See how your anti-virus program did in this head-to-head competition of 29 different anti-virus vendors.
http://www2.csoonline.com/blog_view.html?CID=32948
Archive for May, 2007
German lab tests 29 Anti-virus programs
May 30, 2007SearchSecurity.com’s FREE Security Courses
May 23, 2007SearchSecurity.com offers some of the best free on-line information security training courses on the Net. Check them out.
http://searchsecurity.techtarget.com/generic
/0,295582,sid14_gci1115504,00.html?Offer=SEint2
Preparing for virtualization security unknowns
May 15, 2007It’s impossible to say exactly what the most significant virtualization security challenges will be, but here are some key points to consider..
http://searchsecurity.techtarget.com/tip/0,289483,
sid14_gci1254079,00.html?track=sy260
Steve Gibson has some great podcasts and PDF transcripts on the topic of virtualization and virtualization security. If you can’t get to all of them I highly recommend starting with Episode 54.
Episode 50: Virtual Machine History & Technology
Episode 53: Vmware
Episode 54: Blue Pill
Episode 55: Application Sandboxes
Episode 57: Virtual PC Versus VMware
http://www.grc.com/securitynow.htm
CIO Managing the CSO: Is the Fox Watching the Henhouse?
May 15, 2007Because CIOs are concerned about Return on Investment (ROI) and CSOs are concerned about Return on Risk (ROR) there is potential for conflict.
http://www2.csoonline.com/blog_view.html?CID=32914
[Editor's Note (Valle) I agree with the author's recommendations that the CSO should not report to a CIO but should instead report to the CEO, Board of Directors, or head of auditing or risk management]
12 Ways To Be A Security Idiot
May 9, 2007A great illustrated slideshow based on a 2003 eWeek article by Jim Rapoza.
They should make posters of this slide show and sell them to companies as part of IT security training/awareness programs.
http://www.eweek.com/slideshow
_viewer/0,1205,l=&s=25932&a=
205467&po=1,00.asp?p=y
WEP is very very broken!
May 9, 2007
The latest news about WEP encryption is that it is extremely broken. Hackers now have tools that can break into a WEP enabled wireless network in under 1 minute. Many wireless networks are running WEP because their older access points do not support WPA.
This is another great reason why all employees need to make sure they use VPNs when accessing corporate resources while at cafes and other public spaces.
Here is a good article about this:
We All Weep for WEP
http://www.wi-fiplanet.com/columns/article.php/3675561
My favority security podcast host, Steve Gibson, has a great podcast on the topic
Episode #89: Even More Badly Broken WeP
http://www.grc.com/securitynow.htm
Hello world!
May 9, 2007Welcome to the Security World blog where I will be posting thoughts and ruminations on breaking IT security topics. I look forward to a lively discussion amongst IT security professionals.
