Please turn on your JavaScript for this page to function normally.
Keep e-commerce secure by disconnecting your servers from the Internet

While it sounds strange, disconnecting your e-commerce servers from the Internet is exactly what SpearHead Security Technologies would have you do – using their NetGAP …

Interview with Stuart McClure, President and CTO of Foundstone

Stuart Stuart McClure is the President and CTO of Foundstone, a successful security author, speaker, and teacher. Stuart holds a B.A. degree from the University of Colorado, …

Astaro Content Filtering Process

Traditional Internet filtering methods depend on manually compiled blocking lists, individual ratings or online applied heuristics algorithms. These methods are, for the most …

The Weakest Link in Disaster Recovery

Much of the focus of disaster recovery planning is on creating redundant data sites and backup tapes. Very often, a crucial component is overlooked: that of keeping current …

Buffer Overflows – Defending against arbitrary code execution

Buffer Overflows are one of the most common and potentially deadly forms of attack against computer systems to date. They allow an attacker to locally or remotely inject …

Improving Enterprise Security with Ecora’s Configuration Auditor

Enterprise security is traditionally managed with a plethora of tools. Common among them are firewalls, intrusion detection systems, vulnerability scanning, and penetration …

Threat Profiling Microsoft SQL Server

This paper is written from the perspective of an attacker and shows typical “cursi incursi” for Microsoft SQL Server. An attacker’s location in the …

SSL – A discussion of the secure socket layer

The Secure Socket Layer is the protocol that gives e-commerce the confidence it needs to allow on-line banking and shopping. SSL provides and encrypted bi-directional data …

Monitored Intrusion Detection Systems

Most enterprise networks are protected from the Internet by firewalls. While firewall protections are essential, they rarely identify types of attacks, or attacks on allowed …

Secure Personal Identification Systems: Policy, Process and Technology Choices for a Privacy-Sensitive Solution

This paper describes policy, process and technology issues that need to be considered in implementing a privacy-sensitive secure personal ID system. The different ID …

Shatter attacks – more techniques, more detail, more juicy goodness.

Introduction Well, It’s now two weeks since the release of Shatter, and my inbox has finally started calming down. I’ve tried to reply to most of the messages …

Public Key Infrastructure (PKI): A Primer

As the Internet becomes an increasingly important means of conducting transactions and the volume of e-business grows exponentially, a secure infrastructure is needed to …

Don't miss

Cybersecurity news