Analysis

Analysis

Information security is a complex beast. Here, you'll find deep analysis of important security news and some of the important topics that are missed in the daily news cycle.

Latest about Analysis

A new theory of digital identity 

A new theory of digital identity

In Risk - By Stephen Wilson, 14 March 2012 6:49 AM
The final instalment of a two-part feature series explores the troubled practice of federated identity.
Open source Malwr analysis launched 

Open source Malwr analysis launched

In Web/client - By Darren Pauli, 25 January 2012 11:33 AM
Project backed by Shadowserver.
Analysis: HTML5 security holes detailed 

Analysis: HTML5 security holes detailed

In Web/client - By Darren Pauli, 4 January 2012 11:28 AM
Security shortfalls in burgeoning standard.
Analysis: A history of advanced evasion techniques 

Analysis: A history of advanced evasion techniques

In Hackers - By Ash Patel, 5 December 2011 11:22 AM
Part one.
A new theory of digital identity 

A new theory of digital identity

In Networks - By Stephen Wilson, 30 November 2011 2:09 PM
Stephen Wilson puts digital identity under the microscope.
Cyber threats and business-government engagement  

Cyber threats and business-government engagement

In Risk - By Dr Carolyn Patteson, 25 November 2011 11:50 AM
A view from Australia’s national CERT.
An eye on SIEM 

An eye on SIEM

In Applications - By David Waller, 3 November 2011 4:58 PM
The hype explained.
How bad is mobile malware? 

How bad is mobile malware?

In Applications - By Dan Kaplan, 1 November 2011 3:47 PM
Beware of greynets.
Mobile malware analysis for penny-pinchers 

Mobile malware analysis for penny-pinchers

In Messaging - By Darren Pauli, 26 October 2011 10:23 AM
Better than emulators, cheaper than Faraday cages.
Are acquisitions stifling security? 

Are acquisitions stifling security?

In Applications - By Hannah Prevett, 24 October 2011 3:27 PM
It's going to get bad.
Analysis: Mass PHP script hacking  

Analysis: Mass PHP script hacking

In Hackers - By Fraser Howard, 21 October 2011 4:02 PM
Sophos peers inside PHP script attacks.
Bundestrojaner sparks war of words  

Bundestrojaner sparks war of words

In Applications - By David Glance, 11 October 2011 12:33 PM
Did hackers uncover a German Government spy operation?
The path of privacy 

The path of privacy

In Risk - By Angela Moscsaritolo, 7 October 2011 9:54 AM
How US schools maintain the privacy of 55 million students.
Analysis: PCI DSS, five years on 

Analysis: PCI DSS, five years on

In Risk - By Eduardo Perez, head of global payment system security, Visa, 4 October 2011 11:23 AM
In 2006, PCI adoption was at 12 percent.
Analysis: Good passw0rd security 

Analysis: Good passw0rd security

In Networks - By Darren Pauli, 5 September 2011 3:48 PM
Entropy isn't everything.
Fair punishment for data breaches? 

Fair punishment for data breaches?

In Risk - By Liz Tay, 19 August 2011 4:35 PM
Stakeholders ponder penalties and mandatory notification laws.
Analysis: Perimeter exploit exposure 

Analysis: Perimeter exploit exposure

In Networks - By Marcus Carey, researcher, Rapid7, 18 August 2011 1:00 PM
Vulnerability and patch management is key.
Lessons from the Sony hack 

Lessons from the Sony hack

In Applications - By Joe Basirico, 20 July 2011 4:07 PM
Software flaws are easy to attack, so, fix them.
Analysis: Voices from a darknet  

Analysis: Voices from a darknet

In Networks - By Mike Caudill, 15 July 2011 11:37 AM
Each service exposed to the internet must be adequately protected.
Analysis: Detecting LDAP injections 

Analysis: Detecting LDAP injections

In Web/client - By Andres Riancho, 5 July 2011 1:58 PM
Centralised location for authentication is good, but there's problems in implementation.
Apple and the public cloud: new threats, new solutions 

Apple and the public cloud: new threats, new solutions

In Cloud - By Jason Hart, 24 June 2011 10:56 AM
Apple's iCloud will bring cloud computing to the masses and with it, new security challenges.
Analysis: LulzSec trackers say authorities are closing 

Analysis: LulzSec trackers say authorities are closing

In Hackers - By Darren Pauli, 22 June 2011 3:51 AM
Vigilantes claim hackers' identities have been passed to FBI.
War stories important to defence 

War stories important to defence

In Networks - By Chris Mohan, 20 June 2011 4:22 PM
Disclosure is a must so that the industry can learn from its mistakes.
Analysis: Secure your supply chain 

Analysis: Secure your supply chain

In Hackers - By Sean Martin, founder, imsmartin consulting, 14 June 2011 8:28 AM
The automotive industry supply chain relies heavily on communications and document exchanges.
Apple Lion borrows from Vista but iCloud doubts linger 

Apple Lion borrows from Vista but iCloud doubts linger

In Applications - By Darren Pauli, 7 June 2011 11:18 AM
Layout randomisation and other features should make malicious hackers' lives more difficult.
Respect and security  

Respect and security

In Networks - By Lisa Myers, 2 June 2011 10:24 AM
Trying times for security
Analysis: Yahoo! security chief remodells risk 

Analysis: Yahoo! security chief remodells risk

In Risk - By Justin Somaini, CISO, Yahoo!, 2 June 2011 9:58 AM
The ability to ascertain the risk tolerance of the business gets less political pushback than just guessing.
Analysis: Can encryption bring banks to the cloud? 

Analysis: Can encryption bring banks to the cloud?

In Crypto - By Brett Winterford, 31 May 2011 3:07 PM
Regulation might drive the finance sector to lead cloud adoption.
Analysis: Why do SQL injection attacks still succeed? 

Analysis: Why do SQL injection attacks still succeed?

In Hackers - By Josh Shaul, chief technology officer, Application Secur, 25 May 2011 6:33 AM
Databases, web servers, middleware and WAFs are not properly secured.
Analysis: Offensive action against botnets 

Analysis: Offensive action against botnets

In Networks - By David LaMacchia and Jamie Tomasello, Cloudmark, 20 May 2011 11:19 AM
Does a botnet takedown set questionable precedents or is it a viable way to cleanse compromised computers?
Analysis: Why you should chew through VM bibles 

Analysis: Why you should chew through VM bibles

In Risk - By Darren Pauli, 11 May 2011 1:16 PM
It makes poor bed-time reading, but getting your head around virtualisation is vital.
Analysis: Stuxnet dissected 

Analysis: Stuxnet dissected

In Applications - By Brett Winterford, 23 February 2011 11:02 PM
How one of the world's most complex cyber attacks crippled Iran's nuclear programme.
Analysis: The legal means to cut net access 

Analysis: The legal means to cut net access

In Hackers - By David Havyatt, 3 February 2011 2:46 PM
Under what conditions could the Australian Government cut net access?
Analysis: Hybrid security here to stay 

Analysis: Hybrid security here to stay

In Crypto - By Liz Tay, 24 December 2010 8:47 AM
Vendors to keep pushing layers of products.
Hackers forum gets hacked 

Hackers forum gets hacked

In Web/client - By Dan Raywood, 21 May 2010 1:26 PM
Personal details revealed.
How to select a SIEM solution 

How to select a SIEM solution

In Risk - By Carlo Minassian, Founder & CEO, Earthwave, 14 July 2009 12:32 PM
Earthwave founder Carlo Minassian draws on his experience in the security sector to present a buyer's guide to Security Information & Event Management (SIEM) solutions.
Marshal8e6 buys into behavioural threat analysis 

Marshal8e6 buys into behavioural threat analysis

In Web/client - By Phil Muncaster, 15 April 2009 10:54 AM
Web and email security vendor Marshal8e6 has bolstered its anti-malware capabilities with the acquisition of behaviour-based detection firm Avinti for an undisclosed sum.
MIT develops network analysis tool 

MIT develops network analysis tool

In Applications - By Iain Thomson, 2 September 2008 3:56 PM
MIT's Lincoln Laboratory has developed a network mapping tool that enables managers to track likely hacking routes.
Fortify Source Code Analysis Suite 4.5 

Fortify Source Code Analysis Suite 4.5

In Web/client - By Patrick Love, Head of Fiduciary Support, Global Wealth Sol, 30 April 2008 3:13 PM
Fortify Source Code Analysis Suite 4.5 performs static source code analysis. Various languages and architectures including ASP.NET, C/C++, C#, Java, JSP, PL/SQL, T-SQL, XML, ...
Darknets provide globally scoped analysis 

Darknets provide globally scoped analysis

In Web/client - By Jose Nazario,, 29 May 2007 4:32 PM
The internet has come under a sustained and significant threat from network malware, especially since the emergence of the global Windows network worm in 2001 with Code Red and ...
CanSecWest hacking contest slammed 

CanSecWest hacking contest slammed

In Risk - By Frank Washkuch, 3 May 2007 9:53 AM
Gartner took a jab at TippingPoint and CanSecWest officials this week, criticising them for a recent hacking contest that revealed a then-unpatched flaw in QuickTime.
CFO responsibility to fund log analysis for Sarbanes-Oxley compliance 

CFO responsibility to fund log analysis for Sarbanes-Oxley compliance

By Ron Lepofsky, 15 December 2004 12:27 PM
Corporations responsible for complying with Sarbanes-Oxley, face great hurdles with a basic compliance objective: analysis of their (server and security device) event logs. ...
Risk analysis is revisited with a fresh approach 

Risk analysis is revisited with a fresh approach

By Peter Stephenson, 12 November 2004 5:04 PM
The Right Analysis at the Right Time 

The Right Analysis at the Right Time

By Brad Johnson, 16 January 2004 11:19 AM
The good news is that over the past several years, security analysis has become a widely accepted and integral part of development and deployment processes.
Using File Hashes to Reduce Forensic Analysis 

Using File Hashes to Reduce Forensic Analysis

By Dan Mares, 14 January 2004 1:27 PM
The "hashkeeper" paradigm or model was first introduced a number of years ago by Brian Deering of the National Drug Intelligence Center (www.hashkeeper.org).
1
Sign up to receive SC Magazine email newsletters
   FOLLOW US...
Most Read