| General Security Concepts & Misc. - Community Contributions |
|
|
|
Title
|
Contributor |
Date |
Description |
Rating |
|
The Importance of Securing AJAX Web Applications |
Acunetix |
26/02/07 |
This paper, submitted by Acunetix, reviews AJAX technologies with specific reference to JavaScript and briefly documents the kinds of vulnerability classes that should raise security concerns among developers, website owners and the respective visitors. |
No votes |
|
Paradox of Web Leeching |
Aditya Sood |
18/10/07 |
A quick look at Leeching, how it works and the associated threats of it, written by Aditya Sood. |
No votes |
|
Return on Information Security Investment |
Adrian Mizzi |
10/02/05 |
an excellent look at calculating Loss of Revenue, Return on Investment, Viability of Expenditure, and other formulas that should help one calculate the value to determine the need for security. |
9 |
|
Denial Of Service FAQ(Basic) |
Aelphaeis Mangarae |
10/05/05 |
This text submitted by Aelphaeis Mangarae discusses the many different types of DOS, ways DOS are performed and methods to help minimize impact from such attacks. |
5 |
|
Learn Information Gathering By Example |
Aelphaeis Mangarae |
06/10/06 |
This white paper, written by Aelphaeis Mangarae, goes through the steps and tools you can use in order to successfully gather information on a target web server. |
8 |
|
An Approach to Web Application Threat Modeling |
Akash Shrivastava |
09/05/08 |
The aim of this paper, written by Akash Shrivastava, is to identify relevant threats and vulnerabilities in the Web Application and build a Security Framework to help in designing a secure Web Application. |
9 |
|
Designing and Implementing a SAN |
Al Spraker |
03/08/06 |
This paper will define and compare the storage area networks (SAN) with network-attached storage (NAS) as well as a historical perspective of directly-attached storage (DAS). |
No votes |
|
Salted Hashes Demystified |
Andres Andreu |
10/10/05 |
Andres Andreu submits this work regarding passwords and the hashing process, most popular in UNIX type Operating Systems. |
7 |
|
Document Security in Web Applications |
Andres Desa |
02/03/05 |
Many web applications serve Word or PDF documents to the users. These documents are often cached in user's PC and could reveal sensitive information. This White Paper talks about the rendering of documents like Word, PDF files in such a way that they are not cached by the browsers. The paper looks at the current implementations followed and suggests an implementation that successfully tackles the issue. A sample code in ASP would also be provided in the paper. |
8 |
|
Ten Threats You Probably Didn't Make Plans For |
Andrew Bycroft |
27/01/06 |
Andrew Bycroft discusses threats that most people and policies do not consider such as shoulder surfing and eavesdropping. |
8 |
|
Understanding Security Testing |
Arian Eigen Heald |
30/11/05 |
Eigen Heald submits this article on security testing. She discusses the differences between vulnerability assessing and vulnerability scanning as well as the scope of both. |
9 |
|
Mobile Phone Security |
Benny C. Rayner |
01/06/06 |
Benny Rayner submits this paper outlining and giving detail on the different threats of the mobile phone. |
7 |
|
Network Security- An Open-Source Approach |
Blain R. Jones |
29/08/05 |
Blain Jones discusses using open source solutions to mitigate risk to an acceptable level. |
9 |
|
The Effectiveness of Mix-Networks in Concealing Low-Latency Traffic |
Bleston Wright |
25/08/06 |
This paper, written by Bleston Wright, discusses a means of regaining some anonymity through the usage of mix networks. It begins by discussing the threat of traffic analysis, then defines mix-networks, and explains their usage for privacy. |
10 |
|
Cyber Terrorism and Information Security |
Brett Pladna |
25/02/08 |
Brett Pladna writes this research paper analyzing and outlining CyberTerrorism and the role Information Security has with it. |
10 |
|
The Lack of Attention in the Prevention of Cyber Crime and How to Improve It |
Brett Pladna |
14/05/08 |
This paper, written by Brett Pladna, discusses the issues of cyber crime and what is being done to prevent it |
10 |
|
Poor Information Security Management Renders Technology Irrelevant |
Brian Christopher Watkins |
05/08/04 |
'Security Management Renders Technology Irrelevant' is an overview that takes a look at the risks involved with doing business today. |
No votes |
|
Preventing a Brute Force or Dictionary Attack |
Bryan Sullivan |
31/01/07 |
Bryan Sullivan of Spi Dynamics submits this paper which takes a look at Brute Force and dictionary attacks and methods to defend against them. |
5 |
|
Top 10 Configuration Security Vulnerabilities : Part One |
Bryan Sullivan |
02/05/07 |
Bryan Sullivan from Spi-Dynamics submits this paper outlining five of the worst offenders of misconfigurations of application security in the ASP.NET world as well as five more misconfigurations that impact Web Forms authentication in ASP.NET as well. |
9 |
|
Web Application Vulnerability Assessment Essentials: Your First Step to a Highly Secure Web Site |
Caleb Sima |
21/06/07 |
this article, contributed by authors Caleb Sima and Vincent Liu from Spi Dynamics, discuss how to execute a web application vulnerability assessment. |
8 |
|
Cloud Computing – Storm Clouds or is it Smooth Flying? |
Cary Whitaker |
20/04/10 |
Cary Whitaker writes about the concerns of Cloud Computing and gives some great reasons to take it seriously. |
7 |
|
End Point Security: Securing the Final Three Feet |
Chip Moore |
27/07/06 |
This contribution by Chip Moore, will examine several ways that system administrators can begin contemplating and planning on implementing end point security in their organization. |
No votes |
|
How to Make the 'Perfect' PB&J |
Chuck Fullerton |
29/10/04 |
A contribution that outlines using Policies, Best Practices and Justifications to improve Information Security. |
8 |
|
Security Risks You and Your Family Impose on your Companies’ Computing and Networking Assets |
Colin Scott Thomas |
22/12/05 |
Colin Thomas submits this paper on the risks not often thought about or addressed that may impact your company. |
9 |
|
Safeguarding Against Social Engineering |
Colleen Rhodes |
25/04/06 |
Colleen Rhodes contributes this paper on Social Engineering, different tactics used, and how to protect oneself from these attacks. |
10 |
|
Mutual Authentication for Online Banking: One Size Does Not Fit All |
Comodo |
06/09/06 |
This paper will analyze the relative security and cost effectiveness of current mutual authentication solutions. In addition, this paper will also explore an innovative alternative to achieve not just compliance - but a true best practice PKI-based mutual authentication schema that is low cost, highly secured and highly manageable to deploy. |
6 |
|
Computer Forensics: Bringing the Evidence to Court |
Cornell Walker |
17/08/05 |
Cornell Walker presents this study on bringing evidence to court int he form of computer forensics. This is a must read for anyon having to provide evidence to the legal system. |
9 |
|
Protecting Your Home Assets |
Craig Fosnock |
27/07/04 |
A paper dedicated to the common home user. It identifies home users as a target, and provides defense in depth solutions home users can do to minimize the risk. |
3 |
|
SOHO: Cost Effective Techniques for Protecting Your Data |
Craig Gosselin |
26/07/06 |
This paper, written by Craig Gosselin, will explore and help make sense out of the myriad of techniques and hardware available to help you secure your SOHO that you might with due diligence and due care become self aware of the importance of information security in your small office home office. |
No votes |
|
Cryptosystems That Secure Web Browsers |
Craig Luther |
26/07/04 |
This paper covers SSL, SET, Secure HTTP, SSH and other protocols used to secure Web Browsing. |
7 |
|
SECURITY OF WINDOWS 2000 SERVER Administrators Choice |
DaAnZeR |
14/10/04 |
A thorough Windows 2000 Server Hardening Guide. |
9 |
|
Hiring for Culture as well as Technical Skill in Information Technology |
Dan Morrill |
16/01/06 |
Dan Morrill has done extensive research in the management of information security, things that business and IT Leaders need to know, trends in information security management, and the business IT interface. In this paper he discusses that hiring the right IT guy is not just technical, there are other skills that need to be considered, such as inter-personal skills. |
10 |
|
Disgruntled employees and Intellectual Property Protection |
Dan Morrill |
21/04/06 |
A well written paper submitted by Dan Morrill discusses the very real threat of disgruntled employees and the potential impact they may have on an organization. Dan provides some excellent references to drive this home. |
10 |
|
Why Projects Fail |
Dan Morrill |
14/06/06 |
Dan Morrill submits this paper that guides those in charge of DRM projects and some of the common issues that arise. |
No votes |
|
Statistical Analysis of Internet Security Threats |
Daniel James |
07/05/07 |
The purpose of this paper, written by Daniel James, is to analyze the statistics surrounding the most common security threats faced by Internet users. |
7 |
|
HIPAA In Health Care: Information Security in a Health Care Environment |
Daniel James |
11/05/07 |
Daniel James writes this paper on Healthcare and Information Security, asking and answering questions such as how it protects patient data, what the penalties are for non-compliance, how it will affect the healthcare industry and other questions. |
10 |
|
Internet Scams and Hoaxes: Some Information for Your Everyday User |
David Cobaugh |
31/05/06 |
David Cobaugh provides this work which describes how one can easily identify hoax and scam emails as well as references to go and get more information or help. |
10 |
|
Information System Activity Review in an Academic Medical Center |
David McKelvey |
22/11/05 |
David McKelvey submits this work on the Information System Activity Review (ISAR) which is intended to detect and limit damage to the confidentiality, integrity, and availability of a system. |
8 |
|
Asking the Right Question: Penetration Testing vs. Vulnerability Analysis Tools, Which Is Best? |
Dennis Hurst |
09/02/07 |
Dennis Hurst of Spi-Dynamics contirbutes this paper which discusses how penetration testing and assessments have matured and become more complex when dealing with web facing applications. |
10 |
|
Building Business Unit Scorecards |
Dennis Opacki |
26/12/05 |
This contribution by Dennis Opacki, explores two methods of producing business unit security scorecards.
|
No votes |
|
Why Document DRM will Replace Encryption as the Standard for Document Protection |
Dr Stephen Hitchen |
18/03/05 |
This paper discusses DRM as a superior replacement for encryption as a means of securing the content of documents for business. |
7 |
|
What is the point of encryption if you don’t know who for? |
Dr. Colin Walter |
04/05/05 |
Encryption is an absolute necessity to maintain an architecture for secure communications. It provides confidentially, authenticity and non repudiation, essential for successful e-commerce transactions on the Internet. Encryption is only possible with entity authentication after all, what is the point of encryption if you don’t know who for? |
3 |
|
Footprinting: What is it and How Do You Erase Them |
Ed Sutton |
14/12/05 |
In this paper, Ed Sutton discusses just exactly what footprinting is, how it affects your privacy, and how to erase your footprints. |
8 |
|
Securing a Web Site |
Erik Evans |
05/04/06 |
In this paper, Erik Evans will review the current challenges businesses face when hosting a public web site. |
10 |
|
Protecting your Personal Computer |
Felix Uribe |
01/04/05 |
A high-level overview for a non-technical user of how to protect your computer. Topics include Spyware, Firewall and Antivirus. |
4 |
|
Share-aware: A new shareware model proposal |
Floydman |
06/09/02 |
A proposal for a new shareware system. |
9 |
|
Biometrics - The Wave of the Future? |
Gary Daniel |
30/05/06 |
Gary Daniels writes this paper as an intoduction to Biometrics which provides the history behind it. |
9 |
|
ITIL V3 Improves Information Security Management |
Ginger Taylor |
11/07/08 |
This paper, written by Ginger Taylor, will begin with an historical overview of ITIL and then move into a high level overview of Version 3, with particular focus on the Information Security Management process. This paper will address how this process has matured and how organizations can better ensure the confidentiality, integrity, and availability of their IT services by implementing the ITIL framework. |
10 |
|
ISO 17799: Asset Management |
Gregory Yhan |
21/11/05 |
Greg Yhan submits this contribution which outlines Asset Management as defined in the ISO 17799/BS7799 standards. |
9 |
|
Beyond Top Secret |
Hal Walter |
01/08/04 |
This paper discusses data classification, Physical Security, Communications Security, Information Seucrity, and Personnel Security. |
8 |
|
The Phishing Guide |
Hal Walter |
01/02/10 |
A comprehensive paper on a newer information security threat known as Phishing. |
4 |
|
Developing and Implementing an Operating Systems Security course with Labs |
Harry Bulbrook |
09/08/06 |
Harry Bulbrook writes this paper. Durham Technical Community College is developing a security course based on securing operating systems. This paper will present a list of course objectives and an outline for a developing a security course based on securing operating systems. In addition, several lab exercises will be developed and presented, including auditing and monitoring (through log files), and locking down access (including implementation of password policies.) |
10 |
|
Responding to Security Incidents on a Large Academic Network: |
Jamie Riden |
14/02/06 |
This paper, submitted by jamie Riden, describes a series of security incidents on a large academic network, and the gradual evolution of measures to deal with emerging threats. |
10 |
|
How to use (IRC) File Servers |
Janne |
07/09/02 |
General: Fserver: Defination, XDCC, Fserver versus FTP, DC, Boards... | Use: using, accessing, commands | Flaws, bugs, backdoors etc. | retrieving addition info | MIRC Scripting | DCC and Firewalls |
10 |
|
Becoming User Friendly: The Technological Hurdle of Modern America |
Jason Cook |
30/10/06 |
Jason Cook presents this perspective on computers, Apple and Microsoft, and some of the challenges todays end users are faced with and possible solutions. |
No votes |
|
Introduction to Block Cipher Algorithms and Their Applications in Communication Security |
Jason Isom |
27/04/05 |
This contribution from Jason Isom gives a brief introduction to Cryptography and Block Cipher Algorithms. |
6 |
|
Desktop Security Policy Enforcement - How to Secure Your Corporate Mobile Devices |
Jason Meyer |
30/08/06 |
This paper, written by Jason Meyer, will discuss the items that make up a secure desktop security policy and explore a few of the available solutions from vendors that meet some or all of the basic requirements. |
10 |
|
Data Backup and Recovery Options |
Jeff S. Drake |
06/07/07 |
Jeff Drake submits this very in-depth look at backups, what it is, the impact and strategies. |
8 |
|
Breaking Point: Forging Chaos and Destruction |
Jesus Oquendo |
06/08/03 |
Written to make novices, experts, and LEA's aware of high tech crime scenarios and how easy it has become is to pass forgeries or frame someone in today’s world without even having to be a computer expert. |
No votes |
|
Wired Network Security: Hospital Best Practices |
Jody Barnes |
11/08/06 |
Jody Barnes contributes this paper which looks at HIPAA and it's implications for the wired network, perimeter security, network segmentation, security netwok equipment, and restriction of network access. |
9 |
|
How Acceptable Use Policies Coincide with HIPAA Requirements |
Jody Rouse |
28/07/04 |
A close look at how Acceptable Use Policies can help with HIPAA. The ideas in this paper could also be applied to Sarbanes Oxley, BS7799, ISO 17799 and other standards. |
7 |
|
A Brief Overview of VoIP Security |
John Daniel McCarron |
02/05/06 |
John McCarron submits this paper that outlines some of the risks associated with using Voice Over IP (VoIP). |
3 |
|
Information Security as a Business Practice |
John Enamait |
11/12/06 |
This paper, written by John Enamait, addresses the role information security plays in an organization with discussions around structure and best practices. |
9 |
|
Cybercrime & Cyberterrorism Against Corporate America |
John Hibbs |
02/06/08 |
This paper, written by John Hibbs, discusses the methods and techniques used in cybercrime and cyberterrorism in today’s society. |
9 |
|
BS7799 - The Road to BS7799 Certification and using ISO17799 as an Information Security Framework |
John Theobald |
12/10/05 |
An excellent overview of the BS7799/ISO17799 framework submitted by John Theobald of I-Defence. |
7 |
|
The Evolving World of Computer Security and Laws |
Joshua Garris |
19/04/10 |
Jashua Garris writes about Information Security and laws, citing specific cases to demonstrate the importance of a solid security program. |
8 |
|
The Layman's Guide to Phishing and Pharming |
Joshua J. Sawyer |
01/12/05 |
A personal/home user perspective on Phishing and Pharming submitted by Joshua Sawyer. This paper provides good references and examples. |
No votes |
|
The Dangers of Mobile Computing |
Joshua J. Sawyer |
31/07/06 |
In this contribution by Joshua Sawyer, Solutions to common problems areound mobile computing are discussed, as well as practical steps users can take in order to minimize the risks resulting from mobile computing. |
No votes |
|
Network Security: Protecting the Patient's Electronic Medical Data in the Health Care Organization |
Karen Watson |
19/07/06 |
This research paper, submitted by Karen Watson, discusses the importance of protecting the patient and the patient’s data in the evolving electronic medical record environment in the health care organization. |
10 |
|
The Patriot Act and Illegal and Legal Electronic Warrantless Searches |
Karen Watson |
19/07/07 |
A very insightful look in to the United States' Patriot Act and what it means to you by Karen Watson. |
10 |
|
A Layered Approach to Security |
Kellen Barrett |
27/12/07 |
This term paper written by Kellen Barrett, outlines how Kellen implemented a layered security environment and statistically demonstrated how it helped lower security incidents. |
7 |
|
Economic Evaluation of a Company’s Information Security Expenditures |
Kelly Lucas |
05/12/05 |
Kelly Lucas provides this paper on Return on Investment (ROI), Net present Value (NPV) and Internal Rate of Return (IRR). Some good examples and best practices are included. understand your |
8 |
|
C0D3 CR4CK3D: Means and Methods to Compromise Common Hash Algorithms |
Kevin C. Redmon |
07/08/06 |
In this paper, Kevin Redmon discusses the means and methods that cryptanalysts use to compromise several hash algorithms. He also discusses ways to decrease the opportunity for a compromise of a hash or its source data. |
7 |
|
Securing Network Communication with Stunnel, OpenSSH, and OpenVPN |
Kurt Kincaid |
12/12/05 |
Kurt Kincaid submits this article that discusses STunnel, OpenSSH, and OpenVPN. Kurt explains the value of each of these as well as the implementation. |
9 |
|
Virus Detection and Prevention Best Practices |
Lesley Herring |
15/12/05 |
Lesley Herring shares her trials and tribulations about antivirus managment in the Insurance industry. |
8 |
|
Personal Digital Assistants are Convenient, but are They Safe? |
Lindsey Street |
02/01/06 |
Lindsey Street submits this paper which looks at protecting PDA data from the consumer perspective by comparing five different third party security software packages for PDA’s. |
10 |
|
Penetration Testing – A Systematic Approach |
Manish Saindane |
01/09/06 |
Manish Saindane contributes this paper on a penetration testing approach that will help those needing to, or considering performing penetration tests. |
9 |
|
A Closer Look at Ethical Hacking and Hackers |
Marilyn Leathers |
12/12/08 |
This paper, written by Marilyn Leathers, will define ethical hacking, list some of the commonly use terms for attackers, provide a list of the standard services offered via ethical hacking to combat attackers, discuss the three common group of hackers and the top 10 most famous hackers, and finally discuss legal implications of hacking. |
8 |
|
Securing Home Office |
Matt Moberg |
28/10/08 |
The goal of this paper, written by Matt Moberg, is to address the common vulnerabilities of the average home office and to suggest methods to safely secure it. |
6 |
|
Where is the True Enemy to Network Security |
Michael Hogan |
15/08/05 |
Michael Hogan submits this paper on the threats facing networks today, from both an internal and external perspective, with focus on internal. |
No votes |
|
PHP Hypertext Preprocessor: Tools for Webpage Management |
Michael Watson |
19/05/06 |
Michael Watson submits this paper which will identify the need for coding of web page language, its ease of use and security, and show some of the pioneer companies and programs stemming from PHP. |
No votes |
|
Contemporary Approaches To Project Risk Management: Assessment & Recommendations |
Mohamed Noordin Yusuff |
15/03/06 |
Mohamed Noordin Yusuff discusses identifying and minimizing risks in projects to an acceptable level to the business. |
10 |
|
The Role of Modeling and Simulation in Information Security |
Mohammad Heidari |
03/02/06 |
In this paper, Mohammad Heidari explains the applications of M&S for modeling and simulation of computer/network security. This article also analyzes the current state of M&S in the field of information security, and presents new suggestions to solve the problems in modeling and simulating in the field of Information Security. |
9 |
|
Middleware-Emerging Technology and its Controls |
Naushad Ramzan Ali |
19/08/04 |
A paper that discuss middleware, and the security concerns surrounding it. A good introductory paper. |
8 |
|
RFID Security in the Logistics Setting |
Paul Bellamy |
03/05/06 |
Paul Bellamy contributes this paper which discusses some of the security surrounding RFID. |
7 |
|
For My Next Trick... Hacking WEB2.0 |
Petko Petkov |
02/10/07 |
In this paper, written by Petko Petkov, he outlines some of the dangers of Web2.0 by combining fictional stories with technology that is real. Each story begins with a prologue, which introduces the problem, and finishes with a conclusion, which summarizes the attack techniques that are described within the story context. |
10 |
|
Failed: Information Security and Data Protection in a Consumer Digital World |
Rafal Los |
15/12/08 |
This paper, written by Rafal Los, focuses on the 5 main reasons why information security departments have failed, and will continue to fail to deliver the promise of 'being secure'. |
No votes |
|
Understanding USB Flash Drives as Portable Infrastructure |
Ray Chance |
21/01/05 |
The purpose of this white paper is to briefly discuss seven important topics everyone in business needs to know about USB flash drives. More importantly, this white paper is meant to challenge current business thinking that treats small portable devices as big security problems disguised as toys or high-tech gadgets. USB flash drives provide many valuable and productive functions in business. Managers need to look beyond short term concerns, rollup their sleeves, and make USB flash drives apart of their IT landscape. Just like wireless networking, managers must consider USB flash drives as the driving force behind a new, portable infrastructure
|
8 |
|
The Catalyst For Portable Storage Computing: RAPID APPLICATION DEVELOPMENT |
Ray Chance |
24/02/05 |
A technical white paper that covers the technical challenges and opportunities, File Security (SDK and COM), and authentication surrounding USB Flash devices. |
No votes |
|
Ethical Hacking: RATIONALE FOR HACKING |
Regina D. Hartley, Ph.D. |
16/12/05 |
Regina Hartley presents this study on the history of hacking, investigation into present day issues and concerns, and topics such as cyber terrorism, identity theft, and economical considerations. |
9 |
|
Ethical Hacking: Teaching Students to Hack |
Regina D. Hartley, Ph.D. |
11/05/06 |
Regina Hartley, Ph.D. writes this paper on the ideal Ethical Hacking course and its importance today. |
6 |
|
Protecting your Home Computer from Internet Threats |
Rick Wanner |
29/11/05 |
Rick Wanner explains how to secure your home computer in a few easy steps. Written with the novice in mind. |
9 |
|
Payment Card Industry Data Security Standard (PCIDSS) Compliance Implementation in Higher Education Network Enviroments |
Robert Humphrey |
13/12/05 |
Robert Humphrey discusses an overview of the PCI model, how it relates to Universities and other education facilities, and integration considerations. |
10 |
|
Two-Factor Authentication |
Roger Elrod |
01/08/05 |
Roger Elrod contirbutes this paper on two-factor authentication, the different types, and why its important to todays businesses. |
9 |
|
Information Security for Small Businesses |
Rusty Morgan |
19/12/05 |
This contribution by Rusty Morgan, discusses the risks and threats as well as solutions that small businesses need to consider. |
8 |
|
Social Engineering Defense for Small Businesses |
Rusty Morgan |
29/07/06 |
This contribution from Rusty Morgan, takes a close look at social engineering attacks, examines why they are succesful and steps one can take to protect themselves from it. |
No votes |
|
Zfone: A New Approach for Securing VoIP Communication |
Samuel Sotillo |
20/06/06 |
This contribution by Samuel Sotillo is a survey on VoIP security with a focus on Phil Zimmermann's new ZRTP protocol and Zfone application. |
9 |
|
Smart Surveillance |
Scott Tate |
17/04/07 |
Scott Tate submits this paper on the history and introduction of video surveillance, touching on how some are using the technology. |
7 |
|
Authentication Methods for Banking |
Seth Thigpen |
08/08/05 |
Seth Thigpen submits this paper on authentication, which discusses authentication, authorization, and accounting, focused on the banking industry, but applicable to all companies. |
10 |
|
Linux in the Medical SOHO |
Steven Marcus |
24/08/05 |
Steven Marcus presents this paper on the values and benefits of Linux to smaller medical facilities. |
No votes |
|
Internet Security Needs |
Ted Demopoulos |
15/12/04 |
Here is a 'rant' by Ted on the frequency and types of computer attacks he receives daily. Ted offers his view on how to minimize them. |
7 |
|
Worst Practices in Developing Secure Software |
Ted Demopoulos |
26/03/05 |
Another contribution by Ted Demopoulos that covers developing secure software with consideration for development timelines, security testing, and cryptography. |
8 |
|
Social Engineering - Can Organizations Win the Battle |
Terry Turner |
29/07/05 |
An overview on Social Engineering and how it is used today; contributed by Terry Turner. |
10 |
|
Allowing Linux to Authenticate to a Windows 2003 AD Domain |
Tom Munn |
21/08/06 |
This paper, written by Tom Munn, will explore using one of several different ways that you can integrate your LINUX boxes to your windows AD forest. |
9 |
|
End-user Device Security |
Tom Olzak |
17/01/06 |
Tom Olzak submits this paper exploring many of the potential threats, vulnerabilities, and safeguards surrounding end-user computing. |
No votes |
|
Strengthen Security with an Effective Security Awareness Program |
Tom Olzak |
10/04/06 |
In this paper, Tom Olzak defines security awareness, list the objectives of an effective awareness program, and steps through a process to build, implement, and manage on-going support of the program. |
9 |
|
Desktop Application Virtualization and Application Streaming: Function and Security Benefits |
Tom Olzak |
30/08/07 |
In this paper, Tom Olzak examines the challenges facing managers as they attempt to provide secure, continuous processing capabilities on their endpoint devices, specifically fat clients, as well as a history to modern day review. |
No votes |
|
A Practical Approach to Managing Information System Risk |
Tom Olzak |
10/02/08 |
The purpose of this paper, written by Tom Olzak, is to provide security managers with a working understanding of risk management as it applies to information systems. |
10 |
|
ISMS Implementation Guide |
Vinod Kumar |
24/07/06 |
This contribution by Vinod Kumar can serve as a guideline for the implementation of ISMS practices using BS7799 / ISO 27001 standards. |
8 |
|
Return On Security Investment (ROSI): A Practical Quantitative Model |
Wes Sonnenreich |
15/03/05 |
This article addresses why organizations need practical security benchmarking tools in order
to plan effective security strategies and explores techniques that can be used to measure
security within an organization. In addition, it proposes a benchmarking methodology that produces results that are of strategic importance to both decision makers and technology implementers. |
7 |
|
|
