Secure in our own words.
For those of you who would find it beneficial to dig deeper into certain issues, perhaps to discover or uncover particular areas in your organization, we're offering the following whitepapers and resources based on our experience and research. Please put to good use.
Whitepapers
It seems that IT administrators and security professionals are always receiving notification of new rules, regulations and compliance codes that fall under their purview. And just when the necessary adjustments have been made, priorities shifted and new technology purchased, the rules are changed – yet again.
The Payment Card Industry Data Security Standard (PCI DSS) is no different. The PCI DSS is a requirement of any company or organization that stores, processes, transmits or comes into contact with cardholder data as of June 30, 2005. Most companies with an e-commerce or transactional component to their model fall under this umbrella. This resource provides IT security professionals with the information needed to understand PCI compliance and specifically, one of the standard’s latest requirements, 6.6. In addition, the paper offer tips for successful PCI 6.6 compliance and highlights compliance successes from real-world companies.
Download Whitepaper
The much anticipated Breach Security Lab’s Web Hacking Incidents Database (WHID) 2008 Annual Report is ready for download. The WHID project is dedicated to maintaining a record of web application-related security incidents. The WHID’s purpose is to serve as a tool for raising awareness of web application security problems and provide information for statistical analysis of web application security incidents. This year the report findings prove that no company or market sector is immune from attack. One of the largest discoveries was that web attackers have unleashed a new type of SQL Injection attack that successfully compromised 500,000 web sites. Download this whitepaper today to learn more about the latest in web application security.
Download Whitepaper
While there are many types of attacks against your organization, none are as simple or as potentially destructive as what is known as a SQL injection. This attack is used to manipulate your organizations web applications to extract sensitive information straight out of your corporate databases and is one of the more popular attacks employed in identity theft incidents.
This whitepaper provides a step-by-step walkthrough of the attack, describing its consequences and defense strategies.
Download Whitepaper