TalkingTech
The view from the top of IT with TechWorld Editor Rohan Pearce
Stories by Roger A. Grimes
14 dirty IT tricks, security pros edition
The IT security world is full of charlatans and wannabes. And all of us have been "advised" by at least one of them.
By Roger A. Grimes | 25 February, 2013 16:27
IT's 9 biggest security threats
Hacking has evolved from one-person crime of opportunity to an open market of sophisticated malware backed by crime syndicates and money launders
9 popular IT security practices that just don't work
The security products and techniques you rely on most aren't keeping you as secure as you think
10 crazy IT security tricks that actually work
IT security threats are constantly evolving. It's time for IT security pros to get ingenious
HoneyPoint: Honeypot for Windows, Linux or Mac
After over 10 years of active participation in the honeypot community, I was surprised not to have heard of MicroSolved's HoneyPoint Security Server before I started planning this roundup. HoneyPoint runs on Windows, Linux, and Mac OS X, and offers some useful features -- such as "defensive fuzzing" and the ability to track alert status -- that KFSensor and Honeyd don't. But HoneyPoint is neither as easy and complete as KFSensor, nor as flexible and scalable as Honeyd.
By Roger A. Grimes | 18 November, 2010 05:47
An expert guide to Windows 7 security
Windows 7 has been warmly received and swiftly adopted by businesses, with the result that many IT admins are now struggling with the platform's new security features. In addition to changes to User Account Control, BitLocker, and other features inherited from Windows Vista, Windows 7 introduces a slew of new security capabilities that businesses will want to take advantage of.
By Roger A. Grimes | 30 September, 2010 20:11
Finding gold in your log files
Considering how much valuable information is available in log files, you'd think more companies would pay attention to them. Workstations, servers, firewalls, appliances, and other computer devices generate reams of event logs every day, and despite mountains of evidence showing their practical, cost-saving uses, logs often go ignored. A good log management system can help significantly with security, application troubleshooting, compliance, and systems management. If that's the case -- and it is -- why do logs and log management sometimes still get a bad rap?
By Roger A. Grimes | 16 July, 2010 01:43
The ultimate guide to Windows 7 security
Windows 7 has been warmly received and swiftly adopted by businesses, with the result that many IT admins are now struggling with the platform's new security features. In addition to changes to User Account Control, BitLocker, and other features inherited from Windows Vista, Windows 7 introduces a slew of security capabilities that businesses will want to take advantage of.
By Roger A. Grimes | 21 April, 2010 20:28
Application whitelisting in Windows 7 and Windows Server 2008 R2
Microsoft's AppLocker, the application control feature included in Windows 7 and Windows Server 2008 R2, is an improvement on the Software Restriction Policies (SRP) introduced with Windows XP Professional. AppLocker allows application execution rules and exceptions to them to be defined based on file attributes such as path, publisher, product name, file name, file version, and so on. Policies can then be assigned to computers, users, security groups, and organizational units through Active Directory.
By Roger A. Grimes | 06 November, 2009 12:21
Application whitelisting review: CoreTrace Bouncer
CoreTrace's Bouncer 5 is application control and more. Bouncer is the only product in InfoWorld's review that successfully protected against buffer overflows. It also offers unique write protection of whitelisted files and does a nice job of handling updates to controlled applications.
By Roger A. Grimes | 04 November, 2009 22:13
Application whitelisting review: Bit9 Parity Suite
As many product vendors can readily tell you, this reviewer is the ultimate computer security cynic and a tough writer to please. I'm unsparingly critical of overhyped products. Although I've evaluated a number of excellent products over the years, I've never given a perfect 10 in any scorecard category -- until now. Bit9 Parity is one of the few computer security products that, if deployed in your Windows environment, will radically and immediately reduce your enterprise's level of security risk. It's not perfect, and it did not score a perfect 10 in every field -- but it earned the highest score this reviewer has ever given.
By Roger A. Grimes | 04 November, 2009 22:13
Application whitelisting review: McAfee Application Control
McAfee Application Control 5.0 (due out Dec. 15) is the result of McAfee's acquisition of Solidcore and the integration of Solidcore S3 Control with McAfee ePolicy Orchestrator (ePO). McAfee Application Control rivals SignaCert for the broadest client support among all the products in InfoWorld's review. It also boasts write protection and ownership protection of whitelisted files, good reporting and alerting, and no significant cons.
By Roger A. Grimes | 04 November, 2009 22:13
Application whitelisting review: SignaCert Enterprise Trust Services
SignaCert was one of the first whitelisting products available, and it now boasts more than 1 billion predefined file signatures as part of its Global Trust Repository service. It also offers file authenticity ratings, wide platform support, extensibility through XML, and excellent documentation. SignaCert's significant weakness is that it does not natively block file executions -- the only product in InfoWorld's review that does not include this ability as a standard feature.
By Roger A. Grimes | 04 November, 2009 22:13
Application whitelisting review: Lumension Application Control
Lumension Application Control is a strong whitelisting solution with broad file coverage, excellent reporting, and a complete set of Windows file definitions that can be used to spot potentially troublesome changes to system files. Its one noteworthy shortcoming is the inability to create whitelisting rules based on the digital signatures of application publishers.
By Roger A. Grimes | 04 November, 2009 22:13
How secure is Safari?
Apple's Safari, released for the Windows platform in June 2007, is the second newest browser on Windows, behind Google's Chrome. (Naturally, Apple's browser also runs on OS X, and on iPhone and iPod Touch devices in a mobile edition.) Safari leads the pack in anti-phishing filtering and pop-up blocking, but it also has many security weaknesses.
By Roger A. Grimes | 31 January, 2009 01:37
TechWorld Blogs
Recent blog posts
- OpenStack, collaboration and competition
- Tech and protesters at #occupysydney
- Adobe Flash (1996-2011): Will we really mourn you?
- Nokia's N9, MeeGo and all that: A Nokia N9 review of sorts
- Recruiter seeks developers for Amazon video-on-demand team
- A shocking resignation
- Lightsabers, software Darwinism and the demise of webOS
- Programming, creativity and open source
- Goodbye, hello
- Is Network Co. the way to go?
Latest Jobs
- FTJob Title: Mac Systems/ Enterprise Systems EngineerNZ
- FTPeoplesoft CRM DeveloperWA
- FTInteractive Flash Developer - AS3/Flash. Interactive kiosks. Ad Agency $500p/dNSW
- FTFlash / ActionScript Developer - ContractNSW
- FTFlash / ActionScript Developer - ContractNSW
- FTPeoplesoft CRM DeveloperWA
- FTJunior Financial System Support ConsultantNSW
- FTC++ Front Office Trading Software Engineer - Trading exposureNSW
- FTFlash / ActionScript Developer - 3 month Contract $500 per day. Pyrmont.NSW
- FTApplication Support ConsultantNSW
- FTInvestment System Support ConsultantNSW
- FTWeb Analyst - WebTrendsVIC
Twitter Feed
-
WatchAdam Social media adds spice to financial services, say banks #cw #cio #tw -- http://t.co/wxnoDeHkNj -
Techworld_AU Android, Windows tablets on the rise in ANZ: IDC http://t.co/hJEkGxMd07 -
Techworld_AU Victoria Racing Club bets on new projectors http://t.co/YRJCtmGZBn
-
HamishBarwick #VictoriaRacingClub bets on new projectors http://t.co/6dVZXpaGmV #Panasonic #tw #cw -
Techworld_AU Australian startup snapshot: ReadCloud http://t.co/IpqpVrRtER
Latest News
- Facebook designing network fabric to meet massive performance needs
- Twitter buys Spindle to thread in location discovery tools
- Ferromagnetics breakthrough could change storage as we know it
- Report: Microsoft and Nokia talked acquisition
- 3D printer creates lithium-ion batteries the size of a grain of sand
- Intel joins Samsung, Qualcomm in wireless power consortium
- Congress looks to kill NASA's plan to capture an asteroid
- AT&T to offer NEC Terrain push-to-talk Android smartphone starting Friday
- Intel chooses sides in wireless power market
- Good riddance Google Reader: Feedly throws switch on alternate RSS service
- Patent-licensing firm files second lawsuit against Motorola Mobility
- Countries question Google on Glass privacy
- Google Glass apps for enterprises coming by early 2014
- Papers please! Microsoft creates second-class citizens with Office iPhone app
- Financial services firm figures out how to do social safely
Copyright 2013 IDG Communications. ABN 14 001 592 650. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of IDG Communications is prohibited.
IDG Sites:
PC World |
GoodGearGuide |
Computerworld Australia |
CIO Australia |
CMO |
CSO Online |
ARN |
CIO Executive Council
Recent comments
2 hours, 8 minutes ago
4 hours, 14 minutes ago
1 day, 19 hours ago
1 day, 21 hours ago
6 days, 7 hours ago
1 week, 2 days ago
1 week, 3 days ago
1 week, 3 days ago
2 weeks, 2 days ago
2 weeks, 6 days ago