• 

  Oracle rolls out more critical patches for troublesome Java

  Oracle has unloaded a hefty package of patches aimed at fixing critical vulnerabilities in Java SE and Java for Business, and Oracle as well as third-party security experts are urging IT admins to deploy the security update immediately.

  By Ted Samson | 18 February, 2011 11:21

  Tags: Java, open source, oracle, Patch management, security, Security Central, software

• 

  Microsoft adds to security tools for developers

  Microsoft is expanding its roster of SDL (security development lifecycle) tools and services with the beta release of an attack surface analyzer tool as well as the introduction of consulting services on secure development.

  By Paul Krill | 19 January, 2011 07:28

  Tags: application development, Developer World, Microsoft, security, Security Central, software

• 

  HoneyPoint: Honeypot for Windows, Linux or Mac

  After over 10 years of active participation in the honeypot community, I was surprised not to have heard of MicroSolved's HoneyPoint Security Server before I started planning this roundup. HoneyPoint runs on Windows, Linux, and Mac OS X, and offers some useful features -- such as "defensive fuzzing" and the ability to track alert status -- that KFSensor and Honeyd don't. But HoneyPoint is neither as easy and complete as KFSensor, nor as flexible and scalable as Honeyd.

  By Roger A. Grimes | 18 November, 2010 05:47

  Tags: desktop pcs, freemium, hardware systems, insider threat, intrusion, Intrusion detection and prevention, Mac, malware, MicroSolved, operating systems, security, Security Central, software, Windows

• 

  Windows Phone 7 lacks on-device encryption

  Many businesses will not be able to support Microsoft's Windows Phone 7 operating system, which began shipping in the U.S. today. Like the competing Google Android, Windows Phone 7 does not support on-device encryption to protect data stored on it. Many businesses require such encryption to be able to access corporate data through EAS (Exchange ActiveSync) policies and automatically block connections from devices that don't support device-level encryption.

  By Galen Gruman | 09 November, 2010 09:07

  Tags: ActiveSync, encryption, Google, Microsoft, mobile, Mobile device management, Mobilize, security, Security Central, Telecommunication, Windows Phone 7

• 

  Microsoft upgrades free app security tool

  Microsoft released this week an upgrade to a tool that helps secure applications for the Internet without having to recode them.

  By Paul Krill | 04 September, 2010 06:41

  Tags: application development, Developer World, Microsoft, security, Security Central, software

Whitepapers about Security Central

• 

  Spear Phishing Attacks - Why they are successful and how to stop them

  There's been a rapid shift from broad, scattershot attacks to advanced target attacks that have had serious consequences for victim organisations. The increased use of spear phishing is directly related to the fact that it works, as traditional security defences simply do not stop these types of attacks. This paper provides a detailed look at how spear phishing is used within advanced attacks and the key capabilities organisations need in order to effectively combat these emerging and evolving threats.

• 

  Fixing Your Dropbox Problem - How the Right Data Protection Strategy Can Help

• 

  Endpoint Buyers Guide

• 

  Mobile Security - Mapping an Ecosystem of Risk