Senior News Writer Bill Brenner interviews Billy Hoffman, a researcher with SPI Dynamics about Ajax application threats and previews Hoffmans Black Hat presentation.
Chris Haddad, director of technical architecture at the Burton Group lays out some of the serious threats facing Web services and service oriented architecture development. Also, a review of the week’s news.
Amichai Shulman from Imperva describes a flaw his organization discovered in the Oracle E-Business Suite. The flaw was patched Tuesday as part of Oracle’s July 2007 CPU. Also, a summary of this week’s top IT security news.
Information Security magazine editors Neil Roiter and Michael Mimoso discuss Google’s foray into the security market and whether companies should turn to database encryption to meet the PCI Data Security Standard in the wake of the TJX data security breach. Also the editors discuss whether the “month of” security flaw Web sites are helpful in securing software or just shameless publicity by security researchers. And finally, SearchSecurity.com News Writer Bill Brenner provides analysis from the Gartner IT Security Summit in Washington. (Runtime: 23:51)
Security researchers Tom Cross and David Dewey of IBM’s Internet Security Systems X-Force research team discuss their team’s discovery of the Microsoft Active Directory flaw and Microsoft’s latest round of patches. Plus, a summary of the week’s IT security news.
SearchSecurity.com reports from the Burton Group Catalyst Conference in San Francisco. Diana Kelley, vice president and service director at the Burton Group, explains the scope of a PCI audit and how some auditors are pitching products and services. Dan Jones, director of IT at the University of Colorado, explains his school’s ongoing PCI compliance initiatives.
SearchSecurity.com reports from the Burton Group Catalyst Conference in San Francisco. Burton Group vice president Phil Schacter sums up the day’s sessions on open and secure network architectures. Conference attendees talk about their security concerns including identity management and risk assessments.
Cisco executives discuss the acquisition of security vendor IronPort, plus a look at how one IT shop moved into the Vista fast lane despite compatibility problems.
This week, former Microsoft CISO Karen Worstell talks about the current state of security. Also, more consolidation in the security market with HP acquiring SPI Dynamics and PatchLink merging with SecureWave.
Eric Schultze, chief security architect of Shavlik Technologies helps prioritize Microsoft’s Patch Tuesday Bulletins. Jack Danahy, chief technology officer and founder of Ounce Labs discusses Microsoft’s proactive security posture and how it has affected security in the software development lifecycle. Also, a summary of this week’s news.