| 31. |
Incident Handling and Response Capability: An IT Security Safeguard Part 1: Are You Ready to Support an Incident Response Capability? by Catherine M. Woodbury, CISSP
May 7, 2002
Abstract : The Internet has few boundaries, thus each business is required to build and implement their own safeguards. Unfortunately, most IT department's requests for security technology and training are turned down, UNTIL a system security incident occurs. This could be a costly mistake.
Type: Article
|
| 32. |
Dynamic Best Practices of Vulnerability Management by Qualys
Abstract : Building a strong program based on mitigating known vulnerabilities has transformed a security-centric process to an operational necessity for business success. Vulnerabilities, usually expressed by a product vendor as a defect requiring a patch, upgrade, or configuration change are weaknesses in a security profile that attackers target. The goal of a security team is to reduce risk by eliminating these weaknesses. Learn about the "Laws of Vulnerabilities" and the set of actions IT teams can take to remedy them, derived from interviews with enterprise security officers of global organizations. .
Type: White Paper
|
| 33. |
Bootcamp for the Pros; Why Ernst & Young Will Lead Security Auditing Standards (6 Pages)
by L. Taylor
Jan 19, 2002
Abstract : Original News & Educational Review Course Summary Ernst & Young, has put together the quintessential course for security engineers looking to improve their ability to protect their organization's website, systems, and network. Dubbed eXtreme Hacking, and carrying a price tag of $5,000 a slot, this course is for anyone but hacks. With an impressive course book that fills a two-inch thick binder, leading Ernst & Young security engineers take you step-by-step through all the ways that bad guys try to subvert your mission critical servers and network configurations. Using dual-bootable NT-Linux laptops, and an accompanying network setup for practicing subversive attacks and exploits, attendees will leave the course with an entire new bag of tools and tricks that help them understand how bad guys identify target IP addresses, collect information about the systems they plan on compromising, and exploit weaknesses without being noticed. The idea is to learn how to figure out what the weaknesses are in your organization's network before the bad guys do.
Type: Article
|
| 34. |
E*Trade Ignores Private Security Warning, But Public Hullaballoo Gets Response (3 Pages)
by P. Catz
Oct 27, 2000
Abstract : E*Trade was notified about a cookie vulnerability in August, but the correction wasn't made until after the problem became public.
Type: Article
|
| 35. |
Outsourcing Security Part 2: Measuring the Cost (7 Pages)
by Jim McLendon
Apr 9, 2002
Abstract : Evaluating the cost of outsourcing can be challenging because most organizations cannot fully estimate the financial impact of such a decision.
Type: Article
|
| 36. |
6 Days After Advisory Posted, AboveNet Gets Hit (3 Pages)
by L. Taylor
May 18, 2000
Abstract : Once a security advisory gets posted, vendors need to work quickly to rectify the problem. Security engineers are not the only ones reading the advisories. There are cybercriminals who wait for advisories to come out, and take advantage of woe-be-gone networks that have not yet been patched.
Type: Article
|
| 37. |
Product Review: GFI's LANguard Network Security Scanner (7 Pages)
by Brien Posey
Sep 10, 2004
Abstract : Performing patch management is one of the most tedious chores that must be completed by network administrators. While there are many patch management tools available, they can be expensive, have sharp learning curves, or are not deployable across all software platforms. One third party solution, however, GFI LANguard Network Security Scanner, version 5, is an affordable option that can scan the network and deploy patches efficiently while looking for other potential security vulnerabilities.
Type: Article
|
| 38. |
With Record Revenues, AXENT Puts Down a Solid Fist (7 Pages)
by L. Taylor
Jul 6, 2000
Abstract : Cybercrime and information security attacks are not going to go away. AXENT's three protection products, Intruder Alert, Raptor Firewall, and NetProwler contain the most fundamental security protection products that any aspiring Internet company should include in their IT strategy - network based intrusion detection, host based intrusion detection, and an enterprise hybrid firewall.
Type: Article
|
| 39. |
Los Alamos Loses Top-Secret Information, Again! (3 Pages)
by L. Taylor
Jun 20, 2000
Abstract : Another security compromise occurred at Los Alamos National Laboratories last month when two hard drives containing top-secret nuclear information disappeared. The security mistakes that are being made at Los Alamos are sloppy and unacceptable.
Type: Article
|
| 40. |
Fixing Security Backdoors: Red Hat 1, Microsoft 0 (3 Pages)
by C. McNulty
May 9, 2000
Abstract : April is the cruelest month for operating system security holes. Red Hat posted a fix within six hours, but Microsoft leaves usナ still waiting!
Type: Article
|
购物车 
