Security

Bruce Nikkel's Practical Forensic Imaging (No Starch Press)

Forensic image acquisition is an important part of the process of after-the-fact incident response and evidence collection. Digital forensic investigators acquire, preserve and manage digital evidence as part of criminal and civil court cases; they examine violations of organizational policy; and they analyze cyber attacks. more>>

FutureVault Inc.'s FutureVault

Though short of Mr Torvalds' aim of world domination, FutureVault, Inc., has set the ambitious goal to "change the way business is done" with its FutureVault digital collaborative vault application. more>>

Example Security Exercises

The following is a list of security exercises you can try after reading Susan Sons' article "Security Exercises".

1) It's Gone more>>

Security Exercises

Regular security exercises are, bar none, the most powerful, cost-effective tool for maturing a project's information security operations—when done well. more>>

Let's Automate Let's Encrypt

HTTPS is a small island of security in this insecure world, and in this day and age, there is absolutely no reason not to have it on every Web site you host. Up until last year, there was just a single last excuse: purchasing certificates was kind of pricey. more>>

Secure Desktops with Qubes: Compartmentalization

This is the third article in my series about Qubes. In the first two articles, I gave an overview about what Qubes is and described how to install it. more>>

Android Browser Security--What You Haven't Been Told

This article focuses on flaws in Android's stock web libraries, while acknowledging related exploits. Some modern Android browsers have critically weak encryption and other dangerous flaws that cannot be patched or otherwise corrected. This weakness extends to multiple browsers and applications and is determined by the linkage to the system webcore on older OS versions. more>>

Synopsys' Coverity

The new version 8.5 of Synopsys' Coverity extends the security umbrella of the static analysis tool to mitigate a wider range of security vulnerabilities. more>>

Securing the Programmer

I have a favorite saying: "If you are a systems administrator, you have the keys to the kingdom. If you are an open-source programmer, you don't know which or how many kingdoms you have the keys to." We send our programs out into the world to be run by anyone for any purpose. Think about that: by anyone, for any purpose. more>>

NordVPN for Android

The prospect of privacy protection and occulting your smartphone's IP address with a VPN are sufficient selling points, but the ability to watch your Spanish-dubbed Turkish telenovellas while on the beach in Tahiti should seal the deal for real. more>>

iguaz.io

An IT megatrend in progress involves the shift from legacy monolithic apps running on enterprise storage to systems of engagement that interact with users, collect real-time data from many sources and store it in elastic and shared data services. more>>

Contrast Security's Contrast Enterprise

The phrase with which Contrast Security describes the one-of-a-kind protection provided by the new Contrast Enterprise is "continuous application security". more>>

illusive networks' Deceptions Everywhere

illusive networks' bread and butter is its deception cybersecurity technology called Deceptions Everywhere whose approach is to neutralize targeted attacks and Advanced Persistent Threats by creating a deceptive layer across the entire network. more>>

SourceClear's Commit Watcher

Someone accidentally commits private AWS keys to an open-source project and ends up handing candy to a bitcoin miner. more>>

Tor 0.2.8.6 Is Released

The latest version of the Tor project was released this week, offering greater security and anonymity to individuals and organizations. Here's why you should care. more>>

Syndicate content