Tips

Tips

Security Threats and Vulnerabilities Management

• A step-by-step SMB IT security risk assessment process

  Assessing your organization's security threats and risks takes just five steps, says Robbie Higgins. Check out his quick guide to the SMB security risk assessment process.  Continue Reading

• Three pen test tools for free penetration testing

  Nmap, Nessus and Nikto are penetration testing tools that security operators can use to conduct pentests on their networks and applications.  Continue Reading

• Unix SSH example configurations that boost Unix security

  Using a Secure Shell (SSH) is a better way to manage Unix servers than command-line access or Telnet, and expert Joel Snyder details three simple modifications you can make in SSH to make your servers more secure.  Continue Reading

• How to use an edge firewall for network bandwidth management

  These five tips will help your organization apply quality-of-service controls on a network perimeter firewall.  Continue Reading

• How to conduct endpoint application security triage

  Many patch management systems fail to address endpoint application security. Tom Chmielarski suggests three areas to examine to ensure that your endpoint applications are secure.  Continue Reading

• Defending against Firesheep: How to prevent a session hijacking attack

  A new exploit tool called Firesheep revealed just how vulnerable applications like Facebook and Twitter are to session hijacking attacks. Mike Chapple lists four steps you can take to protect your midsized business.  Continue Reading

• Outsourcing data center services: SMB security best practices

  Learn best practices for outsourcing data center services and about the security and compliance considerations that influence whether an SMB should outsource data center services.  Continue Reading

• Value and limitations of Windows Data Execution Prevention

  When attackers inject malicious code into an application, Microsoft's Data Execution Prevention (DEP) technique can thwart the attack and save the day. But expert Tom Chmielarski says DEP does have some limitations.  Continue Reading

• PDF document security: A look inside Google Chrome PDF viewer

  You don't have to rely on Adobe's Acrobat Reader as your only PDF viewer; Google Chrome provides a secure PDF viewer that cuts down on your chances of falling victim to a PDF exploit.  Continue Reading

• Buffer overflow prevention: Add apps to Microsoft EMET with command line configuration

  Adding vulnerable applications to the Microsoft Enhanced Mitigation Experience Toolkit is simple once you've mastered the command line configuration tool.  Continue Reading

• Windows 7 backup tool: Three Windows 7 Backup and Restore use cases

  Windows 7's built-in backup tool is a reliable options for smaller organizations wanting to preserve the confidentiality and availability of stored data.  Continue Reading

• Enhanced Mitigation Experience Toolkit reduces buffer overflow attacks

  Microsoft Windows Enhanced Mititgation Experience Toolkit version 2 introduces six mitigations that reduce the risks posed by malware trying to cause an application buffer overflow attack.  Continue Reading

• Windows 7 Backup and Restore Center a critical data protection tool

  Windows 7's built-in backup tool is a reliable options for smaller organizations wanting to preserve the confidentiality and availability of stored data.  Continue Reading

• Social engineering attack: How to remove rogue security software

  Social engineering attacks trick users into installing rogue security software. Users need to be educated to avoid falling prey, and IT needs the tools to remove the fake security software.  Continue Reading

• SEO security: How to stop search engine optimization security attacks

  When attackers can place malicious sites high in Google rankings, you may be at risk. Learn how to defend against SEO poisoning.  Continue Reading