Monthly Archives: December 2006

Skybox and ISS Deliver First Virtual Modelling Environment for IPS

Skybox® Security, Inc., the leader in Security Risk Management (SRM), and Internet Security Systems, Inc. (ISS), the worldwide leader in pre-emptive, enterprise security, today announced the industry’s first virtual modelling environment for Intrusion Prevention Systems (IPS). The solution is delivered as a new capability in the third-generation release of the award-winning Skybox View® Suite (see… Read More »

Quality Assurance and Web Application Security

Many companies are under the impression that testing for Web application security simply involves a cursory check for easy-to-guess usernames and passwords. Yet application security testing can and should involve more complex checks, such as testing for SQL injection and Cross-Site Scripting. Often this sort of review does not happen until the Web application is… Read More »

Web Services Security in Java EE

Java EE comes with a mature security model that provides for the guaranteed features that have to be supported by all compliant application servers: authentication, authorization, confidentiality, and integrity. Though not yet required by the specification, most high-end application servers also support some sort of auditing of security-related events and non-repudiation – in other words… Read More »

Crypto malware close to being uncrackable

File-encrypting Trojans are becoming so complex that the security companies could soon be powerless to reverse their effects, a new report from Kaspersky Lab has said. The report notes the rapid evolution of the public key encryption used by one family of crypto malware, Gpcode, which went from using 56-bit to 660-bit RSA in a… Read More »

PHP encryption for the common man

In this increasingly virtual online world, you have to be careful to protect your data. Learn the basics of encoding and encrypting important bits of information, such as passwords, credit card numbers, and even entire messages. Get an overview of what it means to encrypt and decrypt information, as well as some practical examples involving… Read More »

Malware Evolution: MacOS X Vulnerabilities 2005 – 2006

The Apple Macintosh is becoming more and more popular. However, recent reports on Mac security have caused extensive discussion among security professionals. Those who have expressed concern about the increasing number of vulnerabilities detected in Mac OS X have been accused of overreacting.

Silex Embedded Software Solution for Wireless Security

silex Inc. has launched Network Security Suite (NSS), a comprehensive software solution designed to give OEM manufacturers the ability to integrate network security into their products. NSS is a customizable source code library that includes 802.1x authentication with the most commonly used EAP types (TLS, TTLS, PEAP, and FAST), Cisco LEAP, as well as WPA… Read More »

Kerio MailServer 6.2 – Kerio polishes Webmail with AJAX

Kerio MailServer, a highly rated email and groupware server targeted to small and medium sized businesses, has been updated again, this time with a broad range of refinements to existing features most users will appreciate. Among the new features are Sticky Notes support, a two-level spam rating system, and private Distribution Lists.