Prevention and Protection Strategies

Intrusion Detection

Intrusion Detection is the process of monitoring an information system in order to determine if any action is being performed with malicious or otherwise...
Ian Carnaghan
1 min read

Honeypots: To Lure or Not To Lure

Honeypots are sometimes used as an active defense mechanism for network security and provide a means for targeting attackers and recovering forensic evidence.  A...
Ian Carnaghan
1 min read

Managing Access to Information Resources

Security breaches caused by internal employees, consultants, business partners and any other individual or group of individuals that have privileged access to certain parts...
Ian Carnaghan
1 min read

More on Limiting Damage to Information Assets

Establishing and enforcing policies that limit employee access to sensitive data and IT systems are one of the most effective mitigation strategies against a...
Ian Carnaghan
1 min read

Post Authentication Methods

A lot of time can be spent in an organization firming up authentication and access control systems to ensure greater levels of security to...
Ian Carnaghan
1 min read

Usable Security? User Friendly Factors

In his article on usable security, Lampson (2009) asserts that usable security needs to begin with policy and how we model security systems within...
Ian Carnaghan
1 min read

SQL Injection Explained

SQL injection has been a method of attacking databases through multiple tiers of application infrastructure for many years, MacVittie (2008).  SQL or Sequential Query...
Ian Carnaghan
1 min read

Web Application Database Vulnerabilities to be Aware of

The use of malicious code attacks against web applications and more specifically, web enabled databases, is on the rise and continues to be a...
Ian Carnaghan
1 min read