- Networking Web Application Firewalls (WAFs) Will Be Ubiquitous
WAFs are following the adoption trajectory of traditional network firewalls—both mitigate risk when securing individual components is impractical. Network firewalls protected weakly-configured...
- Tools How to Design Security Warning Messages to Protect Users
Effective security warnings make the safest button most visible, stay brief while providing context, avoid technical jargon, and don't overwhelm users with repeated prompts. Microsoft's "Enable...
- Authentication Better Internal Vulnerability Scanning With Authentication
Authenticated vulnerability scans provide far more comprehensive results than anonymous scans by allowing the tool to examine installed applications, patches, and configurations. Create dedicated...
- Networking Pros and Cons of Virtual Patching to Address Vulnerabilities
Virtual patching blocks attack vectors exploiting vulnerabilities using IPS, WAF, or database security tools—buying time to develop proper fixes. The danger is complacency: organizations with virtual...
- Malware Analyzing Suspicious PDF Files With PDF Stream Dumper
PDF Stream Dumper is a free Windows tool with GUI for analyzing suspicious PDFs. It scans for known exploits, navigates object structures, decodes streams, and includes a JavaScript interpreter for...
- Incident Response 5 Addictions of Information Security Professionals
Information security professionals develop habitual practices that can be detrimental: overly long policies, unrealistic mandates, gadget fascination, blind adherence to "best practices," and an...