Call for papers
SecurityFocus ( www.securityfocus.com ) is currently accepting submissions for new Infocus articles. We would like to extend an invitation to security researchers, authors and academics for submissions on topics of interest to the security community. Submissions should include a short summary along with the author's name, email address and contact information. All submissions should be in MS Word format and should be sent to: firstname.lastname@example.org
How ITIL Can Improve Information Security
This article provides an overview of ITIL, a management-level set of best practices and guidelines for an integrated and process-based approach to IT and security.
Trends in Web Application Security
This article discusses current trends in penetration testing for web application security, and in particular discusses a framework for selecting the best tool or tools to use for this increasingly common type of application.
Examining a Public Exploit, Part 2
The purpose of this article is to analyze a public exploit in a lab environment, see the alerts generated by an intrusion detection system, and then do some packet analysis of the malicious binary in order to better understand what it does and how you may have been compromised. Part 2 of 2.
Valuing Secure Access to Personal Information
This article seeks to answer the question: is your personal data safe? Or do you give it away during almost every transaction you make with government or commercial entities?
Examining a Public Exploit, Part 1
The purpose of this article is to analyze a public exploit in a lab environment, see the alerts generated by an intrusion detection system, and then do some packet analysis of the malicious binary in order to better understand it.
TCP/IP Skills for Security Analysts (Part 2)
This article series guides users new to the security field through some of the key skills required to work as a security analyst. Part two puts the skills into context by simulating a "day in the life" of a network security analyst, using an example of what steps to take when new exploit code appears.
H.323 Mediated Voice over IP: Protocols, Vulnerabilities & Remediation
This paper provides an overview of the H.323 (VoIP) protocol suite, its known vulnerabilities, and then suggests twenty rules for securing an H.323-based network.
Protecting Road Warriors: Managing Security for Mobile Users (Part Two)
This is the second of a two-part series that focuses on the centralized management of security for mobile users. Part two completes the discussion by presenting additional layers of defence to help protect valuable, mobile data.
TCP/IP Skills Required for Security Analysts
This article guides users new to the security field through some of the key skills required to work as a security analyst. The focus is on core TCP/IP competency and related technologies such as intrusion detection systems, firewalls and routers.
Protecting Road Warriors: Managing Security for Mobile Users (Part One)
This is the first of a two-part series that focuses on the centralized management of security for mobile users. Part one introduces vendor-neutral questions you should consider about firewalls and anti-virus software for your mobile users.