Passive network analysis can reveal OS, service, and even vulnerabilities--just by sniffing the network.

Why haven't user interfaces for security products taken advantage of human movement technologies?

'Fingerprinting' evolving to protect device IDs

Organizations need to know what constitutes a breach of identity data according to state laws and how to respond

What security folks need to learn from RIM's rapid and accelerating downfall...

State and Federal laws require notification when a breach of protected information occurs. You need to know which laws apply and how to comply

If you're a customer-facing organization, then security can't take second place behind your services

Data is the new bit of lost clothing you left behind on that road trip -- and two-factor authentication VPN is the way to go mobile

Limited government support of intellectual property helps, but not the strong protections in SOPA/PIPA

While we need to monitor our employees to protect organization secrets, there's no need to turn the workplace into a bad episode of Big Brother

Distinguishing between identity and authentication

After a rough 2011 for many large organizations, here's a look at what the world of advanced threats will bring in in 2012

Regulations require organizations to periodically assess security and compliance practices; the key is to understand how to do so effectively -- without breaking the bank

When software tokens are as strong as hardware ones

Using DAM as a security proxy

SSL will evolve to meet requirements for ecommerce and mobile

You can't protect what you can't see. Use these tools to learn how, and where, your data is at risk.

Protecting secret keys or seeds in software without the risk of being stolen is crucial

One policy manages many security tools

Vigilance against card fraud a 7x24 process, even at the grocer

Imagine a modern-day plot for a James Bond movie and how mobile would make his task a whole lot easier

Partner management is a key element to any compliance program. Assessing a partner’s ability to meet your compliance requirements is critical to managing these relationships. The first step is to determine the partner’s understanding of its responsibility and ensuring that it is capable of meeting it.

Expanding DAM's reach to applications.

As we look towards 2012, it's time to have more fun at work. Integrating some fun, games, and contents into your security program may pay dividends.

Are confickers links to stuxnet and the Iranian nuclear program without merit?