- Chained Exploits: Discover What Your Boss Is Looking At
- Apr 10, 2009
- Learn how to spy on your boss' net surfing habits — and protect yourself and your network from similar exploits.
|
- Are Private-Sector Organizations Responsible for Failing to Plan for Natural Disasters? (Part 3 of 3)
- Mar 31, 2009
- Leo A. Wrobel and Sharon M. Wrobel conclude this series with a discussion of an alarming fact (disasters are on the rise) and what might be an even more alarming conclusion for disaster recovery planners (yep, you're responsible).
|
- Are Private-Sector Organizations Responsible for Failing to Plan for Natural Disasters? (Part 2 of 3)
- Mar 23, 2009
- Contingency planners must adopt those new technologies - or be held responsible for failure to do so. How do these issues affect your role in emergency planning for your organization?
|
- Are Private-Sector Organizations Responsible for Failing to Plan for Natural Disasters? (Part 1 of 3)
- Mar 16, 2009
- If you're the company's disaster-recovery planner, and you're caught unprepared for a natural disaster, are you at fault?
|
- Software [In]security: The Building Security In Maturity Model (BSIMM)
- Mar 16, 2009
- The creators of the Building Security In Maturity Model describe the benefits of using it as a yardstick for measuring your own software security initiative.
|
- Software [In]security: Nine Things Everybody Does: Software Security Activities from the BSIMM
- Feb 9, 2009
- Examine the nine common software security activities that make up the Building Security In Maturity Model (BSIMM).
|
- Top 5 Security Resolutions for New PCs
- Jan 28, 2009
- Randy Nash discusses common security practices we should all follow when setting up new gear.
|
- Wherever You Go, There They Are: The Perils of Cross-Site Tracking
- Jan 23, 2009
- Greg Conti examines the practice of cross-site tracking and offers ways to block, or at least minimize, it.
|
- Securing PHP Web Applications: Cross-Site Scripting
- Jan 22, 2009
- In this chapter, the authors cover a special type of injection attack called cross-site scripting, or XSS.
|
- Software [In]security: Top 11 Reasons Why Top 10 (or Top 25) Lists Don’t Work
- Jan 13, 2009
- Gary McGraw explains why there’s more to software security than watching the bug parade march by.
|
- Clickjacking: What You Need to Know
- Jan 5, 2009
- pdp explains how clickjacking attacks can hijack your mouse clicks in an attempt to trick you into giving away control of your privacy, your computer system, and possibly even your bank account.
|
- Setting Up Web Filtering for a Network Using OpenDNS (Part 3)
- Dec 26, 2008
- Eric Geier shows you how to manage multiple networks with one account using OpenDNS.
|
- Botnets II: Emerging Threats, Tactics, and Defenses
- Dec 19, 2008
- Carolyn Meinel describes some of the more promising efforts to combat threats from botnets.
|
- Setting Up Web Filtering for a Network Using OpenDNS (Part 2)
- Dec 19, 2008
- Eric Geier continues his guide on using OpenDNS, a free Domain Name System (DNS) service that helps provide a safer, faster, smarter, and more reliable Internet.
|
- Robert Seacord on the CERT C Secure Coding Standard
- Dec 15, 2008
- Robert C. Seacord and David Chisnall discuss the CERT C Secure Coding standard, developing C standards, and the future of the language and its offshoots.
|
- Software [In]security: Software Security Top 10 Surprises
- Dec 15, 2008
- In the course of analyzing real-world data from top software security firms, Gary McGraw, Brian Chess, and Sammy Migues unearthed some surprises.
|
- Setting Up Web Filtering for a Network Using OpenDNS (Part 1)
- Dec 12, 2008
- Eric Geier helps you configure your router and the OpenDNS service so you’ll experience a safer, faster, smarter, and more reliable Internet.
|
- Botnets, Part 1: Why They Strike and How to Defend Against Them
- Dec 5, 2008
- Carolyn Meinel describes the threats posed by increasingly sophisticated botnets and dives into some of the latest technology designed to stop them.
|
- Installing and Configuring TrueCrypt for Full Disk Encryption
- Nov 24, 2008
- Security expert Randy Nash describes how he deployed a FDE solution using the free, cross-platform, and open-source solution from TrueCrypt.
|
- Software [In]security: Web Applications and Software Security
- Nov 14, 2008
- Gary McGraw argues that by understanding the relationship between Web application security and traditional software security, we can better understand security issues on both fronts.
|