Ask the Experts

Ask the Experts

Application security and coding requirements

• Session fixation protection: How to stop session fixation attacks

  Session fixation attacks rely on poorly managed Web application cookies. Rob Shapland answers a reader’s question on session fixation protection.  Continue Reading

• How to ensure secure email exchange with external business partners

  When sensitive documents are frequently travelling back and forth between a company and its business partners, email security becomes very important. In this expert response, Peter Wood gives advice on how to create a secure email exchange.  Continue Reading

• Dynamic code analysis vs. static analysis source code testing

  Managing vulnerabilities involves a wide array of security testing, including both dynamic and static source code analysis. Learn how the two differ, as well as how they are performed in this expert response.  Continue Reading

• Database activity monitoring technology vs. SIEM tools

  In this expert response, Peter Wood explains the difference between database activity monitoring systems and security information and event management (SIEM) tools.  Continue Reading

• How to prevent Adobe hacks from affecting your organisation

  In this expert response, find out why Adobe has been an enticing target for PDF attacks recently.  Continue Reading

• Windows 2003 DNS configuration tips

  Expert Richard Brain reviews the best way to configure your server's DNS.  Continue Reading

• How to detect and remove Sinowal and repair a master boot record

  Expert Richard Brain reviews how to repair an operating system after malware has damaged a master boot record.  Continue Reading

• PCI credit card compliance: Credit card data protection (over the phone)

  Alan Calder discusses PCI credit card compliance and explains the importance of encryption to credit card data protection when primary account numbers (PANs) and CVV numbers are recorded over the phone.  Continue Reading

• What are USB flash drive security best practices?

  Ken Munro reviews how to secure USB flash drives in the enterprise.  Continue Reading

• How do attackers use Google to hack?

  Richard Brain explains how to protect your website and Web servers from Google hacks.  Continue Reading

• Are iPhone encryption features on the way?

  Expert Ken Munro explains why the iPhone's lack of encryption features has kept it from being a reliable enterprise device -- for now.  Continue Reading

• Why can Google block virus-infected websites; how do you stop a ban?

  Expert Richard Brain explains why Google may block virus-infected websites and what you can do to prevent your website from being banned by Google.  Continue Reading

• What are best practices for credit cards in a call centre?

  Expert Alan Calder explains the security and compliance challenges for call centres that record telephone conversations and credit card details.  Continue Reading

• How to find and prevent SQL injection attack vulnerabilities

  If your site uses a SQL server, then it is probably vulnerable to some form of SQL injection. Expert Richard Brain explains how to strengthen database defenses.  Continue Reading

• What are the dangers of using Facebook, other social networking sites?

  Ken Munro discusses the dangers associated with allowing employees to access social networking sites such as Facebook, and explains how corporations can avoid these risks by monitoring the information placed in employee profiles and using email ...  Continue Reading