IT Security

Security bloggers help keep you up to date on how to protect your network through news, updates, advice, and opinions on how you can stay ahead of hackers.

  • Tom Olzak // May 30, 2010, 10:00 PM PST

    Make audits mean something with integration into technical architectures

    Integrating audit into technical architectures ensures key controls actually mean something. Instead of arbitrary adherence to some standard of practice, they reflect the needs of the business.


  • Chad Perrin // May 28, 2010, 3:32 AM PST

    Google Book Search and our privacy

    The Electronic Frontier Foundation has highlighted some privacy concerns associated with Google's Book Search service. It has also provided a quick and easy way to let Google's CEO know how we feel about those concerns.


  • Chad Perrin // May 31, 2010, 10:00 PM PST

    Microsoft Windows activation work-around

    Almost anything is hackable, given enough effort. Working around Microsoft Windows Genuine Advantage is somewhat easier than you might expect, however.


  • Chad Perrin // April 26, 2010, 11:00 PM PST

    10 security books for the future

    An ever-evolving list of books "to be read" is a constant temptation. Chad Perrin hopes his top 10 list of security books he wants to acquire might tempt some of his readers, too.


  • Michael Kassner // May 31, 2010, 10:25 PM PST

    Google Chrome: The new breed of Web browser

    The Chrome development team focused on three things; stability, speed, and security. Chrome is stable and fast, but how do we know if it's secure?


  • Chad Perrin // June 2, 2010, 10:00 PM PST

    Google offers encrypted sessions for Web search

    Google provides a small benefit for users who value their privacy: encrypted Web searches. Here's what you should know about the limitations of SSL encryption.


  • Chad Perrin // June 1, 2010, 3:01 AM PST

    Corporate ethics versus security ethics

    There are direct conflicts of interest between a technology corporation's responsibility to its shareholders and the ethical responsibility to its customers' security. Ignore them at your peril.


  • Michael Kassner // June 3, 2010, 5:49 AM PST

    Google Search over SSL has an oops

    Google now provides SSL encryption capabilities for their search function. But, there is a problem that you need to be aware of.


  • Mike Mullins // February 7, 2008, 12:50 AM PST

    Pop-up windows: Know the difference between the good, the bad, and the annoying

    Pop-up windows can often be a pain, but they sometimes indicate a more serious problem. Find out how to differentiate between a pop-up that's just wasting your time and one that might be trying to tell you something.


  • David Davis // February 7, 2008, 4:42 AM PST

    Protect your network with the Cisco IOS Firewall

    Why buy another expensive device if your router can also provide firewall functionality? Any "Firewall Feature Set" version of the Cisco IOS contains the IOS Firewall, a built-in firewall inside the Cisco router. Find out what the IOS Firewall can do, and learn how to configure it.


  • Chad Perrin // February 8, 2008, 4:28 AM PST

    Five must-have security resources


  • Paul Mah // February 10, 2008, 3:59 PM PST

    Security news roundup: February 10

    Here’s a collection of recent security vulnerabilities and alerts, which covers a vulnerability in the multiuser version of the popular WordPress, a new release of the Windows client for Skype which fixes several vulnerabilities, critical vulnerabilities found in Sun's Java Runtime Environment, a memory corruption vulnerability found in IBM's DB2 Universal Database Administration Server, a slew of vulnerabilities resolved in SuSE and Microsof's upcoming Patch Tuesday for the month of February.


  • Paul Mah // November 30, 2007, 3:59 PM PST

    Security news roundup: November 30

    Here's a collection of recent security vulnerabilities and alerts, which covers a new QuickTime bug that affects both XP and Vista, a new release of FireFox, security updates for FreeBSD, the release of Microsoft Exchange SP1, the official acknowledgement by Cisco of flaws in its VoIP phones, new versions of Asterisk that fixes two SQL injection vulnerabilities, the cracking of Microsoft's encryption for its wireless keyboards, and vulnerability found on IBM's Lotus Notes product.


  • Mike Mullins // January 31, 2008, 3:42 AM PST

    Establish a strategy for security breach notification

    Even if your organization takes every possible precaution to protect its data, a security breach is often inevitable. What do you do if it happens? Here are some pointers for notifying those affected.