Security News and Security Product Reviews

Mobile Version Subscribe Contact Us About Us Advertising Editorial SC UK SC Aus/NZ

RSS | Login | Register

Latest Product Reviews

Penetration testing: Core Security

I just love these folks. Take the best open source pen testing tool you can think of, put it on steroids, give it a user interface that makes it simple and fast to pen test in a production environment without losing the granularity of manual testing if you need it, and you have Core Impact. Well, almost. Every year I say that I am going to find a better tool, and I actually do comb the market -- unsuccessfully.

UTM: Global DataGuard

Sometimes a different approach is needed. The notion of the UTM was developed from the need to consolidate point solutions. There are a lot of problems, of course. They cost more to buy and manage, they use more power and they need a sophisticated staff to manage them.

Latest News

Light patch load to start year from Microsoft

Dan Kaplan January 08, 2009

After a December whopper, Microsoft plans to release one patch next week.

TJX hacker gets 30-year prison sentence

Angela Moscaritolo January 08, 2009

A Ukrainian man, one of the orchestrator's of the monster TJX breach, has been sentenced in Turkey.

Vulnerability fixed in OpenSSL

Angela Moscaritolo January 08, 2009

Several functions in recent versions of OpenSSL do not check signatures correctly, which could enable a remote attacker to launch spoofing attacks.

Congressman seeks discussion on House cybersecurity

Dan Kaplan January 07, 2009

One of the congressmen who admitted last year that his office computers were hacked wants to raise cybersecurity awareness on Capitol Hill.

Fake Beyonce, Victoria Beckham LinkedIn pages carry malware

Angela Moscaritolo January 07, 2009

The tactics used to spread the malware are similar, but the platform is new, said one threat researcher.

Data breaches rose dramatically during 2008

Chuck Miller January 06, 2009

Breaches continue to plague organizations, despite more widespread education on safe information handling, as well as new laws and regulations, according to a nonprofit.

Analyst firm expects security budgets to rise in 2009

CA makes DLP play with acquisition of Orchestria

Web defacements escalate as Israel moves farther into Gaza

VeriSign switches to new hash function to secure SSL certs

Phishing scam hits Twitter

Muslim hackers attack Israeli websites as Gaza strikes continue

Unlocking encryption—A key to data security

Duncan McPherson, CEO, Unitrends January 07, 2009

Encryption functionality can be easily integrated into an organization's backup processes, protecting all data on the company's servers and backup devices, and all data taken off site for archiving.

How new access control technologies can address insider threats

Rich Campagna, Juniper Networks January 06, 2009

Open networks and fast-moving data allow errors and malfeasance by network insiders to create significant financial, public-relations and regulatory risks.

Implementing PCI-DSS: The top five issues to consider

John Linkous, IT governance, risk and compliance evangelist, eIQnetworks December 22, 2008

While it's true that the PCI standards are rigorous mandates, implementing, maintaining and achieving PCI compliance is not really rocket science.

In cybersecurity, who is the weakest link?

Michael Callahan, VP global marketing, Credant December 19, 2008

Human error is the primary cause of information technology security breaches because, too often, individuals are given the option to bypass security processes.

The five myths of two-factor authentication

Kerry Loftus, vice president, Consumer Authentication Solutions, VeriSign December 15, 2008

Strong authentication has improved dramatically since its earliest days. And now more than ever, that comes as good news for consumers.

Versatile authentication: The next logical step for the financial services sector

Philip Hoyer, technical architect, ActivIdentity EMEA December 04, 2008

Banks must encourage customers to use online facilities and to protect existing internet customers from fraud.

Case study: Irish Life manages identity and access challenges

The promise of homeland security

Economic crisis reveals regulatory opportunities

Financial industry "fire sale" economy: Protecting data during M&A

Hot or not: Software update vulnerabilities

Hacking -- The corporate cover-up

2009 SC Awards U.S. Dinner and Presentation

Tuesday, April 21, 2009 at the Hilton San Francisco

CLICK HERE TO RESERVE YOUR TABLE TODAY!

Featured 2008 SC Awards Winners

2008 Best Professional Training Program

The Best Professional Training Program Award was won by Symantec for Symantec Security Awareness Program.

2008 CSO of the Year

The CSO of the Year award was won by Dan Lohrmann, CISO, State of Michigan.

2008 Best Identity Management Solution

The Best Identity Management Solution was won by Barracuda Networks for Barracuda IM Firewall.

2008 Best Audit/Vulnerability Assessment Solution

The Best Audit/Vulnerability Assessment Solution award was won by Qualys for QualysGuard.

The SC Podcast

Join us on FaceBook!

Click here for the latest issue »

2009 SC AWARDS U.S.

2009 SC AWARDS U.S.
DINNER AND PRESENTATION

CLICK HERE TO REGISTER TODAY AND SAVE OVER $700

EARLY BIRD SPECIAL:
20 percent off tickets to the 2009 SC Awards Dinner and Presentation*
(*Offer expires January 16, 2009)

The winners of the 2009 SC Awards U.S. will be announced on Tuesday, April 21, 2009, at the SC Awards Dinner & Presentation in San Francisco.

Web Exclusive:
The Best of 2008

Our special section features the best of 2008. Click here to download a PDF of those products that received Best Buy, Recommended or SC Magazine Lab Approved designations over the past 11 months.

SC World Congress

Thank You!
We would like to thank all the people involved with our first SC World Congress. Thank you to the sponsors, exhibitors, delegates and attendees for being part of a tremendous inaugural event. Click here for highlights from the SC World Congress 2008.

From the Blogs

Retail

Retail Vertical Focus
In this section, see news and feature articles from industry leaders and the SC editorial team, along with opinions covering the hot-button issues affecting the retail industry, including PCI compliance, customer data security and more.
Click here

IT security & education

IT security & education
In this special online exclusive, SC Magazine examines some of the IT security solutions being used today at institutions of higher learning.
Click here