| Javascript Feeds RSS Feed Security Dashboard | SearchSecurity.com |
|
Oracle
|
|
PHP and MySQL
|
|
Designing a secure file sharing system Peer to peer systems have gained tremendous popularity over the last few years, partly due to the unimaginable success of the Napster file sharing system. This phenomenon initiated a new era of computing, which included the development and deployment of many similarly designed systems, targeting different types of usage.
Stelios Tigkas,
07/08/2005
|
|
Application Security Cheat Sheet Deploying application in a secure manner has become more critical today then ever before. Enterprises deploy several applications at very short notice. Business demands increased automation and more Internet enabled applications. Security is often considered after the application has been developed and is about to go live or in some cases even after the systems have gone live. This article takes a look at some of the critical factors that needs to be looked at for securing applications.
Hrishikesh Sivanandhan,
06/16/2005
|
|
Security in Software Applications The author gives us an overview on how to integrate security features as part of software application development model. This paper also covers some important points dealing with explicit versus implicit security measures from a customers perspective.
O.S.Balaji,
05/23/2005
|
|
Handbook of Information Security Management Entire book available online. As predicted in our first edition of the Handbook of Information Security Management, published in 1993, the practice of information security has become much more complicated and the need for qualified information security professionals has become critical. During this time, the International Information Systems Security Certification Consortium (ISC2) has made significant progress in testing and certifying information security practitioners as Certified Information System Security Professionals (CISSPs). Currently, almost 1000 practitioners have achieved certification and several hundred sit for the examination annually.
By Micki Krause, Harold F. Tipton, 02/24/2004
|
|
Thick Client Application Security This paper discusses the critical vulnerabilities and corresponding risks in a two tier thick client application along with the measures to mitigate risks. Thick client is defined as an application client that processes data in addition to rendering. An example of thick client application can be a Visual Basic, JAVA or VB.NET application that communicates with a database.
Arindam Mandal,
01/19/2005
|
|
Regulus Exposed Masood Mehmood issues a scathing report on the Regulus logging software used by many ISPs. He includes step-by-step instructions illustrating how to compromise staff passwords and exploit other hidden bugs.
Masood Mehmood,
09/16/2004
|
|
Secure Programming with .NET At the core of Microsoft's .NET initiative is the goal of interconnecting businesses, users, applications, and data. However, with all the concerns regarding security and privacy of data, many individuals and companies are reluctant to connect their business systems and place their data in reach of hackers thousands of miles away. Microsoft understands the challenges and concerns facing early adopters of their technology, and has made security one of their top priorities. The fundamental pillar for building applications is the security surrounding the .NET framework and the security services it provides. In this article, we will provide an overview of .NET framework security features and provide practical tips on how to write secure code in the .NET framework. More importantly, we will discuss which pitfalls to avoid.
By Rohyt Belani and David Wong , 07/15/2004
|
|
H.323 Mediated Voice over IP:Protocols, Vulnerabilities & Remediation VoIP protocols can be classified according to their role during message transmission. H.323 and SIP are signaling protocols and thus, they are involved in call setup, teardown, and modification. RTP (real-time transport protocol) and RTCP (real-time transport control protocol) are media transport protocols, and are involved in end-to-end transport of voice and multimedia data. TRIP, SAP, SRP, OSP, et. al. comprise a group of VoIP-related support protocols. Finally, because H.323 mediated VoIP relies upon the underlying transport layer to move data, more traditional protocols that security professionals are familiar with, such as TCP/IP, DNS, DHCP, SNMP, RSVP, and TFTP, may be required.
By Thomas Porter, 07/13/2004
|
|
Security Features Overview of Merlin (J2SE Version 1.4) All the safeguards that we, as security professionals, employ are rendered useless if the foundation upon which they are laid is not sound. That is why JavaTM has become the language of choice for the security minded application developer. From its inception, security was one of the primary tenets of the JavaTM distributed computing platform.
By Craig Walker, 07/08/2004
|
|
AS/400 & iSeries: A Comprehensive Guide to Setting System Values to Common Best Practice Security The purpose of this document is to assist anyone configuring or auditing iSeries (formerly known as AS/400) system values. This document should only serve as an informational guide and represents a security consultant's opinion on what the "Best Practice" setting should be in a typical corporate environment. Appropriate system value settings for the reader's environment may differ due to varying circumstances.
By Matthew R. Smith, 04/30/2004
|
|
Page: 1 2345678 |
