http://www.brighthub.com/computing/enterprise-security.aspxenhttp://www.brighthub.com/computing/enterprise-security/articles/13751.aspxSat, 17 Oct 2009 18:59:50 GMTb133e95a-c263-4882-8f2a-b24547eff78e:13751SteveMallardNeed to check your online databases for vulnerabilities? HP offers a free tool to check your website for SQL Injection vulnerabilities. HP Scrawlr crawls your website looking for exploits and flaws in your code. This software is free and easy to use. Introduction SQL databases are the world’s fastest database. With SQL millions of transactions ...http://www.brighthub.com/computing/enterprise-security/articles/14989.aspxSat, 17 Oct 2009 18:59:38 GMTb133e95a-c263-4882-8f2a-b24547eff78e:14989SteveMallardSecurity Analyst often aren't trained in the dangers of file streaming through NTFS's Alternate Data Streams. This tutorial teaches you how to create and detect it. Files can be hidden within files. These files can hide porn, company secrets or may contain information on terrorism. File Streaming Alternate Data Streams with the NTFS file sy...http://www.brighthub.com/computing/enterprise-security/articles/5299.aspxSat, 17 Oct 2009 18:59:12 GMTb133e95a-c263-4882-8f2a-b24547eff78e:5299SteveMallardWhat motivates hackers to do what they do? How do they do what they do? And what is Leet Speak? Who are the people who break into, modify or steal data. Read this article for a look into the inner workings of a hacker's mind. Hackers Brighthub is the gathering of professionals. 8RIghthu8 i5 +H3 G4th3RINg OF pROF3$51oN@l5. (Leet – a ...http://www.brighthub.com/computing/enterprise-security/articles/5510.aspxSat, 17 Oct 2009 18:58:59 GMTb133e95a-c263-4882-8f2a-b24547eff78e:5510SteveMallardWhat is 8570.1 Compliance? 8570.1 provides guidance and procedures for the training, certification, and management of the Department of Defense contractors and workforce who work in Information Assurance and Information Technology. This line of security is important for contractors of the DoD. 8570.1 The Importance of 8570.1 Compliance 8570.1 p...http://www.brighthub.com/computing/enterprise-security/articles/7562.aspxTue, 06 Oct 2009 18:51:32 GMTb133e95a-c263-4882-8f2a-b24547eff78e:7562tomolzakSometimes a script or other application providing automatic management oversight over end-user devices or servers needs session and logon data. Two free utilities provide the functionality necessary to achieve these outcomes in a Microsoft Windows environment. Overview Occasionally, security and network administrators need information about who is ...http://www.brighthub.com/computing/enterprise-security/articles/3098.aspxMon, 21 Sep 2009 17:57:41 GMTb133e95a-c263-4882-8f2a-b24547eff78e:3098tomolzakIn this series of articles, we examine how to prepare for and manage data loss incidents in a way that minimizes financial business impact or harm to customers or employees. In Part 1, we begin with an overview of the process and a look at the first steps of the process. Why Security Incident Management Is Necessary Once a security incident occurs,...http://www.brighthub.com/computing/enterprise-security/articles/7732.aspxThu, 17 Sep 2009 15:28:51 GMTb133e95a-c263-4882-8f2a-b24547eff78e:7732ashwinsatyanarayanaDid you ever send a secret message to someone? Maybe you never felt the need to, but in most cases - all the way from ancient days of Greece to the present and beyond - encryption has always been around. So how does it work? What does it do? Why is encryption mentioned so important? Encrypting and Decrypting Messages Julius Ceaser, ...http://www.brighthub.com/computing/enterprise-security/articles/3105.aspxMon, 31 Aug 2009 05:30:39 GMTb133e95a-c263-4882-8f2a-b24547eff78e:3105tomolzakThis is the final article in the series on data security incident management. This focuses on how to manage data security systems and the causes and effects of data systems or network system failures in a company. Reviewing Data Security Management and How to Improve Overall Data Security The activities related to this step take place after all oth...http://www.brighthub.com/computing/enterprise-security/articles/3104.aspxFri, 28 Aug 2009 03:37:23 GMTb133e95a-c263-4882-8f2a-b24547eff78e:3104tomolzakIn this article, we continue the series on data security incident management with an examination of what happens after a software or human security threat is identified and contained: eliminate the data security threat and restore data and network services. Eliminating Possible Data Security Threats and Attacks It’s nearly impossible to define ...http://www.brighthub.com/computing/enterprise-security/articles/3101.aspxThu, 27 Aug 2009 22:25:04 GMTb133e95a-c263-4882-8f2a-b24547eff78e:3101tomolzakIn the previous articles in this series, we looked at preparing for incidents and how to detect and analyze them when they happen. In this article, we examine how to contain a network security threat agent, minimizing the impact to a business. Minimizing Data Security Threats Once you understand the nature of the security threat on your enterprise,...http://www.brighthub.com/computing/enterprise-security/articles/3099.aspxThu, 27 Aug 2009 21:49:15 GMTb133e95a-c263-4882-8f2a-b24547eff78e:3099tomolzakIn Part 1 we defined data incident management and examined how to prepare for incidents when they occur. In this article, we continue the series by examining how to prevent data loss and network outages. The methods of detecting, analyzing, and reporting data issues to recovery teams are explained. Types of Data and Network Security Controls Detect...http://www.brighthub.com/computing/enterprise-security/articles/12141.aspxWed, 26 Aug 2009 21:31:31 GMTb133e95a-c263-4882-8f2a-b24547eff78e:12141tomolzakPsInfo is a free, downloadable utiliy which enables both local and remote Windows platform configuration retrieval. The Challenge Both system administrators and security analysts frequently need information about Microsoft Windows patch levels, applications installed, and drivers used. It isn’t always easy to obtain this and other information. Eith...http://www.brighthub.com/computing/enterprise-security/articles/9805.aspxWed, 26 Aug 2009 21:31:01 GMTb133e95a-c263-4882-8f2a-b24547eff78e:9805tomolzakPSExec is a free Sysinternals utility. With it, system administrators can manage remote desktops via scripts or command line. Security analysts can use it to test system vulnerabilities. The Challenge System administrators and help desk personnel often need access to perform a quick lookup on a remote system. They might also want to check system st...http://www.brighthub.com/computing/enterprise-security/articles/11257.aspxWed, 26 Aug 2009 21:30:46 GMTb133e95a-c263-4882-8f2a-b24547eff78e:11257tomolzakPsLogList is a free Sysinternals (Microsoft) download which allows security and system administrators access to local and remote system application, security, and system log entries. It's also a great forensics tool. The Challenge Microsoft Windows platforms can generate a large number of Event Log entries, spanning application, securit...http://www.brighthub.com/computing/enterprise-security/articles/6752.aspxWed, 26 Aug 2009 21:30:28 GMTb133e95a-c263-4882-8f2a-b24547eff78e:6752tomolzakMany organizations need shared workstations, kiosks providing general information to most or all its employees. The challenge is getting a network-connected computer to access resources without giving every employee a network login. Auto-logon can help. The Challenge Delivering information to employees using computers for day-to-day tasks is easy. ...http://www.brighthub.com/computing/enterprise-security/articles/7991.aspxWed, 26 Aug 2009 21:30:14 GMTb133e95a-c263-4882-8f2a-b24547eff78e:7991tomolzakOver time, all Windows-based computers accumulate services, drivers, and other applications that load at boot up or on logon. Some just slow down the system while others might perform more insidious tasks. Understanding what exists, what's new, and what should go is often tedious. Enter Autoruns. The Challenge Normal use of systems on which use...http://www.brighthub.com/computing/enterprise-security/articles/13389.aspxWed, 26 Aug 2009 21:28:33 GMTb133e95a-c263-4882-8f2a-b24547eff78e:13389tomolzakKnowing the system files and other application components on your computer are genuine is an important part of troubleshooting anomalous behavior or cleaning critical systems. It can also come in handy when determining who to blame when your computer frequently displays the BSOD. The Challenge System admnistrators and security analysts often need t...http://www.brighthub.com/computing/enterprise-security/articles/5784.aspxWed, 26 Aug 2009 21:28:13 GMTb133e95a-c263-4882-8f2a-b24547eff78e:5784tomolzakAccessChk is a free utility, which allows you to quickly assess access to folders, files, processes, or services on Windows workstations or servers. The Challenge System administrators and security professionals usually know what to do to ensure trustworthy processing environments. After all, there are plenty of blogs, articles, books, etc. on the ...http://www.brighthub.com/computing/enterprise-security/articles/5613.aspxMon, 24 Aug 2009 21:09:19 GMTb133e95a-c263-4882-8f2a-b24547eff78e:5613SteveMallardThis article looks at information security standards for enterprise-level businesses and data protection and privacy as well as the certification process. Security Standards for Your Company ISO 27001 AND 27002- Information Security Standards ISO 2700x series is the control and certification for information security in the enterprise. Companies nee...http://www.brighthub.com/computing/enterprise-security/articles/9584.aspxWed, 29 Jul 2009 16:56:36 GMTb133e95a-c263-4882-8f2a-b24547eff78e:9584tomolzakMicrosoft's task manager is fine for high-level looks at running processes. However, we often require a deeper look into process resource use, dependencies, registry entries, executable paths, etc. Process Explorer, a free Sysinternals download, provides these views, and more. The Challenge Today's Microsoft Windows-based systems are relatively...