- Donald Pipkin's Security Tips for the Week of December 2nd
- Nov 29, 2002
- Systems and network managers — combat potentially costly security threats with advice from HP security expert Don Pipkin.
|
- Donald Pipkin's Security Tips for the Week of December 9th
- Dec 6, 2002
- See the big picture with security expert Don Pipkin, and weigh the risks and benefits to develop the most sensible security for your organization.
|
- Donald Pipkin's Security Tips for the Week of November 25th
- Nov 22, 2002
- Take a tip from Don Pipkin, writer of "Halting the Hacker," as he shares a daily nugget of his knowledge of information security. Invest a minute of your day to learn something new about protecting your information assets.
|
- Encryption 101: Keys, Algorithms and You
- Feb 15, 2011
- Mike Chapple shows how to protect confidential information via encryption, and teaches the basics when it comes to selecting an encryption technology.
|
- Firesheep, Fireshepherd, and Facebook: Understanding Session Hijacking
- Feb 22, 2011
- Mike Chapple shows you how web authentication makes session hijacking possible, how Firesheep exploits these vulnerabilities, and the measures that website administrators, web developers, and end users can take to protect against session hijacking attacks.
|
- Fuzzing Frameworks
- Nov 16, 2007
- The authors of Fuzzing explore a number of open source fuzzing frameworks available today, including SPIKE, Autodafé, and GPF.
|
- Game Hacking 101
- Nov 21, 2007
- Gary McGraw and Greg Hoglund describe discuss techniques to prevent piracy and cheating in online games.
|
- ID Theft: Before and After
- Sep 21, 2007
- Learn how to protect yourself from identity theft.
|
- Information Security Bookshelf, Part 1 (2009 Edition)
- May 8, 2009
- Ed Tittel compiles a collection of pointers to useful and informative books on information security.
|
- Information Security Bookshelf, Part 2 (2009 Edition)
- May 18, 2009
- Ed Tittel compiles a collection of pointers to useful and informative books on information security, part 2 of 2.
|
- Is There a Security Problem in Computing?
- Dec 29, 2006
- This sample chapter examines what kinds of vulnerabilities computing systems are prone to. It then considers why these vulnerabilities are exploited, who is involved, and how to prevent possible attacks on systems.
|
- J2EE Security
- Nov 26, 2003
- This chapter from "Java™ 2 Platform, Enterprise Edition: Platform and Component Specifications" describes the security requirements for the Java™ 2 Platform, Enterprise Edition (J2EE).
|
- Maintaining Security by Implementing, Managing, and Troubleshooting Service Packs and Security Updates
- Oct 10, 2003
- Roberta Bragg helps you learn the tools and methods necessary to keep systems patched, how to troubleshoot the problems the patches may cause, and understand the reasons tools may not work correctly.
|
- Measuring the Effectiveness of Application Security Policies
- Jan 13, 2006
- Just because a package has few REPORTED vulnerabilities, that doesn't mean that it actually HAS few vulnerabilities, or address the severity of the holes that are reported. In this article Chisnall argues the true measure of security is what happens once a vulnerability is found.
|
- Minding Your P's: Points to Ponder When Implementing Information Security Controls
- Apr 23, 2013
- Information security expert Randy Nash explains how the relevant parameters that are important in finding the right balance between security and ease of policy implementation.
|
- Mitigating the Security Risks of SSH
- Aug 25, 2006
- John Tränkenschuh describes ways to create a solid security plan to lessen the unknown factors of SSH security.
|
- No Time to Patch
- Sep 5, 2008
- Randy Nash discusses the problems of exploits and malicious code and offers some suggestions to reduce the time to patch these vulnerabilities.
|
- Open Source Tools for Security Testing
- Sep 16, 2005
- Michael Kelly reports on handy security uses for four open source tools: WebGoat, Firefox Web Developer, WebScarab, and Ethereal. By combining the tools in easy ways, testers can track down and close the gaping security holes that are often left in applications.
|
- Perception of Security Risk: Fear, Uncertainty, and Doubt
- Jul 28, 2008
- Why do so many security product vendors use it as part of the sales pitch? As Randy Nash explains, because it works.
|
- Performance Forensics
- Feb 13, 2004
- This article draws from lessons and concepts of health care delivery to provide ideas for addressing system-performance complaints with predictable and accurate results. Specific tools from the Solaris Operating System are discussed.
|