System News
back1 2 3 4 5 6 7 8 9 10 11 next
Archived Security Articles
28 Jul 2016
open to premium members only
SQL Injection Detection and Alerting are Vital For Secure Data [54800]
By Alex Slotnick

Alex blogs, "The recent Mossack Fonesca 'Panama Papers' hack is the latest security breach to drive home how much an impact an SQL injection can have on modern-day organizations. Though that hack ultimately revealed massive professional fraud by companies and governments around the world, it involved the exposure of 11.5 million confidential documents. The 2.6 terabytes of data stolen were a powerful reminder that the history of web-based business has been riddled with instances of SQL injections. They remain common and potentially devastating to organizations..."
(Get More Information . .)

19 Apr 2016
open to premium members only
How To Determine If You Can Trust Cloud Security [51896]
By Carol Hildebrand

Carol writes in Forbes, "Will 2016 be the year security stops being a reason to avoid public clouds? Because, face it, by now established cloud vendors have likely invested more in security than you can hope to duplicate in-house. But when you're used to pulling your own security levers, how do you let go of some of that control?

What we need is the cloud security version of a trust fall..."
(Get More Information . .)

15 Apr 2016
open to premium members only
Richard Clarke On Government's Role In Shielding The Private Sector Against Cyberthreats [51706]
Forbes, April 15th, 2016

John Soat writes in Forbes, "What role should the federal government play in digitally securing US-based private corporations? Don't look to the current US presidential candidates for answers. 'One thing we haven't heard from 'them' is anything about cybersecurity,' said Richard Clarke, security consultant and former security advisor to several presidents, at the Oracle Industry Connect conference in Orlando on April 13..."
(Get More Information . .)

14 Mar 2016
open to premium members only
Increasing Security for SAP Installations with Immutable Zones [50774]
By Parnian Taidi

Parnian blogs, "In recent blogs we have talked about various aspects of end-to-end application security with Oracle Solaris 11, SPARC M7 and the ISV Ecosystem. We also talked about a white paper that provides best practices for using the Oracle Solaris compliance tool for SAP installations. Another way to increase the security of an SAP installation is to use Oracle Solaris Immutable Zones.

A Solaris zone is a virtualized operating system environment created within a single instance of the Solaris OS. Within a zone, the operating system is represented to the applications as virtual operating system environments that are isolated and secure. Immutable Zones are Solaris zones with read-only roots. Both global and non-global zones can be Immutable Zones..."
(Get More Information . .)

29 Feb 2016
open to premium members only
SP vs. IdP Initiated SSO [50413]
By Damien Carru

Damien blogs, "In today's article, I will discuss about the concepts of SP and IdP Initiated SSO between two Federation deployments, and what the differences between those two flows are. I will also explain the concept of a user state or a return URL shared between the IdP and the SP during the Federation SSO, which is called:

  • RelayState for SAML 2.0
  • TARGET for SAML 1.1
  • wctx for WS-Fed 1.1
  • openid.return_to for OpenID 2.0 (the return SSO URL can contain a query parameter representing the user state at the SP)

In this article, I will showcase examples using the SAML 2.0 protocol, though the same would apply for the other protocols..."
(Get More Information . .)

19 Feb 2016
open to premium members only
Next Generation IDaaS: Moving From Tactical to Strategic [50071]
By Matt Flynn

Matt writes, "First generation Identity as a Service (IDaaS) was a fashion statement that's on its way out. It was cool while it lasted. And it capitalized on some really important business needs. But it attempted to apply a tactical fix to a strategic problem.

We all know by now that the world has changed..."
(Get More Information . .)

 
back1 2 3 4 5 6 7 8 9 10 11 next