Securing Data and Databases, Inside and Outside Your Networkdigitallibrary
Data thieves like to plunder Web servers and laptops, use phishing messages, and podslurp to reach your databases. These repositories hold the identity and financial data about your employees, customers and business partners. Learn how to secure your data repositories using encryption, as well as device and port control tools. Also learn to monitor when and how sensitive data leaves your network and how to fuse security onto the data itself.
Complying Across Continents: Electronic Discovery and Privacy Issuesdigitallibrary
One country demands you destroy a piece of data, while another demands you retain it. One requires you monitor certain traffic while one forbids it. When your customers, your contractors, your office and your servers are all in different nations, how do you balance the laws of them all? There are no easy answers, so learn what the questions are and get a clue for how to begin answering them.
It is widely believed that homeland security agencies infringe on innocent citizens' privacy in order to carry out the war on terror. Advanced cryptographic techniques can enable complex data mining tasks, while preserving citizens' privacy by revealing the minimum information necessary. Understand the social and tecnhological battle between national security and Constitutional rights.
Securing Data and Databases, Inside and Outside Your Networkdigitallibrary
Data thieves like to plunder Web servers and laptops, use phishing messages, and podslurp to reach your databases. These repositories hold the identity and financial data about your employees, customers and business partners. Learn how to secure your data repositories using encryption, as well as device and port control tools. Also learn to monitor when and how sensitive data leaves your network and how to fuse security onto the data itself.
Complying Across Continents: Electronic Discovery and Privacy Issuesdigitallibrary
One country demands you destroy a piece of data, while another demands you retain it. One requires you monitor certain traffic while one forbids it. When your customers, your contractors, your office and your servers are all in different nations, how do you balance the laws of them all? There are no easy answers, so learn what the questions are and get a clue for how to begin answering them.
It is widely believed that homeland security agencies infringe on innocent citizens' privacy in order to carry out the war on terror. Advanced cryptographic techniques can enable complex data mining tasks, while preserving citizens' privacy by revealing the minimum information necessary. Understand the social and tecnhological battle between national security and Constitutional rights.
Visualization: Transforming How We View Securitydigitallibrary
Visual analytics have been emerging in recent years to help transform cyber security data into relevant information so professionals can acquire greater insight on their security posture, respond faster, and prove compliance. Among the benefits of visualization are the ability to deal with vast amounts of security data, quickly discover patterns and anomalies, and effectively communicate issues to experts and non-experts alike. Learn how visualization is transforming the security field, what visualization tools are available today, and basic principles for successfully implementing security data visualization.
Security-related policy isn't just Sarbanes�Oxley and PCI. Security also includes data breach disclosure laws, bills that are being reviewed by Congress and by state legislatures, precedent-setting court cases and actions by the Federal Trade Commission and other agencies. Get an overview of recent security and privacy legal developments, including: promulgation by Federal agencies of rules pertaining to security, new and recent updates to Federal legislation, proposed Federal legislation, state legislative activities, and agency enforcement actions and private and security litigation.
How I Hacked Your Wireless LAN � And How to Stop Medigitallibrary
Wireless LANs are popping up everywhere�in homes, hotspots and businesses. Get a first-hand look at wireless LAN attacks that have occurred, an appraisal of various risk models that address real dangers (not just hype) and a vendor-neutral review of wireless security technologies on the market.
Fuzz testing or fuzzing is a software testing technique that provides random data ("fuzz") to the inputs of a program. If the program fails (for example, by crashing, or by failing built-in code assertions) the defects can be noted. By simulating real attacks coming from the Internet, fuzzers can be used to test the effectiveness and security of your perimeter defenses as well as other security solutions. Fuzzing takes penetration testing to a new level. It is already used by finance and government sectors in assessing their critical networks. Find out the potential value of fuzzing test results and learn how realistic and usable these results are in environments where detecting all imaginable attacks would be impossible.
Hacking the Invisible Network: What You Don�t See Can Kill Youdigitallibrary
Wireless networks are about convenience�security tends to be an afterthought. And it's not just WiFi: these security issues extend to Bluetooth, RFID and other wireless technologies. Find out about the basic tools and attacks that anyone with a laptop and a wireless card can use to take you down.
Are appropriate controls in place to adequately secure Web-based applications and data? Learn how to effectively manage application security through the Secure Development Lifecycle (SDLC), how to integrate the Top 10 Project from Open Web Application Security Project (OWASP) to mitigate Web application security vulnerabilities and how to use best practices for security testing.
Information Protection & Privacy: Cooperative Education & Awarenessdigitallibrary
Cooperation and collaboration make security projects successful. Whether you are adding on a privacy or security module or developing new privacy and information protection education and awareness initiatives, you must work with multiple groups tasked with security. Learn the cooperative steps you can take to assure optimum results for both missions. A sample awareness communications shows how to incorporate both privacy and information protection.
Tough Target: Awareness for Application Developersdigitallibrary
You know the importance of tailoring awareness messages to each target audience, but what should you be teaching application developers about security that relates to their daily job? Learn from experienced application developers about the content and approaches that will work to impact this tough target audience.
Technical forensics can only recover so much data about a security incident�more can be gathered through effective interviews of those with valuable information. Learn about social engineering, neuro-linguistic programming and interviewing techniques that will help you get the most information and most accurate information out of interviewees. And know when the information you're given is false.
Visualization: Transforming How We View Securitydigitallibrary
Visual analytics have been emerging in recent years to help transform cyber security data into relevant information so professionals can acquire greater insight on their security posture, respond faster, and prove compliance. Among the benefits of visualization are the ability to deal with vast amounts of security data, quickly discover patterns and anomalies, and effectively communicate issues to experts and non-experts alike. Learn how visualization is transforming the security field, what visualization tools are available today, and basic principles for successfully implementing security data visualization.
Security-related policy isn't just Sarbanes�Oxley and PCI. Security also includes data breach disclosure laws, bills that are being reviewed by Congress and by state legislatures, precedent-setting court cases and actions by the Federal Trade Commission and other agencies. Get an overview of recent security and privacy legal developments, including: promulgation by Federal agencies of rules pertaining to security, new and recent updates to Federal legislation, proposed Federal legislation, state legislative activities, and agency enforcement actions and private and security litigation.
How I Hacked Your Wireless LAN � And How to Stop Medigitallibrary
Wireless LANs are popping up everywhere�in homes, hotspots and businesses. Get a first-hand look at wireless LAN attacks that have occurred, an appraisal of various risk models that address real dangers (not just hype) and a vendor-neutral review of wireless security technologies on the market.
Fuzz testing or fuzzing is a software testing technique that provides random data ("fuzz") to the inputs of a program. If the program fails (for example, by crashing, or by failing built-in code assertions) the defects can be noted. By simulating real attacks coming from the Internet, fuzzers can be used to test the effectiveness and security of your perimeter defenses as well as other security solutions. Fuzzing takes penetration testing to a new level. It is already used by finance and government sectors in assessing their critical networks. Find out the potential value of fuzzing test results and learn how realistic and usable these results are in environments where detecting all imaginable attacks would be impossible.
Hacking the Invisible Network: What You Don�t See Can Kill Youdigitallibrary
Wireless networks are about convenience�security tends to be an afterthought. And it's not just WiFi: these security issues extend to Bluetooth, RFID and other wireless technologies. Find out about the basic tools and attacks that anyone with a laptop and a wireless card can use to take you down.
Are appropriate controls in place to adequately secure Web-based applications and data? Learn how to effectively manage application security through the Secure Development Lifecycle (SDLC), how to integrate the Top 10 Project from Open Web Application Security Project (OWASP) to mitigate Web application security vulnerabilities and how to use best practices for security testing.
Information Protection & Privacy: Cooperative Education & Awarenessdigitallibrary
Cooperation and collaboration make security projects successful. Whether you are adding on a privacy or security module or developing new privacy and information protection education and awareness initiatives, you must work with multiple groups tasked with security. Learn the cooperative steps you can take to assure optimum results for both missions. A sample awareness communications shows how to incorporate both privacy and information protection.
Tough Target: Awareness for Application Developersdigitallibrary
You know the importance of tailoring awareness messages to each target audience, but what should you be teaching application developers about security that relates to their daily job? Learn from experienced application developers about the content and approaches that will work to impact this tough target audience.
Technical forensics can only recover so much data about a security incident�more can be gathered through effective interviews of those with valuable information. Learn about social engineering, neuro-linguistic programming and interviewing techniques that will help you get the most information and most accurate information out of interviewees. And know when the information you're given is false.