You are here: silicon.com > Resources > White Papers > Security > Security Administration > Security Applications

Security Applications White Papers

Web Application Security: Automated scanning versus manual penetration testing

Overview Research has shown that a vast number of Web sites are vulnerable to application attacks, most occurring over HTTP/S protocols. There are two methods to detect Web vulnerability: using manual penetration testing and code review or using automated scanning tools and static analysis. This white paper addresses and compares these two methods.

Further White Paper Details
Publisher	IBM	File Format	PDF
Date Published	January 2008
Format	White Papers
Topics	Security Applications, Security Management, Best Practices, Intrusion Detection Systems, Security Tools, Application Development, Application Security Tools

Did you find this white paper useful? 15 out of 50 users found this white paper useful

Messagelabs - IT Security Threats of Today and Tommorrow Webcast Supporting Doc

This document supports th silicon.com webcast which discusses some of the security threats to IT systems that organisations have to face on a daily basis - and what do about...

Publisher:
MessageLabs, now part of Symantec

MessageLabs - The Dark Art of Spam

Quite simply, MessageLabs anti-spam solution provides businesses with the quality of protection they urgently need if they are to stay a step ahead of the spammers - and the increasingly...

Publisher:
MessageLabs, now part of Symantec

IBM Security Technology Outlook: An outlook on emerging security technology trends

In the next 2-5 years, emerging technology and social trends will have far-reaching implications for enterprise secruity. This white paper will out-line the fundamental technology trends an organisations can expect...

Publisher:
IBM

Not an End In Itself: Information Protection and Return on Risk

Information protection, a core discipline of information stewardship, must balancing rick mitigation with utility. This white paper deals with the shift in "is this technology secure enough" to "we can...

Publisher:
IBM

Trend Micro Enterprise Security white paper

This white paper reviews the content security threat landscape and how it has evolved into a more dangerous and high risk environment. The paper discussed how conventional content security approaches...

Publisher:
Trend Micro

Slammer time - SQL worm brings net to its knees over weekend

Although a patch has been available since then, many system administrators have failed to install the patch, leaving their computers vulnerable. It does not spread through email and will not affect most home users' computers directly, said experts...

Channel:
Security Strategy

'Dangerous' Sasser variants already on the loose

The worm spreads by scanning different ranges of internet addresses using a specific application data channel, or port, numbered 445. By Monday morning, Symantec was able to confirm - by scanning for open FTP servers on computers, from which the...

Channel:
Security Strategy

HP to hack its customers

The penetration-testing service, HP Active Countermeasures (HPAC), will use a single server and eight to 10 scanning clients per 250,000 connected devices. Each of the clients will be given a range of IP addresses to scan, and will move through the...

Microsoft warns of 'critical' Windows flaw

A successful attack will give full control over a vulnerable machine without any user interaction, Microsoft said. Windows 2000 Server Service Pack 4, Windows Server 2003 Service Pack 1 and Windows Server 2003 Service Pack 2 are vulnerable...

Microsoft: IE at risk from security hole

Microsoft is investigating reports of attacks against a new vulnerability in IE but said in an update to a security advisory issued late on Thursday that all versions of IE are potentially vulnerable.

Why you should hack your own systems

Penetration tests allow organisations to set up social engineering attacks, garnering information such as email addresses from vulnerable applications and using wizards and templates to do things such as create an email, associate it with an...

Featured White Papers

Harnessing the Power of Location Intelligence in the Public Sector

Throughout the world, public services today are under pressure. The current economic climate, where taxreceipts are naturally suppressed, provides very seriousfunding challenges. Moreover, in good times and bad, increasing regulation at the regional and national level is imposing additional duties and responsibilities on the public services without additional resources to carry them out. Store closures are changing the urban landscape. Demographic and/or economic change isincreasing demand for health and social services.Demand for decreased crime rates is focusing minds in law enforcement. And the threat of internationalterrorism is forcing greater contingency duties on the emergency services. The net result is a need to do more with lessquite a challenge.

Publisher:
Pitney Bowes

Buyers' Guide - How to ease the shift to mobile working

With momentum building behind mobile working, are higher costs inevitable when moving staff to laptops? Not necessarily. In fact it's possible to emerge with lower management overheads - and tighter security. Read on to find out more.

Publisher:
Intel

IBM Virtualization Services

Virtualization is a powerful technology and can have profound effects on the datacenter; however, it should be viewed as a component of an overall IT strategy that will be able to support the enterprise's needs. IDC recommends that enterprises look at theentire architecture and determine how to best deploy virtualization