Application security and coding requirements
-
News
25 Apr 2024
Zero trust is a strategy, not a technology
Zero-trust security should be seen as a strategy to protect high-value assets and is not tied to a specific technology or product, says the model’s creator John Kindervag Continue Reading
-
News
24 Apr 2024
Mandatory MFA pays off for GitHub and OSS community
Mandating multifactor authentication for select developers has been a huge success for GitHub, the platform reports, and now it wants to go further Continue Reading
-
News
05 Dec 2011
Concerned about tablet security issues? Some are, others not so much
Users love their tablets, but security pros are concerned about tablet security issues. However, though tablets bring new threats, not everyone is ringing the alarm. Continue Reading
-
News
04 Aug 2011
Missing USB drive, found in pub, contained unencrypted data
The ICO says two housing groups must improve data security after a contractor’s missing USB drive, containing unencrypted data, was found in a pub. Continue Reading
-
Tip
13 Jul 2011
SAP security tutorial: Top 10 SAP security implementation steps
Implementing SAP software securely isn't only the job of SAP specialists; the entire IT department has a role to play. Learn the top ten steps to a secure SAP implementation. Continue Reading
-
News
06 Jul 2011
Network security case study: College’s NAC virtual appliance makes grade
Wellington College’s network security case study explains how a NAC virtualization appliance blocks malware and provides increased capacity on demand. Continue Reading
-
News
25 May 2011
Virtual desktop benefits include tighter security, hot desking
With the help of hot desking and other virtualisation technologies, the Basildon Borough Council was able to centralise its security administration and reduce its number of desks by more than 30%. Continue Reading
-
News
20 Apr 2011
Shutting down a botnet, US Government disables Coreflood
Coreflood, a botnet almost ten years old, has been taken down by the FBI and US Department of Justice by obtaining permission to hijack the command and control servers and send a 'stop' command to infected PCs. Is this overstepping the privacy line? Continue Reading
-
Tip
19 Apr 2011
Secure SDLC best practices
While focus on technicalities is a given during the SDLC, this tip explains how to secure the SDLC, from the analysis phase right through to deployment. Continue Reading
-
Tutorial
22 Feb 2011
Information security tutorials
SearchSecurity.co.uk's tutorials offer a variety of online information security training courses you can take on your own time at your own pace specifically for UK readers. They are designed to arm you with the foundational and tactical information you need to deal with the increasingly challenging job of keeping your organization's information secure. Continue Reading
-
Tip
17 Nov 2010
How to use the Microsoft FCIV command-line checksum tool
Downloading files from the Internet always poses a risk, but there are strategies that can make the process more secure. In this tip, Michael Cobb explains how to use the Microsoft FCIV tool to check the hash values of downloaded files and create hashes and checksums of you own. Continue Reading
-
Answer
08 Sep 2010
Dynamic code analysis vs. static analysis source code testing
Managing vulnerabilities involves a wide array of security testing, including both dynamic and static source code analysis. Learn how the two differ, as well as how they are performed in this expert response. Continue Reading
-
Answer
28 Apr 2008
What are the dangers of using Facebook, other social networking sites?
Ken Munro discusses the dangers associated with allowing employees to access social networking sites such as Facebook, and explains how corporations can avoid these risks by monitoring the information placed in employee profiles and using email filters. Continue Reading