Compliance alone should never be the only goal

When suffering from compliance fatigue, you may have only one option to getting the funding you need to do your job

Subsite of Dark Reading will look at collection and analysis of data on emerging threats

In tough times, compliance efforts may seem optional

Do some 'ethical hackers' really have your best interest at heart, or are they more interested in making your private information public?

Analysis reveals mobile apps designed to protect things like photos and passwords do a poor job, often storing them in plain text with no encryption at all.

When it comes to mounting a successful defense in what is a fast-changing threat environment, best practices require consistent execution

To remain compliant, your approach must grow in scale with your business

Cloud, appliance, software? If you were planning on developing a security monitoring platform, which architecture would you use?

Oracle's recent patch contained exploit code

Is Visa's program to eliminate the requirement for assessments in lieu of EMV (chip and pin) transactions the death knell for PCI? Not yet, but the writing is on the wall

Just because smartphone rail ticketing is a first here in the states doesn't mean mobile malware writers aren't already paying attention

How the increased level and sophistication of of targeted attacks since 2008 may impact this year's U.S. Presidential election campaigns

Compliance is about being better and not just proving you are right

While enterprise-level breaches often get the attention of C-level suite executives and the members of their IT staff, industry research shows it actually falls to rank and file employees to apply best practices and exercise sound judgment in order to properly contain them

Do we need logging standards, or should we just follow the leaders to help direct our logging efforts?

As soon as you train your colleagues about compliance, noncompliance is back in charge

A look at database monitoring and reverse proxies

Compliant systems do more than prevent problems -- they help solve problems that happen

Proactively applying private or public-key encryption coupled with access control won't eliminate data breaches. But it will make it harder for the bad guys to take advantage of you

At what point does turning a blind eye to the loss of revenue spark the inevitable conversation: 'Maybe we should be monitoring this infrastructure more closely?'

How to compile, copy, and run mac-robber on jailbroken iOS devices

A look at some free tools to help tackle database security

How to compile, copy, and run mac-robber on rooted Android devices

Intro to a unique approach for vulnerability research on mobile apps using traditional PC forensic tools