We've created Learning Guides targeting specific topics to provide
you with all the resouces you need in one place. Check out our
collection and
let us
know what other guides you would like to see on
SearchSecurity.com. Bookmark this page to check back often for new
additions.
Guide to passing PCI's five toughest
requirements
As data security breach threats increase and the Payment Card
Industry (PCI) Data Security Standard's authority continues to
expand, credit card-processing companies have little choice but to
implement PCI's dozen requirements. Some best practices, however,
are more difficult to achieve than the others. In this learning
guide, Craig Norris explains how to successfully implement the five
PCI DSS requirements that have been continuously stumping security
professionals.
Corporate Mergers and Acquisitions Security
Learning Guide
Although it may be difficult to predict what a corporate merger
will do for company profits, M&A activity will almost certainly
have an effect on the employees of the two organizations. In this
SearchSecurity.com Learning Guide, an expert panel breaks down
merger security priorities and explains the best ways to manage
disparate staffs, technologies and policies.
Information Security Governance
Guide
While security governance and security programs are often
discussed in tandem, many security practitioners have difficulty
understanding how the concepts relate to each other and how an
organization can apply them to develop a successful information
security governance framework. Created in collaboration with
security management expert Shon Harris, our Information Security
Governance Guide covers the components needed to ensure your
information security governance program is focused, precise and
effective.
Nmap Technical Manual
By now, most infosec pros have heard of Nmap, and most would
agree that even though the popular freeware tool is invaluable,
installing, configuring and running it in the enterprise is no easy
task. With that in mind, SearchSecurity.com, in collaboration with
security expert Michael Cobb, has produced an Nmap Technical
Manual, detailing how this free tool can help make your
organization more secure.
Insider Risk Management Guide
Learn how to protect your network from the inside out with our
new Insider Risk Management Guide. Contributor Gideon Rasmussen
reviews how to fortify your organization's current insider threat
controls to ensure the threat from within is reduced.
Web Browser Security Learning
Guide
If not properly secured, Web browsers can serve as a gateway for
malicious hackers who want to infect your network. Created in
partnership with SearchWindowsSecurity.com, this learning guide
identifies the inherent flaws of Internet Explorer and Mozilla
Firefox, introduces viable Web browser alternatives, and provides
tools and tactics to maximize your Web browsing security.
Network Access Control Learning
Guide
From PDAs to insecure wireless modems, users have myriad options
for connecting to -- and infecting -- the network. Created in
partnership with our sister site SearchWindowsSecurity.com, this
guide offers tips and expert advice on network access control.
Learn how unauthorized users gain network access, how to block and
secure untrusted endpoints, and get Windows-specific and universal
access control policies and procedures. As a bonus, this learning
guide is also available as a
PDF download.
Web Application Attacks Learning
Guide
From buffer-overflows to SQL injection, hackers have various
techniques at their disposal to attack Web applications. This guide
explains how Web application attacks occur, identifies common and
obscure Web application attacks, and provides Web application
security tools and tactics to protect against them. As a bonus,
this learning is also available as a
PDF download.
Nessus Tutorial
Have you been searching for an inexpensive vulnerability scanner?
Check out our Nessus Tutorial. It not only examines the benefits of
this free open source tool, but also walks you through the
processes of using it in the enterprise, from installation and
configuration to using Nessus with the SANS Top 20 to identify
critical vulnerabilities.
Spyware Learning Guide
As spyware continues to threaten the stability of corporate
infrastructures, it's crucial to understand how this malicious
software works and how to defend against it. This guide is a
compilation of resources that explain what spyware is, how it
attacks and most importantly what you can to do to win the war on
spyware.
SOX Compliance for the Security
Practitioner
This collection of resources offers security practitioners tips
and strategies for keeping their organizations compliant with the
ongoing demands of the Sarbanes-Oxley Act. Learn how other security
practitioners are handling SOX compliance, financial woes, internal
controls, auditing, steps for achieving compliance, avoiding
product hype and what happens when you don't comply.
Firewall Architecture Guide
Designing and implementing a firewall solution for an enterprise
can be a daunting task. Choices made early in the design process
can have far-reaching security implications for years to come. This
guide provides a detailed look at the process used to implement a
firewall and helps guide you through the design process.
Intrustion Detection and Prevention Learning
Guide
It's no secret that a layered security structure is the key to
protecting networks from pernicious intrusions. One of the major
components in that structure is having solid intrusion detection
and prevention. Created in partnership with our sister site,
SearchNetworking.com, this guide is a compilation of resources that
explain what intrusion detection and prevention are, how they work,
troubleshooting, configurations and more.
Understanding Your Authentication
Options
At a time when identity theft is running rampant, it's crucial
to have sound practices for authenticating your users, customers
and partners. This learning guide is a comprehensive compilation of
tips, expert advice, featured articles, and other original
materials that will help you understand today's authentication
challenges.
How to deploy a successful
patch
Security patch management is a proactive procedure enterprises
should use to eliminate security vulnerabilities and mitigate the
risk of a compromised computer. This guide explains how to
successfully deploy a patch through each phase of the deployment
cycle.
SAP Security Learning Guide
Need to bulletproof your SAP system? This handy Learning Guide
pulls SAP security information from both SearchSecurity.com and its
sister site, SearchSAP.com, to provide the most comprehensive
resource around. Get the scoop on everything from authentication
and RFID security to compliance and auditing here.
Firewall Learning Guide
Firewalls are an essential tool in protecting your network from
various threats. Created in partnership with our sister site,
SearchNetworking.com, this guide is a compilation of resources that
explain what firewalls are, how they work, vulnerabilities,
troubleshooting, configurations and more.
VoIP Security Learning Guide
More organizations are choosing to implement VoIP telephony for
its cost savings. However, securing the technology comes with its
own price tag. Created in partnership with our sister site,
SearchEnterpriseVoice.com, this SearchSecurity guide is a
compilation of resources that review the importance of VoIP
security, protocols and standards, LAN security, vulnerabilities,
troubleshooting, threats and more.
Thwarting Hacker Techniques
In our series on
Thwarting Hacker Techniques, you learned common strategies used
by hackers to attack your network, as well as some methods for
preventing them. This follow-up guide provides you with a plethora
of tips, expert advice and Web resources that offer more in-depth
information about each technique and various tactics you can employ
to protect your network.
Snort Technical Guide
Arguably one of the best network intrusion-detection systems
(NIDS) is the free and open source Snort package. It has a large
and active community, and is backed by the commercial company
SourceFire, making Snort a strong contender in the NIDS market. The
package itself is free. All that's required is some hardware to run
it on and the time to install, configure and maintain it. Snort
runs on any modern operating system (including Windows and Linux),
but some consider it to be complicated to operate. The goal of this
guide is to take some of the mystery out of Snort.
Bluetooth Security Basics
As with all networking technologies, the mere presence of
Bluetooth on a device introduces security risks, especially when
the end user is unaware of Bluetooth's presence, or of how to
secure the technology. So, how can you protect your network from
Bluetooth threats? Here are five steps for securing Bluetooth
devices in the enterprise.
HIPAA Learning Guide
HIPAA deadlines come and go, but compliance is forever. Whether
you've met all the deadlines or you've fallen severely behind, this
HIPAA Learning Guide from SearchSecurity.com is full of news
articles, analysis reports, expert advice, white papers and case
studies that will help keep you on track.
XML Security Learning Guide
Securing XML is an essential element in keeping Web services
secure. Created in partnership with our sister site,
SearchWebServices.com, this SearchSecurity.com Learning Guide is a
compilation of resources that review different types of XML
security standards and approaches for keeping your XML Web services
secure.
Guide to Infosec
Certifications
Navigating the security certification landscape can be dizzying.
Simply identifying the vast array of offerings can be time
consuming and overwhelming -- never mind determining which
certification best suits your needs. This Guide to Infosec
Certifications provides an overview of the myriad options, whether
you're just embarking on your journey up the infosec career ladder
or wish to hone your skills in a specialized area.
Guide to vendor-specific security
certs
Despite a burgeoning battery of vendor-specific security
certifications, identifying which ones best suit your educational
or career needs remains fairly straightforward. In this semi-annual
vendor-specific certification survey, you'll find an alphabetized
list of security certification programs from various vendors, a
brief description of each cert and pointers to further details. We
also give you some tips on choosing the right certification.