While teaching developers “secure coding” techniques is important, experts say far more is needed to actually produce secure applications.
Gary McGraw's New Book Puts the Yin and Yang in Application Security
Reflex Security’s Reflex VSA, which the company claims is the industry's first virtual security appliance for virtualized environments, enables enterprises to secure those networks with firewall protection and intrusion prevention.
On Monday, Counterpane Internet Security and MessageLabs released their 2005 Attack Trends & Analysis report, which analyzes security attacks across 15 industry sectors and discusses how these attacks affect organizations and outlines the extent of potential damages.
Thanks to improved corporate information security practices, attackers are seeking new methods for accessing sensitive corporate information, putting storage media more at risk than ever. We offer several recommendations for destroying data.
Gates Packs ‘em in; McNealy Shows up with a Message
Is CAN-SPAM working to unclog enterprise in-boxes?
Will 2006 be the year of endpoint security? A number of network-access-control approaches are finally coming to fruition.
McAfee, Symantec, Trend Micro, ICSA Labs and Thompson Cyber Security Labs announced yesterday a plan to test technologies designed to ID and kill spyware.
Compuware is announcing the general availability of a new version of its security analysis tool DevPartner SecurityChecker.
With information security increasingly a boardroom-level concern, job prospects continue to be good, according to a new study. Training and certification are becoming increasingly important for candidates and companies alike.
Companies are racing to patch a WMF vulnerability in all versions of Microsoft Windows XP and Windows Server 2003.
Is your company's use of instant messaging secure? Does it meet regulatory requirements?
SAVVIS announced a portfolio of managed security utility services it calls the SAVVIS Security Utility.
A Retail Data Security Benchmarking Study based on 71 respondents from various retailers and merchandisers, shows greater vigilance is needed by retailers to protect consumer information.
In the wake of multiple data-breach disclosures-and more state laws governing such breaches-many companies are surveying the conduits through which sensitive information can escape the enterprise.
Security Innovation, Microsoft, Red Hat, Oracle and several other companies have formed Application Security Industry Consortium (AppSIC) with the intent of helping establish and define app security guidance and metrics.
A major shift in Internet attacks is under way. “For 5 years, the majority of attacks targeted operating systems like Unix and Windows, and Internet services like Web servers and mail systems,” notes a new study from SANS, a computer security education and information security training firm.
Several vendors offer network access control programs. Now Identity Engines, a start-up vendor with a Cisco-heavy pedigree, is launching its own variation on this theme.