April 2008 19 4 Issue of SCMagazine

April 2008 19 4 Issue of SCMagazine

SC Magazine April 2008


When the auditors come around

Compliance seemed the dominating topic at this year's recent Infosec WorldConference & Expo in Florida.


Avoid breaking the bank

With no foreseeable end to IT security risks, security programs should always remain top priorities.

The evolved help desk

The help desk is often seen as the face of the IT organization, so any drop in credibility can bring negative consequences to IT's future, ...


The next generation

AIG's CSO Paul DeGraaff says security professionals must gauge the risks of a younger workforce, Dan Kaplan.reports.

Retail & IT Security

In this special section, we look at IT security implementations at several retail locations and investigate which solutions are effective for retail chains.

Fall in line

Retailers are having a tough time coming into compliance with PCI DSS, but there are solutions out there, reports Deb Radcliff.

Ski patrol: Boyne Resorts and Kaspersky Lab

Boyne Resorts needed an easier way to protect its network and retail points-of-sale. It found a solution, reports Greg Masters.

Worth the upgrade

The TJX data breach has made wireless encryption a priority for retailers and other enterprises. Frank Washkuch Jr. finds out why.

Product Reviews

Threats and vulnerabilities

This month we are addressing application vulnerabilities and web-based threats.

Application Security, Inc.'s DbProtect 2007

The product consists of a network-based database vulnerability assessment component, a database monitoring component and a central management console.

Fortify Source Code Analysis Suite 4.5

Fortify Source Code Analysis Suite 4.5 is a suite of components used to perform static source code analysis.Strengths Powerful analysis of source code. Solid documentation ...

HP WebInspect 7.7

HP WebInspect 7.7 (SPI Dynamics is now part of HP Software) is a standalone web application testing product.

IBM's Rational AppScan 7.7

IBM's Rational AppScan 7.7 (Watchfire is now an IBM company) is a standalone web application assessment product that is part of IBM's Rational software group.

Ounce Labs 5.0

Ounce Labs 5.0 is a static source code analysis solution based primarily on two separate components.

iSEC Partners Security QA Toolbar

iSEC Partners Security QA Toolbar is a browser-based add-in for Internet Explorer, and is used to perform web application vulnerability testing directly within the browser ...

Barracuda Web Filter 310

The Barracuda Web Filter 310 is a solid device with some very nice features.

Clearswift MIMEsweeper

This appliance is loaded with features beyond the usual web filter.

Cymphonix Network Composer

This product not only features URL and web filtering, but also many traffic shaping and application controls.

GFI WebMonitor WebFilter Edition

This product adds some very nice features including time-based web URL filtering and anti-phishing by blocking access to phishing sites.

IBM Proventia Web Filter

This product has many nice features from basic web URL filtering and image blocking to file type blocking and media filtering.

Pearl Echo Suite

The Pearl Echo Suite provides monitoring and control on many web-based fronts.

St. Bernard iPrism 30h

From initial setup to configuration to management this product is very easy to use.

Trend Micro InterScan Web Security Suite

This suite scans protocols such as HTTP and FTP, as well as web-based email.

Websense Express

Websense Express focuses in on three distinct areas of web content management.

8e6 Technologies Professional Edition

This web content management package offers high flexibility for the large enterprise.

Cenzic Hailstorm Enterprise ARC 5.5

Cenzic Hailstorm Enterprise ARC 5.5 is a centrally managed web application assessment product.

Last Word

Valid operator's permit required

Computer users could use the help of security professionals, says Michael Seese.


Sign up to our newsletters