Expert analysis
A tech theory coming of age
As early as 2005, many industry analysts predicted “consumerization” — the introduction of consumer-owned/purchased devices into enterprise and business …
New mass SQL injection attack making rounds
Again a mass SQL injection attack is making its rounds on the web – this one called jjghui referring to the website it redirects traffic to. As Armorize reported, this …
Microsoft puts vulnerability exploitation into context
Recently Microsoft released the 11th volume of the Microsoft Security Intelligence Report, the most comprehensive version of this report to date. In this podcast, Tim Rains, …
Mitigating the BEAST attack on TLS
During the summer rumours about a new attack against SSL started circulating. Then Opera released a patch, but made no comment about what it was patching. Eventually enough …
Testing web applications for security flaws
David Hoelzer is the Director of Research, Enclave Forensics and a SANS Trainer. In this interview he discusses web application testing, offers advice for those on the hunt …
SANS London 2011 training
Andrew Smith is the Managing Director, EMEA, for the SANS Institute. In this interview he discusses the SANS London 2011 training event and offers insight into what exactly …
Demystifying cloud computing security
Phil Neray is the VP, Data Security Strategy, InfoSphere Guardium & Optim at IBM. In this interview Phil talks about the complex issues surrounding cloud computing …
How well do you know SSL?
Ivan Ristic, the Director or Engineering at Qualys, talks about the research done by SSL Labs. SSL Labs is a collection of documents, tools and thoughts related to SSL. …
Back to the future: Why IT managers should care about firewall management
A number of classic scenes in film and literature involved a group approaching a walled city or castle only to be stopped by a gatekeeper and asked, “Halt, who goes …
Verizon Business data breach investigations report 2011: 8 days a week
What can be learned from the investigation into successful data breaches? What are the latest trends and techniques used by attackers? Get a front row seat at the breach cases …
Patching strategies
Cybercriminals have initiated an arms race by refining the malware manufacturing and development process to systematically bypass defense mechanisms. There are many …
Using online advertising to find out if your data is valuable to a criminal
As it becomes harder for criminals to steal and exploit credit card data, will they give up their carefully crafted tools and stock of zero-day vulnerabilities, or will they …