Welcome Guest. | Log In| Register | Membership Benefits

Passive Network Fingerprinting; p0f Gets Fresh Rewrite


Posted by John H. Sawyer @ 02:19 PM ET | Feb 03, 2012

Passive network analysis can reveal OS, service, and even vulnerabilities--just by sniffing the network.

Continue reading "Passive Network Fingerprinting; p0f Gets Fresh Rewrite"


Topics:   Evil Bytes



Where's My 'Minority Report' Dashboard?


Posted by Andrew Hay @ 03:43 PM ET | Feb 01, 2012

Why haven't user interfaces for security products taken advantage of human movement technologies?

Continue reading "Where's My 'Minority Report' Dashboard?"


Topics:   Security Monitoring Tech Center : Security Views



The Value Of Device Authentication


Posted by Taher Elgamal @ 06:40 PM ET | Jan 30, 2012

'Fingerprinting' evolving to protect device IDs

Continue reading "The Value Of Device Authentication"


Topics:   Authentication Tech Center : Security Views



The Mechanics Of Breach Notification


Posted by Richard E. Mackey, Jr. @ 06:02 PM ET | Jan 27, 2012

Organizations need to know what constitutes a breach of identity data according to state laws and how to respond

Continue reading "The Mechanics Of Breach Notification "


Topics:   Security Views : Compliance Tech Center



Looking Over The RIM And Into The Chasm


Posted by Mike Rothman @ 01:56 PM ET | Jan 25, 2012

What security folks need to learn from RIM's rapid and accelerating downfall...

Continue reading "Looking Over The RIM And Into The Chasm"


Topics:   Hacked Off



Breach Notification: Know The Rules


Posted by Richard E. Mackey, Jr. @ 06:23 PM ET | Jan 20, 2012

State and Federal laws require notification when a breach of protected information occurs. You need to know which laws apply and how to comply

Continue reading "Breach Notification: Know The Rules"


Topics:   Security Views : Compliance Tech Center



We Make Widgets -- Let Someone Else Handle Security


Posted by Chester Wisniewski @ 10:54 AM ET | Jan 20, 2012

If you're a customer-facing organization, then security can't take second place behind your services

Continue reading "We Make Widgets -- Let Someone Else Handle Security"


Topics:   SophosLabs Insights



I Left My Data In El Segundo


Posted by Don Bailey @ 08:48 PM ET | Jan 18, 2012

Data is the new bit of lost clothing you left behind on that road trip -- and two-factor authentication VPN is the way to go mobile

Continue reading "I Left My Data In El Segundo"


Topics:   Security Views : Mobile Security Tech Center



A Firsthand Piracy Experience


Posted by Robert Graham @ 05:45 PM ET | Jan 18, 2012

Limited government support of intellectual property helps, but not the strong protections in SOPA/PIPA

Continue reading "A Firsthand Piracy Experience"


Topics:   Hacked Off



How To Monitor Employees Without Being A Perv


Posted by Rich Mogull @ 01:09 PM ET | Jan 15, 2012

While we need to monitor our employees to protect organization secrets, there's no need to turn the workplace into a bad episode of Big Brother

Continue reading "How To Monitor Employees Without Being A Perv"


Topics:   Insider Threat Tech Center : Security Views



Identity Versus Authentication


Posted by Taher Elgamal @ 11:56 AM ET | Jan 12, 2012

Distinguishing between identity and authentication

Continue reading "Identity Versus Authentication"


Topics:   : : Authentication Tech Center : Security Views



2012 Will Be The Year Of The...


Posted by Tom Parker @ 12:37 PM ET | Jan 11, 2012

After a rough 2011 for many large organizations, here's a look at what the world of advanced threats will bring in in 2012

Continue reading "2012 Will Be The Year Of The..."


Topics:   Security Views : Advanced Threats Tech Center



Partner Management 3: How To Assess Prospective Partners


Posted by Richard E. Mackey, Jr. @ 10:06 AM ET | Jan 07, 2012

Regulations require organizations to periodically assess security and compliance practices; the key is to understand how to do so effectively -- without breaking the bank

Continue reading "Partner Management 3: How To Assess Prospective Partners"


Topics:   Security Views : Compliance Tech Center



More About Software Tokens


Posted by Taher Elgamal @ 04:33 PM ET | Dec 29, 2011

When software tokens are as strong as hardware ones

Continue reading "More About Software Tokens"


Topics:   Authentication Tech Center : Security Views



Database Security Proxies


Posted by Adrian Lane @ 10:28 AM ET | Dec 22, 2011

Using DAM as a security proxy

Continue reading "Database Security Proxies"


Topics:   Database Security Tech Center : Security Views



SSL's Future


Posted by Taher Elgamal @ 08:00 AM ET | Dec 22, 2011

SSL will evolve to meet requirements for ecommerce and mobile

Continue reading "SSL's Future "


Topics:   Authentication Tech Center : Security Views



Take Off The Data Security Blinders


Posted by Rich Mogull @ 02:39 PM ET | Dec 20, 2011

You can't protect what you can't see. Use these tools to learn how, and where, your data is at risk.

Continue reading "Take Off The Data Security Blinders"


Topics:   Insider Threat Tech Center : Security Views



Will Software Authentication Survive?


Posted by Taher Elgamal @ 11:09 AM ET | Dec 19, 2011

Protecting secret keys or seeds in software without the risk of being stolen is crucial

Continue reading "Will Software Authentication Survive?"


Topics:   : Authentication Tech Center : Security Views



Data Security, Top Down


Posted by Adrian Lane @ 10:36 AM ET | Dec 16, 2011

One policy manages many security tools

Continue reading "Data Security, Top Down "


Topics:   Database Security Tech Center : Security Views



Criminals Make Sure You're Never Really Alone, Even In Self-Checkout Lanes


@ 09:31 AM ET | Dec 15, 2011

Vigilance against card fraud a 7x24 process, even at the grocer

Continue reading "Criminals Make Sure You're Never Really Alone, Even In Self-Checkout Lanes"


Topics:   SophosLabs Insights



For Your Mobile Only


Posted by Don Bailey @ 07:48 AM ET | Dec 15, 2011

Imagine a modern-day plot for a James Bond movie and how mobile would make his task a whole lot easier

Continue reading "For Your Mobile Only"


Topics:   Security Views : Mobile Security Tech Center



Partner Management: Assessing Compliance Capability And Willingness


Posted by Richard E. Mackey, Jr. @ 09:33 AM ET | Dec 09, 2011

Partner management is a key element to any compliance program. Assessing a partner’s ability to meet your compliance requirements is critical to managing these relationships. The first step is to determine the partner’s understanding of its responsibility and ensuring that it is capable of meeting it.

Continue reading "Partner Management: Assessing Compliance Capability And Willingness"


Topics:   Security Views : Compliance Tech Center



ADMP: DAM For Web Apps


Posted by Adrian Lane @ 11:59 AM ET | Dec 07, 2011

Expanding DAM's reach to applications.

Continue reading "ADMP: DAM For Web Apps"


Topics:   Database Security Tech Center : Security Views



Work And Play In Security


Posted by Mike Rothman @ 10:32 AM ET | Dec 05, 2011

As we look towards 2012, it's time to have more fun at work. Integrating some fun, games, and contents into your security program may pay dividends.

Continue reading "Work And Play In Security"


Topics:   Hacked Off



Debunking The Conficker-Iranian Nuclear Program Connection


Posted by Tom Parker @ 01:29 PM ET | Dec 04, 2011

Are confickers links to stuxnet and the Iranian nuclear program without merit?

Continue reading "Debunking The Conficker-Iranian Nuclear Program Connection"


Topics:   Security Views : Advanced Threats Tech Center




Go on to the weblog archives...






  1. Cookies, Social Media And FireSheep
  2. SMB Guide To Credit Card Regulations, Part 2: The Low-Hanging Fruit
  3. HP And The Scary Corporate Fifth Column Concept
  4. Taking USB Attacks To The Next Level
  5. NoSQL: Not Much, Anyway
  1. Taking Cybersecurity Lessons To The Bank
  2. Researchers See Real-Time Phishing Jump
  3. 'BlackSheep' Sniffs Out Firesheep WiFi-Hacking
  4. Slideshow: Ten Free Security Monitoring Tools
  5. A Different Spin On Sleuthing Stuxnet
  6. M&A Activity Muddles Database Security
  1. Secure Managed Web Hosting Saves 960.gs from Malicious Hackers
  2. Access Governance as a Business Service: An Integrated Strategy for Automation with ITSM
  3. Business Driven Access Management and Governance: Simplifying the Delivery and Governance of Access Throughout
 
 


 
  Ars Technica
Boing Boing
Channel 9 Forums
CRN Blogs
Dr.Dobb's Portal: Blogs
Engadget
Gizmodo
GrokLaw
  Lifehacker
Schneier on Security
Slashdot
TechCrunch
Techdirt
Techmeme
Valleywag
 
  February 2012
January 2012
December 2011
November 2011
October 2011
September 2011
August 2011
July 2011
June 2011
May 2011
April 2011
March 2011
February 2011
January 2011
December 2010
November 2010
October 2010
September 2010
August 2010
July 2010
June 2010
  May 2010
April 2010
March 2010
February 2010
January 2010
December 2009
November 2009
October 2009
September 2009
August 2009
July 2009
June 2009
May 2009
April 2009
March 2009
February 2009
January 2009
December 2008
November 2008
October 2008
September 2008