Anyone with experience with Single Sign on? Am curious to hear your thoughts on this....

Is anyone aware of any freely available Security Awareness type content out on the net?...

Hi, Business Continuity is very important for any financial organization. As a part of Business Impact Analysis, one need to identify the Mission Critical Functions / Activities as a first step. My query is what is the PROCESS to do this? In my BCM projects, I have consulted with my...

An Infosecurity Adviser expert recently commented: ‘Trust is not a control. Almost every recent security breach has been as a result of people doing things that they shouldn’t have, or which were just plain stupid – with disastrous consequences for their organisation and its reputation. Control is the only answer,...

The results of a recent Infosecurity Europe Mini Poll show that 76% of those who voted felt that collaboration is a top priority for 2009 but that security remains an issue. Would love to hear from any body who agrees or disagrees with the results......

Professor Howard Schmidt, President of the Information Security Forum (ISF) warned in an ISF conference that we shouldn't let the credit crunch compromise security, stressing that organisations should strengthen security rather than reduce it in today's economic climate: "We need to be more vigilant than ever to avoid exposure...

hi i finished a degree a while ago and now in the world of work how ever i now want to go-in in to penetration testing "ethical hacking" i have found all sorts of info on the subject and even enrolled in a MSc but withdrew because it was teaching...

A recent Infosecurity Adviser mini-poll asked: Will ISPs having to store details of every email sent via their systems for at least 12 months help to tackle the online crime problem? Your votes were counted and the results were as follows: Yes = 24% of the votes, No = 76%...

"It may make financial sense to consolidate a processor-intensive application onto the same physical host as another that is network-intensive to better balance the use of available resources. However, such an approach may result in virtual servers running highly sensitive core business applications sitting alongside those running publicly accessible applications...

Can anyone advise how an experienced security and networking professiona with up to date CISSP and CCNA certifications who has been out of work for almost 1 yr get back into employment?...

(IN)SECURE Magazine is a free digital security magazine discussing some of the hottest information security topics. Issue 20 has just been released. Download it from:http://www.insecuremag.com The covered topics include: Improving network discovery mechanisms Building a bootable BackTrack 4 thumb drive with persistent changes and Nessus Review: SanDisk Cruzer Enterprise...

There is no silver bullet for good information security, it involves a mix of good practice and education alongside technology to help control and limit end-user behaviour. The technology available includes end point security, content-filtering and data loss prevention tools that needs to be deployed in different parts of the...

The Infosecurity Adviser team will be at Infosecurity Europe at Earls Court in April and have the unique opportunity to pose your questions to the keynote speakers. Post your questions here by replying to this this thread, letting us know which speaker you'd like to address, and we will put...

I am currently looking for UK and/or European standards for Information Systems Security / Information Assurance. Specifically, I am trying to find what would be the comparable standards to the NIST 800-53 baseline security controls we have here in the U.S. I am also interested in what would...

I love it, it says on the infosec convention webpage whats the weakest link in your buisness people or technology... I would have to go with technology... Have you taken a long hard look at your hosting providers server lately? Microsoft IIS 6.0 -- Whats the weakest link... You are!...

For those who wants to get Masters degree in information security, there is a very good course offered by University of East London (UEL)http://www.uel.ac.uk/programmes/cite/postgraduate/iscf.htm this programme is offered in block modes which means you dont have to attend university every week, each module is taught in 1 week and 4...

Ritech International is the leader and pioneered the first USB storage solution coupled with Hardware AES Encryption with Biometric Fingerprint Protection.Their latest product called the ´Bioslimdisk Signature´ offers unique features that protects critical data such as: Dual Fingerprint Authentication Self Destruct Hardware Crypto-Engine AES-128bit Embedded Read/Write Protection Dual fingerprint...

Am currently at Infosecurity Europe show and there is a really buzzy atmosphere - Just managed to see the David Blunkett session first thing although a few of my colleagues didn't make it in and had to watch the live streaming instead. Shame that the seminar theatres aren't bigger as...

I just want to know more abt this forum...

We're just working on content and ideas for the 2010 show, and are interested to hear what you think your top information security issues will be in the coming year and for 2010. Any thoughts much appreciated. Kind regards, The Infosecurity Europe Team....

Can any one tell me that is sql server database is prone to viruses....

Hi, I am looking for some unclassified Security Operating Procedure examples or templates but so far have had mixed results in researching via the Internet. I am looking for something that is fairly straightforward. Thanks in advance. Artee...

Hi, I need an attack scenario alerts database for using in a project about "alert correlation" can someone help me ?...

Hi I am infosec beginner. I am confused many different but maybe close segmentation of Infosec technology. If someone helps me understand how 1) NAC(Network access control), 2) SIEM (Security information and event management), 3) IAM (Identity and access management), 4) endpoint security, 5) DLP(data loss prevention) should be positioned...

I am thinking of having a career change and go into Information Security, since this subject has always fascinated me. However, I only have limited amount of information (data) knowledge of computers, although I use a computer in my office to do day to day tasks, and I...

I am postgraduate student of University of East London and this survey is related to the security of the web based applications. I am writing a report about the vulnerabilities and attack methods on web based applications and awareness of security in web developers, I require some input from members...

hello Does anyone know where can i get some sample web application security policies(policy for web application developers), not the information security policy. I am unable to find it on the net. Thanks Irfan...

Peter Bassill, CISO, Coral Gala Group is an expert in the field of Data Security. We posed three data security-related questions to him and will be posting his answers here in the Infosecurity Adviser forum,in the coming weeks. Question 1: The company auditors are recommending the use of a data...

Peter Wood, Chief of Operations, First Base Technologies is an expert in the field of Mobile and Wireless Security. We posed three frequently asked questions to him and will be posting his answers here in the forum in the coming weeks. Question 1: Our company has about 60...

Ram Herkanaidu, Security Researcher, Kaspersky Labs is an expert in the field of Network Security. We posed three frequently asked questions to him and will be posting his answers in the Infosecurity Adviser forum in the coming weeks. Question 1: Owing to mergers and acquisitions, our group now consists of...

Mike Barwise, Managing Director, Integrated Infosec is an expert in the field of Web Application Security. We posed three frequently asked questions to him and will be posting his answers in the Infosecurity Adviser forum in the coming weeks. Question 1: Our firm is developing a Web 2.0-driven...

With nearly all organisations implementing austerity measures against the worst the global recession has to offer, a surprisingly common area to freeze is IT security budgets - in some dire scenarios even making cuts. This inevitably leads to the question that I now get asked on a nearly daily...

Hacker Halted Conference-2010 Schedule: Hacker Halted Conference-2010, October 9-15th 2010, Miami Florida. Hacker Halted is the premier information security conference of its kind in the world. Hacker Halted has one simple purpose, to address the threat of black hat hacking by equipping the white hats with the hacking techniques, tools and social engineering...