Security researcher Gunter Ollmann of Damballa discusses the scourge of dangerous enterprise botnets and why the only method to eradicate them is by a method he calls “nuke and pave.”
Richard Jacobs, chief technology officer of Sophos on encryption for compliance, DLP and the case for involving end users in security decisions.
People Security founder Hugh Thompson reviews the tools and tactics, from routine assessments to Web application firewalls, that are essential to an application security strategy,
Jim Jaeger, a retired Air Force brigadier general who heads the digital forensics operation at defense industry giant General Dynamics, explains best practices around data breach response and digital forensics.
SearchSecurity editors discuss Internet privacy issues, the Apache disclosure, VMworld and Apple security.
Experts discuss the findings of the SANS Institute 2009 Top Cyber Risks Report. The SANS report, The Top Cyber Security Risks found that IT security professionals are failing to adequately address client-side application flaws and website vulnerabilities. Meanwhile, cybercriminals are using spear phishing attacks and automated SQL injection attacks to infect employee machines and ultimately gain access to company networks.
Security experts and officials involved in DNSSEC implementations share their successes and the challenges they face.
Program notes: DNSSEC deployments gain momentum since Kaminsky DNS bug
Eric Ogren of The Ogren Group talks about the focus on security fundamentals and some virtualization technologies that increase security including virtual desktops. Ogren is attending VMworld this week in San Francisco.
SearchSecurity.com’s Carolyn Gibney interviews David Foote of Foote Partners on his latest skills and certification data. Foote says there’s reason for those in the security industry to be optimistic.