May 2011 - Issue 20

View Online

Tell a Friend

Top Banner
Editorial Corner

Mobile insecurity ... Protecting legacy systems ... Help with security rollouts

In our feature story this month, Daniel Miessler, security consultant with Hewlett-Packard, discusses mobile vulnerabilities, including the risks associated with easy physical access to mobile devices, heavy use of wireless service at the same time and in the same place, and location-aware applications. He also addresses the three principal attack surfaces -- the device, the network and the server components -- and urges greater mobile defense.

One of our readers needs to secure his organization's legacy systems. Do readers have any suggestions on how to best shore up these systems?

Wondering how to successfully manage a security rollout? In this month's best advice column, readers provide numerous suggestions on how to implement security planning across your organization.

Let us know how successful we are at including articles relevant to you, by taking a one-minute reader survey. You could win a T-shirt for answering the survey or this month's dilemma or for submitting a business challenge you face.

If you would like to unsubscribe from this newsletter, please click on link at the bottom of the page.

Feature Story

The (In)security of Mobile Devices

Anatomy of a new type of risk

by Daniel Miessler

It wasn't long ago that being on the cutting edge of business equated to having a website. Soon after, it wasn't enough to simply have an Internet presence; you had to be interactive and engaging (see Web 2.0). But now there's a new standard. In order to truly compete in the second decade of the 21st century, you need to be in the mobile space. Read more

Gartner Magic Quadrant for Static Application Security Testing

The 7 Keys to Software Security Assurance in SMB

HP Unveils New Application Security Analysis Offering

Study Shows Single Software Security Incidents Costs Average $300,000

Complete our one-minute reader survey and you could win a Fortify T-shirt.

Subscribe here or unsubscribe your subscription.



Cloud Security Alliance

More ...

Off by On: The Latest on Software Security Assurance

Inevitable Surprises in Cybersecurity: A Look at Software Security Assurance From the Federal Perspective


Security & Privacy

Dark Reading

SC Magazine

More ...

March 2011
Issue 19
December 2010
Issue 18
October 2010
Issue 17
August 2010
Issue 16

Complimentary White Paper

Application Security Intelligence Summit

This month's complimentary white paper is actually an invitation to listen to a complimentary Application Security Intelligence Summit hosted on HP Fortify's channel on BrightTalk.

Forward-thinking organizations have begun to adopt a holistic approach to securing applications rather than simply investing in perimeter defenses like firewalls and intrusion prevention systems. This Web summit offers a full day of webcasts featuring leading software security experts discussing the role of application security intelligence in enabling software security assurance programs to proactively reduce business risk across the enterprise. Speakers include Derek Brink, VP of Aberdeen Group; John South, CISO, Heartland; Dennis Hurst, founding member of the Cloud Security Alliance; Dave Wichers, board member of OWASP; and Fortify founder and CTO Roger Thornton. Learn more ...

What's Your Best Advice?

This Issue's Dilemma:


How to secure legacy systems?

Our organization still has some legacy systems, mostly client/server systems developed during the first generations of Web-based applications. Do readers have any suggestions on how best to secure these systems?

-- K. Adani

Can You Help?
Share your experience or your best advice and you could win a Fortify T-shirt!

Previous Issue's Dilemma:

How to implement security planning across the organization


My team needs to come up with a plan to manage a security implementation and a way to best oversee the process once the security measures are in place. Does anyone have a real-life story of a security rollout, or do you have an example of how you improved security procedures within your organization? I'd like to hear your firsthand accounts as well as any advice you have on how to improve security procedures. -- J.S.

Read what our readers have to say.

Communication and Leadership

The Basics of the New Security Leadership
What's in and what's out
by Derek Slater - CSO Online

How to Prepare the Next Generation of CIOs
Investment in education and development is key

by Arthur Langer - CIO Insight

The Increasing Threat

Fewer Hacks, Craftier Attacks?
Verizon's 2011 Data Breach Report
by Roger Grimes - InfoWorld

Data Thieves Target Permission Marketing Email Addresses
Attacks on firms from Citigroup and Verizon to Hilton and Target
by Byron Acohido - The Last Watchdog

Getting Things Done

PCI Compliance May Mean Fewer Breaches
But most pros don't think it has made a difference yet
by Tim Wilson - Dark Reading

Pinpointing Your Security Risks
Vulnerability scanning helps find at-risk applications
by Brian Robinson - IT Security

productsandservices.gif solutions.gif resourcecenter.gif customers.gif partners.gif newsandevents.gif aboutfortify.gif

"ConnectedIn Media consulted in the development of our e-newsletter and
made the process easier than we ever expected."

-- David Baer, Director of Global Marketing

Fortify is concerned about your privacy. We do not rent, sell or exchange email addresses. Copyright 2011, InternetVIZ. All rights reserved. You can write to us at 2215 Bridgepointe Parkway, Suite 400, San Mateo, CA 94404.

You are subscribed using the following email address: . If you wish to change your selections or unsubscribe altogether, click below.

HP respects your privacy. If you'd like to discontinue receiving emails from HP regarding special offers and information, please click here.

For more information regarding HP's privacy policy or to obtain contact information, please visit our privacy statement or write to us at HP Privacy Mailbox, 11445 Compaq Center Drive W., Mailstop 040307, Houston, TX 77070

If you would like to subscribe to our email list to receive future promotions and special offers, please click here.

Powered by TailoredMail