profile changes you can implement to protect your data on Facebook.
|
- Software [In]security: Software Patents and Fault Injection
- Feb 28, 2011
- Gary McGraw explains how another party may get a patent on a technique he had a hand in inventing.
|
- Secure Your Android™ Phone Now!
- Feb 23, 2011
- John Traenkenschuh reviews eight simple tools and techniques you can try to secure your service, your information, and more on your Android phone.
|
- Firesheep, Fireshepherd, and Facebook: Understanding Session Hijacking
- Feb 22, 2011
- Mike Chapple shows you how web authentication makes session hijacking possible, how Firesheep exploits these vulnerabilities, and the measures that website administrators, web developers, and end users can take to protect against session hijacking attacks.
|
- Encryption 101: Keys, Algorithms and You
- Feb 15, 2011
- Mike Chapple shows how to protect confidential information via encryption, and teaches the basics when it comes to selecting an encryption technology.
|
- Cisco Secure Access Control System (ACS) 5.2 and User Change Password (UCP)
- Feb 14, 2011
- This article teaches you how to use the User Change Password (UCP) service in Cisco ACS to allow users defined in the ACS internal database to first authenticate themselves and then change their own password.
|
- Q&A with the Authors of "AAA Identity Management Security"
- Feb 7, 2011
- The authors of AAA Identity Management Security discuss the book and its features.
|
- Cisco AAA Identity Management Security: Getting Familiar with ACS 5.1
- Feb 2, 2011
- ACS 5.1 has a completely different user interface from ACS 4.2. Throughout the course of this chapter you will become familiar with the GUI and know where different functions are located.
|
- Software [In]security: Comparing Apples, Oranges, and Aardvarks (or, All Static Analysis Tools Are Not Created Equal)
- Jan 31, 2011
- Security expert Gary McGraw discusses the static analysis tools market, the pitfalls of product comparisons, and provides his recommendation for making the best choice.
|
- Software [In]security: Driving Efficiency and Effectiveness in Software Security
- Dec 29, 2010
- Gary McGraw explains how the 32 firms in the BSIMM study determine the proper mix of security initiatives to maximize efficiency and effectiveness of their security programs.
|
- Computer Incident Response and Product Security: Operating an Incident Response Team
- Dec 17, 2010
- This chapter covers aspects of running an incidence response team (IRT) such as team size, team member profiles, cooperating with other groups, preparing for incidents, and measuring success.
|