Open Source Security

News

Google to auto probe Android Market for malware

By Liam Tung | 03 February, 2012 22:18

Google has unveiled Bouncer, its answer to the growing threat of maliciously laced software available on the Android Market.

Cnet de-trojans Nmap, but outrage continues

By Liam Tung | 08 December, 2011 08:52 | 3 Comments

Tech publisher CNet has removed the controversial proprietary installer it overlaid the penetration testing tool Nmap with, but critics are angry it is still used for "thousands" of other downloads.

WatchGuard launches iOS-friendly security appliance

By Mikael Ricknäs | 30 November, 2011 03:42

WatchGuard's latest security appliance, the XTM 330, allows business travelers from small enterprises to use their iPads or iPhones to communicate securely with the office, the vendor said on Tuesday.

Hackers launch millions of Java exploits, says Microsoft

By Gregg Keizer | 30 November, 2011 06:48

Hackers continue to launch attacks exploiting vulnerabilities in Oracle's Java software in record numbers, Microsoft said Monday.

OpenPGP JavaScript implementation allows webmail encryption

By Lucian Constantin | 22 November, 2011 03:53

Researchers from German security firm Recurity Labs have released a JavaScript implementation of the OpenPGP specification that allows users to encrypt and decrypt webmail messages.

Reviews

Review : Clearswift SECURE Web Gateway 2.5

By Matt Hackling | 20 March, 2012 13:35 | 2 Comments

We were eager for this box to arrive from Clearswift, this kind of kit gets us excited. We were expecting a hardware appliance to be shipped to us, but when opened the box, all we found was a 1RU Dell Server.

Features

5 open source security projects to watch

By Rodney Gedda | 20 January, 2011 11:23 | 1 Comment

Data security is always top of mind for CIOs and CSOs, and there is no shortage of challenges when it comes to picking the right tool for the job. With network and software vulnerabilities growing at a perpetual rate, good security software can help defend against many of the large-scale threats that occur locally and from all over the Internet. In this edition of 5 open source things to watch, we take a look at security products that will guard against threats without robbing your kitty.

Tutorials

Open source FreeOTFE encrypts disks handily

By Ian Harac | 09 March, 2011 06:09

FreeOTFE may sound like a political bumper sticker, but it stands for "Free On The Fly Encryption." The "Free" part is self-explanatory; "On The Fly Encryption" refers to the encrypting/decrypting of data as it is written to or read from your hard disk.

CSO Corporate Partners
  • Webroot
  • Trend Micro
  • NetIQ
rhs_login_lockGet exclusive access to CSO, invitation only events, reports & analysis.
CSO Directory

Deep Security - Enterprise Virtualization Security

Advanced protection for physical, virtual and cloud servers

Latest Jobs
Security Awareness Tip

Incident handling is a vast topic, but here are a few tips for you to consider in your incident response. I hope you never have to use them, but the odds are at some point you will and I hope being ready saves you pain (or your job!).


  1. Have an incident response plan.

  2. Pre-define your incident response team 

  3. Define your approach: watch and learn or contain and recover.

  4. Pre-distribute call cards.

  5. Forensic and incident response data capture.

  6. Get your users on-side.

  7. Know how to report crimes and engage law enforcement. 

  8. Practice makes perfect.

For the full breakdown on this article

Security ABC Guides

Warning: Tips for secure mobile holiday shopping

I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.