- Leadership CISOs Can Find Allies at the General Counsel Office
CISOs and General Counsel share overlapping goals: policy legality, intellectual property protection, risk/business balance, compliance obligations, and freedom to critique other groups' decisions....
- Social Networking Quora Essentials for Information Security Professionals
- Social Networking Retrospective: Why I Started This Security Blog
- Tools Mitigating Attacks on the Web Browser and Add-Ons
Drive-by exploits target vulnerabilities in browsers and add-ons like Java, Adobe Reader, and Flash. Defense involves sandboxing (Chrome, IE, Adobe Reader X), tightening settings via Group Policy,...
- Web Security Mitigating Attacks on Web Applications Through the Browser
Attackers use browsers as gateways to attack web applications via XSS (executing malicious JavaScript in app context), CSRF (tricking browsers into submitting crafted requests), clickjacking...
- Tools Mitigating Attacks on the User of the Web Browser
Browsers are improving protection against socially-engineered malware. Internet Explorer's SmartScreen includes application reputation tracking—warning users about executables without reputation...