Security News

Building Better Applications: Beyond Secure Coding

While teaching developers “secure coding” techniques is important, experts say far more is needed to actually produce secure applications.

Security beyond the Badness-ometers

Gary McGraw's New Book Puts the Yin and Yang in Application Security

Virtually reflexive response to security threats

Reflex Security’s Reflex VSA, which the company claims is the industry's first virtual security appliance for virtualized environments, enables enterprises to secure those networks with firewall protection and intrusion prevention.

Rapidly evolving security attack trends

On Monday, Counterpane Internet Security and MessageLabs released their 2005 Attack Trends & Analysis report, which analyzes security attacks across 15 industry sectors and discusses how these attacks affect organizations and outlines the extent of potential damages.

Destroy, Shred, Disintegrate: Guidelines for Securely Decommissioning Storage

Thanks to improved corporate information security practices, attackers are seeking new methods for accessing sensitive corporate information, putting storage media more at risk than ever. We offer several recommendations for destroying data.

RSA Opening Keynoters

Gates Packs ‘em in; McNealy Shows up with a Message

Corporate E-Mail Security: Compliance Swamps IT Staff

IT managers look to better tools, including self-service retrieval for employees

Spinning CAN-SPAM

Is CAN-SPAM working to unclog enterprise in-boxes?

The Shape of Endpoint Security to Come

Will 2006 be the year of endpoint security? A number of network-access-control approaches are finally coming to fruition.

Security firms form posse to track and capture spyware

McAfee, Symantec, Trend Micro, ICSA Labs and Thompson Cyber Security Labs announced yesterday a plan to test technologies designed to ID and kill spyware.

Compuware seeks to secure Web apps with tool upgrade

Compuware is announcing the general availability of a new version of its security analysis tool DevPartner SecurityChecker.

Careers: Strong Demand Continues for Information Security Jobs

With information security increasingly a boardroom-level concern, job prospects continue to be good, according to a new study. Training and certification are becoming increasingly important for candidates and companies alike.

WMF flaw provokes headaches, workarounds

Companies are racing to patch a WMF vulnerability in all versions of Microsoft Windows XP and Windows Server 2003.

Energy company puts juice into monitoring IM

Is your company's use of instant messaging secure? Does it meet regulatory requirements?

SAVVIS introduces managed security services

SAVVIS announced a portfolio of managed security utility services it calls the SAVVIS Security Utility.

Retailers' efforts to safeguard consumer data not enough, survey shows

A Retail Data Security Benchmarking Study based on 71 respondents from various retailers and merchandisers, shows greater vigilance is needed by retailers to protect consumer information.

Spyware hampers compliance initiatives

In the wake of multiple data-breach disclosures-and more state laws governing such breaches-many companies are surveying the conduits through which sensitive information can escape the enterprise.

New consortium sets out to establish app security guidelines

Security Innovation, Microsoft, Red Hat, Oracle and several other companies have formed Application Security Industry Consortium (AppSIC) with the intent of helping establish and define app security guidance and metrics.

Black hats increasingly target apps

A major shift in Internet attacks is under way. “For 5 years, the majority of attacks targeted operating systems like Unix and Windows, and Internet services like Web servers and mail systems,” notes a new study from SANS, a computer security education and information security training firm.

Upcoming Events


Sign up for our newsletter.

I agree to this site's Privacy Policy.