Google has placed Ratproxy, a passive security audit tool, into open source

 
Continue reading Google's Open Source Security Audit Tool...

Digg it!

Sphere it!

Del.icio.us

Reddit!

Newsvine

Posted by Dan Sullivan | Articles and Analysis | Permalink | Comments (0)

A recent study on which of the major browsers are more like to be up to date is generating a fair bit of discussion focused on the study's methodology. Critics are right that some assumptions may have biased the findings but there are easy ways to assess how much of a bias those assumptions introduced. The study isn't perfect but it is a step in the right direction.

 
Continue reading Who Is Running More Secure Browser Still an Open Question...

Digg it!

Sphere it!

Del.icio.us

Reddit!

Newsvine

Posted by Dan Sullivan | Articles and Analysis | Permalink | Comments (0)

Outsourcing security services has a number of advantages, including gaining access to expertise not available in house, more efficiently dealing with mundane operational tasks, and expanding the breadth of your security measures. This podcast discusses the advantages, the kinds of services you can expect to find in a security as a service offering, and finally some issues you should consider, such as defining roles and responsibilities, coordinating multiple vendors, and third party access to private and confidential data.

Digg it!

Sphere it!

Del.icio.us

Reddit!

Newsvine

Posted by Dan Sullivan | Podcast | Permalink | Comments (0)

After reading Luis Suarez's New York Times piece I Freed Myself from E-Mail's Grip I wanted to email everyone I work with to tell them about it - but the irony of littering their inboxes with an article on controlling email was too much to swallow.

 
Continue reading Slaying the E-Mail Dragon: One Success Story from NYT...

Digg it!

Sphere it!

Del.icio.us

Reddit!

Newsvine

Posted by Dan Sullivan | Articles and Analysis | Permalink | Comments (0)

Managing security in any sizable IT organization can sometimes feel like juggling - things keep coming at you and the stuff you've already handled seems to have a way of coming back at you. There are no simple formulas or list of habits that will guarantee your success in this arena but over the last couple of years we have accumulated a number of articles that help to frame and explain some common issues in security management. Here are some of the most relevant:

 
Continue reading Security Management: Tips and Techniques Articles...

Digg it!

Sphere it!

Del.icio.us

Reddit!

Newsvine

Posted by Dan Sullivan | Articles and Analysis | Permalink | Comments (0)

Web applications are prime targets for attackers and developers are expected to develop applications with security high on the requirements list. Over the past years we have accumulated a number of articles that describe tips and techniques for improving application security. Here are some of the most relevant:

 
Continue reading Securing Web Applications: Tips and Techniques Articles...

Digg it!

Sphere it!

Del.icio.us

Reddit!

Newsvine

Posted by Dan Sullivan | Articles and Analysis | Permalink | Comments (0)

The latest article in the Essentials Series: Messaging and Web Security - Volume III looks into how to keep your security management plan in synch with other business objectives. Here's an excerpt:

 
Continue reading Evaluating Your Security Management Program: What to Look For...

Digg it!

Sphere it!

Del.icio.us

Reddit!

Newsvine

Posted by Dan Sullivan | Articles and Analysis | Permalink | Comments (0)

Researchers at McAfee's Avert Labs have reported a vulnerability in Internet Explorer 6 that allows attackers to capture keystrokes. IE 7 does not have this vulnerability.

 
Continue reading Capturing Keystrokes in Internet Explorer 6...

Digg it!

Sphere it!

Del.icio.us

Reddit!

Newsvine

Posted by Dan Sullivan | Articles and Analysis | Permalink | Comments (0)