Email Alerts
-
Static code analysis tools gain traction in India as SDL models mature
Static analysis tools are gaining popularity with Indian companies as software development models and perspectives mature. Here are some popular choices. Feature
-
Maltego user guide part 2: Infrastructural reconnaissance
This part of our Maltego tutorial details how you can use the multi-faceted tool for infrastructural aspects of information gathering. Tutorial
-
The Metasploit Framework Tutorial PDF compendium: Your ready reckoner
Get our Metasploit Framework tutorial installments in one place, with the aid of this Metasploit tutorial PDF collection. Tutorial
-
Security sandbox program: Defense-in-depth or layered vulnerabilities?
Recently, companies like Adobe and Google have been using sandboxes to aid measures in their applications, but how can sandboxes be useful in the enterprise? Article
-
Buffer overflow tutorial: How to find vulnerabilities, prevent attacks
Buffer overflow exploits and vulnerabilities can lead to serious harm to Web applications, as well as embarrassing and costly data security breaches and system compromises. Learning Guide
-
A malicious charger could hack Apple devices easily, claim researchers
A modified phone charger or battery could be used to hack Apple devices, say researchers from Georgia Tech News | 04 Jun 2013
-
Indian companies must increase phishing awareness
Businesses are being targeted for phishing attacks. These attacks are increasingly turning into a corporate concern, with much at stake -- such as reputation damage. News | 25 Apr 2013
-
Patch Tuesday: Five critical bulletins, Exchange Server fix expected
In addition to Exchange Server, updates fix flaws in Internet Explorer, Microsoft Office and Microsoft Word. News | 06 Dec 2012
-
Cutwail botnet spam campaign tied to Zeus banking Trojan
The cybercriminals connected to the notorious Zeus Trojan are using the Cutwail botnet to distribute spam designed to steal account credentials. News | 05 Dec 2012
-
Study finds spear phishing at heart of most targeted attacks
Malicious file attachments are typically used as the payload, according to a report issued this week by Trend Micro. News | 29 Nov 2012
-
US-CERT warns of new Samsung, Dell printer threat
Hard-coded passwords on some Samsung and Dell printers could enable an attacker to take control of an affected device. News | 27 Nov 2012
-
Phishing attack, stolen credentials sparked South Carolina breach
A phishing attack and stolen credentials gave an attacker access to the systems of the South Carolina Department of Revenue for two months. News | 21 Nov 2012
-
NASA to deploy whole-disk encryption following breach
Stolen laptop contained the sensitive data on a large number of employees and contractors. The information was not encrypted. News | 15 Nov 2012
-
November 2012 Patch Tuesday to include Windows 8 patch
Microsoft's November 2012 Patch Tuesday release will include four critical bulletins to fix flaws in Windows 8 and other products. News | 08 Nov 2012
-
Remote access Trojan evades detection using mouse functions
Trojan highlights need to tune automated detection systems to spot malicious software attempting to use Windows hooks, expert says. News | 06 Nov 2012
- See more News on Vulnerability and patch management
-
Securing VMware Infrastructure
Companies are embracing virtualization as a cost-savings measure. Find how to secure your VMware infrastructure. Tip
-
Analysis: Windows 8 security features improve on Windows 7 security
Expert Michael Cobb says Windows 8's security features, like Windows Defender and Secure Boot, are a step forward for desktop and BYOD security. Tip
-
Mitigate phishing attacks in the cloud: A how-to
As Indian enterprises increasingly move to the cloud, so are phishing attempts. Here are some ways to mitigate the risks of phishing in the cloud. Tip
-
After antimalware: Moving toward endpoint antivirus alternatives
Is it time to "cut the cord" with endpoint antimalware? Matthew Pascucci discusses possible antivirus alternatives. Tip
-
Using ESAPI to fix XSS in your Java code
Customized validation routines are the norm in Indian organizations for fixing vulnerabilities. OWASP’s ESAPI framework may prove to be a better option. Tip
-
Intro: How big data benefits enterprise information security posture
Andrew Hutchison explains how big data benefits enterprise information security posture by merging the security and operational data landscape. Tip
-
Why static code analysis’ benefits go beyond mere VA/PT
While everyone has joined the VA/PT bandwagon, few Indian organizations consider static code analysis viable. We look at where static code analysis scores. Tip
-
Mobile application security issues and threat vectors in enterprises
As mobile application security threats take on serious proportions, we explore the issues and risks involved for users and enterprises. Tip
-
Exploring new features, uses for secure Web gateway appliances
Expert Michael Cobb reviews secure Web gateway appliance features that can better shield endpoints, plus SWG deployment options. Tip
-
Social engineering penetration testing: Four effective techniques
Social engineering penetration testing is now a must for enterprises. Learn about the four methods your pen tests should use. Tip
- See more Tips on Vulnerability and patch management
-
How penetration testing helps ensure a secure data store
A third-party penetration test is the best way to determine whether an online data store can be compromised. Answer
-
How to secure a .pdf file
In this expert Q&A, Michael Cobb explains how to avoid malicious content that is embedded into .pdf documents. Ask the Expert
-
Are Web application penetration tests still important?
Web application penetration tests continue to be an important part of the secure software development lifecycle process in order to reduce the number and severity of security-related design and coding errors. Ask the Expert
-
When should a virtual patch be used?
Learn how virtual patches can help administrators review, test and schedule official patch updates and find out about the benefits a virtual patch provides, such as protection against identified vulnerabilities. Ask the Expert
-
Ethical hacking techniques for standard penetration testing
Learn how to form a policy for standard penetration tests including getting written permission. Learn ethical hacking techniques. Ask the Expert
-
What is the best way to manually test for buffer overflows?
There are two ways of reviewing a program for buffer overflows. Michael Cobb explains how to examine a program's source code and file code. Ask the Expert
-
What is an ideal patch management process for small businesses?
Patch management and testing can be a time-consuming and resource-hungry task. In this expert response, Michael Cobb demonstrates how to streamline the process. Ask the Expert
-
vulnerability and patch management
Vulnerability management is a pro-active approach to managing network security. Definition
-
Data Security Council of India (DSCI)
The Data Security Council of India (DSCI) is a not-for-profit organization created to promote the country as a secure destination for information technology (IT) outsourcing. DSCI was founded by NASSCOM, an Indian IT-BPO (business process outsourcing... Definition
-
Nine must-have OSINT tools
Open source intelligence tools aid in target discovery during the reconnaissance phase. Here are nine must-have OSINT tools for finding maximum target info. Photo Story
-
Bruce Schneier on security for cloud computing
In part one of this interview with author and leading security expert Bruce Schneier, he discusses how cloud computing is changing the information security industry, and how companies should adapt to keep up. Video
-
The trade-offs of unified threat management
Opus One's Joel Snyder reveals a key drawback of UTM. Video
-
A malicious charger could hack Apple devices easily, claim researchers
A modified phone charger or battery could be used to hack Apple devices, say researchers from Georgia Tech News
-
Indian companies must increase phishing awareness
Businesses are being targeted for phishing attacks. These attacks are increasingly turning into a corporate concern, with much at stake -- such as reputation damage. News
-
Securing VMware Infrastructure
Companies are embracing virtualization as a cost-savings measure. Find how to secure your VMware infrastructure. Tip
-
Patch Tuesday: Five critical bulletins, Exchange Server fix expected
In addition to Exchange Server, updates fix flaws in Internet Explorer, Microsoft Office and Microsoft Word. News
-
Cutwail botnet spam campaign tied to Zeus banking Trojan
The cybercriminals connected to the notorious Zeus Trojan are using the Cutwail botnet to distribute spam designed to steal account credentials. News
-
Analysis: Windows 8 security features improve on Windows 7 security
Expert Michael Cobb says Windows 8's security features, like Windows Defender and Secure Boot, are a step forward for desktop and BYOD security. Tip
-
Study finds spear phishing at heart of most targeted attacks
Malicious file attachments are typically used as the payload, according to a report issued this week by Trend Micro. News
-
Mitigate phishing attacks in the cloud: A how-to
As Indian enterprises increasingly move to the cloud, so are phishing attempts. Here are some ways to mitigate the risks of phishing in the cloud. Tip
-
US-CERT warns of new Samsung, Dell printer threat
Hard-coded passwords on some Samsung and Dell printers could enable an attacker to take control of an affected device. News
-
Phishing attack, stolen credentials sparked South Carolina breach
A phishing attack and stolen credentials gave an attacker access to the systems of the South Carolina Department of Revenue for two months. News
- See more All on Vulnerability and patch management
About Vulnerability and patch management
Find patch and vulnerability management best practices here. Discover the ideal policy for patch management and evaluate patch manager solutions. Manage server patch management optimally. Keep yourself updated with the latest patch management software developments and news.