Automated Testing of Privilege Escalation in Web Applications
| sponsored by Logicalis
WHITE PAPER:
This paper explains Privilege Escalation in web applications and how to automate the process of testing for them.
Posted: 11 Dec 2008 | Published: 11 Dec 2008
|
|
 |
|
Web Application Security: Automated Scanning versus Manual Penetration Testing
| sponsored by Logicalis
WHITE PAPER:
This paper explains the two primary methods for discovering Web application vulnerabilities: using manual penetration testing and code review or using automated scanning tools and static analysis.
Posted: 11 Dec 2008 | Published: 11 Dec 2008
|
|
|
|
Cross-Site Scripting Explained
| sponsored by Logicalis
WHITE PAPER:
Cross-Site Scripting (XSS) is one of the most common application-level attacks that hackers use to sneak into web applications today.
Posted: 11 Dec 2008 | Published: 11 Dec 2008
|
|
|
|
Top Threats to Mobile Networks - And What to Do about Them
| sponsored by Alcatel-Lucent
WHITE PAPER:
This white paper describes the most common attacks on mobile networks and what to do about them.
Posted: 17 Nov 2008 | Published: 17 Nov 2008
|
|
 |
|
Understanding and Selecting a Database Activity Monitoring Solution
| sponsored by Tizor
WHITE PAPER:
Database Activity Monitoring is an extremely valuable tool for compliance and security; it is critical to the emerging practice of information-centric security.
Posted: 20 Oct 2008 | Published: 17 Oct 2008
|
|
 |
|
Creating an Effective Security Operations Function
| sponsored by RSA, The Security Division of EMC
WHITE PAPER:
Read this white paper to understand all the activities and roles in a security operations function - your first step in making those operations more effective and efficient.
Posted: 17 Oct 2008 | Published: 16 Oct 2008
|
|
 |
|
Securing Web Applications and Databases for PCI Compliance: The Most Challenging Aspects of PCI Compliance
| sponsored by Imperva
WHITE PAPER:
Web and database security present some of the most complex and costly barriers to compliance with the Payment Card Industry Data Security Standard (PCI DSS).
Posted: 08 Oct 2008 | Published: 08 Oct 2008
|
|
 |
|
Using SEM for Compliance
| sponsored by Q1 Labs Inc
WEBCAST:
Check out this expert webcast and learn how to leverage your company's SEM tools to successfully achieve compliance.
Posted: 11 Sep 2008 | Premiered: Available On Demand
|
|
 |
|
Challenges and Opportunities of PCI: A White Paper by the IT Compliance Institute
| sponsored by Tripwire, Inc.
WHITE PAPER:
Enterprise businesses require the control framework involved in the PCI DSS to help improve internal operational, security and audit performance. This white paper details how alignment of business and PCI goals is important to ensure continuity and...
Posted: 29 Jul 2008 | Published: 01 Jan 2007
|
|
 |
|
Editor's Desk
| sponsored by Information Security Magazine
JOURNAL ARTICLE:
Microsoft and Oracle are generous enough to regularly provide severity ratings on vulnerabilities.
Posted: 09 Mar 2008 | Published: 01 Mar 2008
|
|
 |
|
Ping
| sponsored by Information Security Magazine
JOURNAL ARTICLE:
Security risk models are nowhere near as robust or proven as financial risk models, so at this time the information security practitioners have the best knowledge of the field to be able to assess this risk.
Posted: 09 Mar 2008 | Published: 01 Mar 2008
|
|
|
|
Future: The View from Visionaries
| sponsored by Information Security Magazine
JOURNAL ARTICLE:
In 10 years, information security as we know it may not exist. Rather than a separate product, it may simply be embedded into everything. Or Web services may upend traditional enterprise security.
Posted: 11 Jan 2008 | Published: 01 Jan 2008
|
|
|
|
Sophos Threat Detection Test
| sponsored by Sophos Inc.
TRIAL SOFTWARE:
Use the Sophos Threat Detection Test to quickly perform a scan and find any viruses, spyware, adware or zero-day threats that might have by-passed your existing protection
Posted: 30 Aug 2007 | Published: 30 Aug 2007
|
|
 |
|
Prospective Buyers Want Answers
| sponsored by Information Security Magazine
JOURNAL ARTICLE:
The SANS Institute's WhatWorks program identifies three critical areas of concern for security managers.
Posted: 03 Apr 2007 | Published: 01 Apr 2007
|
|
|
|
Face-Off: Is Penetration Testing Worth It?
| sponsored by Information Security Magazine
JOURNAL ARTICLE:
There are security experts who insist penetration testing is essential for network security, and you have no hope of being secure unless you do it regularly.
Posted: 05 Mar 2007 | Published: 01 Mar 2007
|
|
|
|
Business Survival 101: How to Perform a Business Impact Analysis
| sponsored by Information Security Magazine
JOURNAL ARTICLE:
A business impact analysis can be a manual that helps your company weather disasters.
Posted: 13 Nov 2006 | Published: 01 Nov 2006
|
|
|
|
The Self-Defending Network: Enabling Proactive Compliance and Risk Management in Financial Institutions
| sponsored by Cisco Systems, Inc.
WHITE PAPER:
This paper provides thought leadership on how a self-defending network can enable proactive compliance and risk managment for a financial institution, incorporating people, processes, technology and services necessary.
Posted: 14 Jun 2005 | Published: 01 Jan 2004
|
|
 |
|
The Dirty Dozen:The Top Web Application Vulnerabilies and How to Hunt Them down at the Source
| sponsored by Ounce Labs
WHITE PAPER:
Through this white paper, you will discover the top critical design and coding errors that, with today's new technologies, can be identified, analyzed, and eliminated at the source.
Posted: 13 Feb 2005 | Published: 25 Jan 2005
|
|
 |
|
Intellectual Property Protection: A Practical View of Asset Centric Security; a Position Paper from Net4NZIX
| sponsored by Lucid Security Corporation
WHITE PAPER:
This paper will examine the technologies available to move protection from the perimeter towards our information assets.
Posted: 10 Feb 2005 | Published: 01 Dec 2004
|
|
|
|
Typhon III
| sponsored by NGS (Next Generation Security) Software Ltd.
DATA SHEET:Typhon III empowers organisations to significantly reduce their digital risk exposures, and effectively manage security concerns. Posted: 08 Sep 2004 | Published: 01 Sep 2004
|
|
|
|
DominoScan II
| sponsored by NGS (Next Generation Security) Software Ltd.
DATA SHEET:DominoScan II from NGS Software is a detailed assessment application that can help enterprises secure their infrastructures before they are exposed to risk. Posted: 08 Sep 2004 | Published: 01 Sep 2004
|
|
|
|
OraScan
| sponsored by NGS (Next Generation Security) Software Ltd.
DATA SHEET:OraScan from NGS Software is a detailed auditing application developed to assess the security of Oracle web applications regardless of environment. Posted: 08 Sep 2004 | Published: 01 Sep 2004
|
|
|
|
NGSSquirrel for SQL Server
| sponsored by NGS (Next Generation Security) Software Ltd.
DATA SHEET:NGSSquirrel is an innovative vulnerability assessment tool specifically developed to scan Microsoft SQL Server 7 / 2000. Posted: 08 Sep 2004 | Published: 01 Sep 2004
|
|
|
|
NGSSquirrel for IBM DB2
| sponsored by NGS (Next Generation Security) Software Ltd.
DATA SHEET:NGSSquirrel is an innovative vulnerability assessment tool specifically developed to scan IBM DB2. NGSSquirrel allows system administrative staff to quickly and easily discover a range of vulnerabilities on their servers before attackers do. Posted: 08 Sep 2004 | Published: 01 Sep 2004
|
|
|
|
NGSSquirrel for Oracle
| sponsored by NGS (Next Generation Security) Software Ltd.
DATA SHEET:With NGSSquirrel, we've combined our expertise and knowledge to develop and deliver the most powerful vulnerability assessment scanner available for Oracle database servers. Posted: 08 Sep 2004 | Published: 01 Sep 2004
|
|
|
|
Free Newsletters
