SearchSecurity.com.au Analysis & Commentary

Experts war over seriousness of SSL flaw

Thu, 05 Nov 2009 22:23:17 +0000

The discoverers of a new SSL vulnerability warn it could have dire consequences. But another researcher isn't so sure it's a big threat.

How to develop a cloud security strategy

Thu, 05 Nov 2009 22:16:31 +0000

If you are thinking of adopting cloud computing, make sure you think about security early and often, in open dialogue with your provider.

Book Extract: Has someone tampered with your software?

Thu, 05 Nov 2009 22:20:31 +0000

Christian Collberg and Jasvir Nasvir's book Surreptitious Software explains how to ensure that your software is not hijacked!

Windows Vista User Account Control best practices

Wed, 04 Nov 2009 22:32:43 +0000

Windows Vista's User Account Control (UAC) has been widely pilloried, but remains a more-than-useful security tool. We explain how to administer the tool in this story.

Seven steps to better patch management

Wed, 04 Nov 2009 22:28:21 +0000

Patch management is not a job to be taken lightly. This seven step process will help you to get it right, every time!

How network administrators can help to prevent SQL injection

Tue, 03 Nov 2009 23:20:20 +0000

If you can get your network administrators working alongside database administrators and application developers, stopping SQL injection attacks can get a whole bunch easier.

Google willing to customise security for cloud apps

Tue, 03 Nov 2009 22:49:33 +0000

Would-be users of Google' s hosted applications deterred by security concerns can negotiate with the company to arrange bespoke security settings.

Three ways to improve security log file analysis

Mon, 02 Nov 2009 23:53:31 +0000

Learn three ways to improve the way you collate and analyze data from your security logs in this tip.

Windows 7 Security: AppLocker automation

Sun, 01 Nov 2009 23:28:53 +0000

We continue our look at Windows 7's standout security feature, AppLocker, by exploring its automation features.

Build a breach prevention toolkit

Sun, 01 Nov 2009 22:49:25 +0000

Learn about the tools that can help you monitor applications and track data, to help prevent breaches and data theft.

Five essential data storage security tools

Mon, 26 Oct 2009 22:27:16 +0000

Secure your data with these five essential tools, including LANguard, Acunetix Web Vulnerability Scanner and FileLocator Network.

Why developers should not develop their own cryptolibraries

Mon, 26 Oct 2009 22:49:48 +0000

Developers sometimes insist that if they are allowed to develop their own cryptography libraries, their efforts will result in better security. Our expert argues that writing this kind of code should be left to specialists.

How to encrypt laptop disk drives

Mon, 26 Oct 2009 22:44:55 +0000

Learn pros, cons and best practices for encrypting laptop computer disk drives in this story.

Want to secure a USB port? Forget the Araldite and control USB traffic instead

Sun, 25 Oct 2009 08:49:59 +0000

Some organisations secure USB ports with glue that prevents device connections. But with USB devices now ubiquitous, our expert argues a more mature approach of controlling USB is the route to security.

Critical steps for your database patch management process

Sun, 25 Oct 2009 08:59:27 +0000

Learn the essential steps that simply must be a part of your database patch process.

Identity Management as a Service (IDaaS) - a good idea or unnecessary risk?

Fri, 23 Oct 2009 00:01:32 +0000

Identity Management is now available from managed security service providers. Is it wise to hand over this function to an outsider? And if you, what should be on your essential features list?

How to enable federated single sign-on

Fri, 23 Oct 2009 00:05:19 +0000

Learn how to sign on to several servers simultaneously thanks to single sign-on.

How to verify that an email was opened by the intended recipient

Thu, 22 Oct 2009 22:21:54 +0000

When you send emails such as website registrations, you want to make sure the intended recipient received and responded to the mail, rather than an anonymous interceptor. This story explains how to verify that mail landed in the right inbox.

DLP technology challenges security costs

Thu, 22 Oct 2009 02:20:11 +0000

Data leakage prevention requires more than just flipping a switch. If not implemented properly, DLP could return alerts that stymie business units and increase operational costs

Windows 7 Security: How to use AppLocker

Thu, 22 Oct 2009 02:31:04 +0000

Windows 7 was launched today, complete with the new AppLocker tool that makes it possible to restrict the applications users can install or access. Learn how to make the new tool work in this tutorial.