- Web Security Three Web Attack Vectors Using the Browser
Three browser attack vectors cause most web-based attacks: social engineering (phishing, fake software installs), attacking web applications through the browser (XSS, CSRF, clickjacking), and...
- Web Security Cross-Side Scripting Demystified
- Training Deploying Google Chrome in the Enterprise
Google released enterprise-friendly Chrome deployment tools: MSI installer packages for central rollout, ADM policy templates for Group Policy configuration, and Chrome Frame plugin for IE. Group...
- Communication Tips for Submitting a Security Conference Proposal
- Web Security NoScript Strengthens Security Even If You Allow Scripting
NoScript's script-blocking requires users to allowlist every site—many automatically click "allow" or uninstall it. If script allowlisting isn't for you, enable scripts globally but keep NoScript's...
- Risk Management Information Security Isn't a Standalone Discipline
Information security exists to help organizations achieve corporate objectives, not as a goal in itself. Security professionals must understand how they fit into Finance, Legal, HR, IT, Marketing,...