Home
Topics
Security Threats and Vulnerabilities Management

endpoint security

Endpoint security is an approach to network protection that requires each computing device on a corporate network to comply with certain standards ...
Midmarket security tutorials

SearchMidmarketSecurity.com’s tutorials offer IT professionals in-depth lessons and technical advice on the hottest topics in the midmarket IT secu...
A step-by-step SMB IT security risk assessment process

Assessing your organization's security threats and risks takes just five steps, says Robbie Higgins. Check out his quick guide to the SMB security ...
Three pen test tools for free penetration testing

Nmap, Nessus and Nikto are penetration testing tools that security operators can use to conduct pentests on their networks and applications.

Threats and Vulnerabilities

Antivirus, antispyware management
Configuration and patch management
Integrated security appliances and systems
Security vulnerability management

Email Alerts

Register now to receive SearchMidmarketSecurity.com-related news, tips and more, delivered to your inbox.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

SEO poisoning (search poisoning)

Search poisoning, also known as search engine poisoning, is an attack involving malicious websites that are designed to show up prominently in search results. The sites associated with the links may infect visitors with malware or fraudulently access sensitive information to be used for identity theft.Definition
Microsoft fixes bugs in Security Essentials and Forefront Endpoint Protection

Microsoft has issued a security update for its antimalware products including Security Essentials and Forefront Endpoint Protection 2010.News | 25 Feb 2011
Symantec releases Endpoint Protection 12 and Small Business Edition

Symantec Corp. announced version 12 of its Endpoint Protection product, as well as an upgrade for the small business edition of the product.News | 15 Feb 2011
IPsec (Internet Protocol Security)

IPsec (Internet Protocol Security) is a framework for a set of protocols for security at the network or packet processing layer of network communication.Definition
PDF document security: A look inside Google Chrome PDF viewer

You don't have to rely on Adobe's Acrobat Reader as your only PDF viewer; Google Chrome provides a secure PDF viewer that cuts down on your chances of falling victim to a PDF exploit.Tip
SecTor 2010: Researchers demonstrate malware samples used in targeted attacks

Security researchers from Trustwave's Spiderlabs research team demonstrated malware,--including a Windows credential stealer--that uses automated processes to avoid detection and dupe forensics investigators.Article | 26 Oct 2010
risk analysis

Risk analysis is the process of defining and analyzing the dangers to individuals, businesses, and government agencies posed by potential natural and human-caused adverse events... (Continued)Definition
Social engineering attack: How to remove rogue security software

Social engineering attacks trick users into installing rogue security software. Users need to be educated to avoid falling prey, and IT needs the tools to remove the fake security software.Tip
keylogger (keystroke logger, key logger, or system monitor)

A keylogger, sometimes called a keystroke logger, key logger, or system monitor, is a hardware device or small program that monitors each keystroke a user types on a specific computer's keyboard. As a hardware device, a keylogger is a small battery-sized plug that serves as a connector between the user's keyboard and computer. (Continued)Definition
SEO security: How to stop search engine optimization security attacks

When attackers can place malicious sites high in Google rankings, you may be at risk. Learn how to defend against SEO poisoning.Tip
VIEW MORE ON : Antivirus, antispyware management

Unix SSH example configurations that boost Unix security

Using a Secure Shell (SSH) is a better way to manage Unix servers than command-line access or Telnet, and expert Joel Snyder details three simple modifications you can make in SSH to make your servers more secure.Tip
How to avoid attacks that exploit a Web browser vulnerability

Beyond patching, Tom Chmielarski explains what you'll need to do to avoid application exploits caused by Web browser vulnerabilities.Tip
Windows patch deployment tools: WSUS 3.0 or third-party software?

Gregg Braunton discusses Windows patch deployment tools and reviews when you should (and should not) use WSUS to send updates to your employees' workstations.Tip
How to test Windows operating system patches

Windows patch testing may be easy when it comes to applications like Outlook. Tom Chmielarski reviews how to test more difficult updates to the operating system.Tip
What is the best Windows patch management procedure?

There's no one-size-fits-all approach for deciding when a patch needs testing. Tom Chmielarski shares his thoughts on an ideal patch management process.Tip
PCI DSS requirement: Building and maintaining a secure network

The first PCI focus area requires a set of documented configuration standards, perimeter and endpoint protection.Tip
Take four steps toward Macbook security

Your organization may primarily be a Windows shop, but Macbooks are becoming popular among executives and Macintosh computer security must be understood.Tip
How to fill patch management gaps using Microsoft MBSA

Microsoft Baseline Security Analyzer examines and quantitatively summarizes the state of your organization's Windows security.Tip
Assess your security state in five steps

Prioritize your security spending by identifying how data moves and users interact, and what vulnerabilities exist in infrastructure, systems and applications.Tip
Determine when to use a workaround rather than patch systems

Vendor security patches sometimes unintentionally break production applications. Learn how to determine when your midmarket organization should employ a workaround, rather than patch immediately.Tip
VIEW MORE ON : Configuration and patch management

PDF document security: A look inside Google Chrome PDF viewer

You don't have to rely on Adobe's Acrobat Reader as your only PDF viewer; Google Chrome provides a secure PDF viewer that cuts down on your chances of falling victim to a PDF exploit.Tip
How to avoid attacks that exploit a Web browser vulnerability

Beyond patching, Tom Chmielarski explains what you'll need to do to avoid application exploits caused by Web browser vulnerabilities.Tip
Laptop full disk encryption: Debunking myths

Mike Chapple reviews laptop full disk encryption and separates fact from fiction.Tip
Your USB port management options

When it comes to managing USB ports, the choice is yours. Mike Chapple reviews your three best options.Tip
What Windows protection is available to control USB devices?

USB storage media is practically unavoidable but also a huge risk. Using Windows to control USB devices may not be the best option, but Tom Chmielarski reviews products that can help.Tip
Three portable data storage encryption methods

Mike Chapple looks at three ways to encrypt sensitive data while it's stored on portable media.Tip
Considering two-factor authentication? Do cost, risk analysis

One-time passwords and other technologies are effective protection, but midmarket companies have to consider the expense and management overhead.Tip
How to encrypt emails in Outlook

Mike Chapple reviews how cryptography can be used to validate senders and keep important emails confidential.Tip
The security value of a hosted data center

Have you begun converting your office space to a data center? There's a more secure option, says security analyst Joe Malec.Tip
How to set your baseline with host integrity monitoring software

Once you have your malware detection, IDS and network firewalls in place, it may be time to turn your attention to another valuable troubleshooting tool: host integrity monitoring software.Tip
VIEW MORE ON : Integrated security appliances and systems

Using open source intelligence software for cybersecurity intelligence

Discover the information that may be leaking out of your organisation before hackers use it to launch an attack against your organization.Tip
Secure software development lifecycle: An approach for SMBs

Small businesses that lack the resources to implement the full MSDL can use its basic tenants to provide more secure software development.Tip
Microsoft releases Forefront Endpoint Protection 2010

Microsoft has announced the release of Forefront Endpoint Protection 2010 (FEP), an email filtering and antimalware product for Windows PCs and servers.News | 05 Jan 2011
How to use an edge firewall for network bandwidth management

These five tips will help your organization apply quality-of-service controls on a network perimeter firewall.Tip
How to conduct endpoint application security triage

Many patch management systems fail to address endpoint application security. Tom Chmielarski suggests three areas to examine to ensure that your endpoint applications are secure.Tip
Defending against Firesheep: How to prevent a session hijacking attack

A new exploit tool called Firesheep revealed just how vulnerable applications like Facebook and Twitter are to session hijacking attacks. Mike Chapple lists four steps you can take to protect your midsized business.Tip
Value and limitations of Windows Data Execution Prevention

When attackers inject malicious code into an application, Microsoft's Data Execution Prevention (DEP) technique can thwart the attack and save the day. But expert Tom Chmielarski says DEP does have some limitations.Tip
Microsoft releases free regular expression patterns fuzzing tool

SDL RegEx Fuzzer examines regular expression patterns and whether they can be exploited causing a denial-of-service (DoS) attack.Article | 14 Oct 2010
Midmarket financial firms grapple with internal, external security threats

In the wake of the global economic crisis, many financial firms are struggling to meet tough regulations while defending against both accidental data leakage and a constant barrage of external attacks.Article | 13 Oct 2010
Buffer overflow prevention: Add apps to Microsoft EMET with command line configuration

Adding vulnerable applications to the Microsoft Enhanced Mitigation Experience Toolkit is simple once you've mastered the command line configuration tool.Tip
VIEW MORE ON : Security vulnerability management

About This Topic

Threat and vulnerability management is crucial to the protection of data stored in servers, desktops, laptops and workstations. Here, midmarket IT organizations will find expert help and training on the use and management of integrated security appliances and systems such as unified threat management appliances, antimalware management, configuration and patch management, email and mobile device protection and security vulnerability management.

Latest Headlines

Featured

E-Books

E-Zines

E-Handbooks

Topics

Hot Topics

Advice & Tutorials

Technology Dictionary

Tips

Ask a Question

Research Library

Product Demos

Blogs

Threats and Vulnerabilities

Email Alerts

About This Topic

More from Related TechTarget Sites