- Incident Response Incorporating Mobile Devices into Enterprise Security
Enterprise security hasn't kept up with consumerization—powerful mobile devices often have VPN access and email but lack mature OS security controls. Organizations need greater network segmentation,...
- Product Management Cloud Makes Security More Affordable for Smaller Companies
When this article was first written, cloud adoption was still emerging. The thesis that cloud's pay-per-use billing model would make enterprise security affordable for SMBs has been thoroughly...
- Networking Pros and Cons of Virtual Patching to Address Vulnerabilities
Virtual patching blocks attack vectors exploiting vulnerabilities using IPS, WAF, or database security tools—buying time to develop proper fixes. The danger is complacency: organizations with virtual...
- Social Networking Etiquette Tips for Social Receptions at Conferences
Practical etiquette tips for getting the most out of social receptions at conferences while creating a welcoming atmosphere for others.
- Web Security Researching Malicious Websites: A Few Tips
Malicious sites evade researchers by checking User-Agent and Referer headers, computing redirects via JavaScript, using nonces, and denylisting IPs. Bypass these defenses by faking browser headers,...
- Malware Analyzing Suspicious PDF Files With PDF Stream Dumper
PDF Stream Dumper is a free Windows tool with GUI for analyzing suspicious PDFs. It scans for known exploits, navigates object structures, decodes streams, and includes a JavaScript interpreter for...