It goes without saying that you should always be on top of required updates—we're a couple months into 2016 and Apple has already issued major security updates for OS X and iOS. In some cases, however, users may be partial or restricted to their particular flavor of Apple's flagship OS. Whether you're running Snow Leopard, Yosemite, or El Capitan, the following are 10 tips for fine tuning your OS X instance for a better security posture.
Upon its release, Windows 7 was hailed as "the most secure Windows ever"—true enough at the time, but its predecessor Windows Vista didn't exactly set a high bar security-wise. Nonetheless, the updated OS shipped with literally hundreds of security changes and additions, addressing the needs of a more security-conscious home and business user base with features like AppLocker, BitLocker Drive Encryption technology, and more. Despite these improvements, Windows 7 has its own set of critical vulnerabilities—here are the top 11 on the list and how to fix them.
It's been said many times before, but is always worth repeating: enterprises need a layered approach to security for combating today's cyber threats. Illumio ASP and AlienVault USM provide just that: working in conjunction with traditional security solutions like firewalls and IDS/IDPS solutions (or in USM's case, providing its own), the two platforms further smooth the attack surface area with features such as policy-based controls, security analytics, and crowd-sourced threat intelligence, among others. Let's see how they stack up in this comparison.
PostgreSQL may be the world’s most advanced open source database, but its 82 documented security vulnerabilities per the CVE database also make it highly exploitable. Granted, the popular object-relational database is considered superior to others when it comes to out-of-the-box security, but proper measures are still required to protect web applications and underlying data. The following are 10 common ways to secure your PostgreSQL implementation from cyber attackers.
Solaris 10 is the most widely deployed Unix operating system on the market, despite flip-flopping between open and close-sourced status multiple times between versions. Notwithstanding, users are well-advised to stay proactive in bolstering the security of deployments. The Center for Internet Security (CIS) provides guidelines for a wide range of enterprise software that can be helpful in this regard—the following are 10 of its security benchmarks for Solaris 10.
Microsoft Internet Information Server (IIS) is widely used in the enterprise, despite a less-than-stellar reputation for security. In fact, for many “IIS security” is a contradiction of terms—though in all fairness, Microsoft's web server solution has improved significantly over the years. IIS 8.5 for server 2012 R2 and IIS 10 for 2016 have been hardened and no longer present the dangerous default configurations of older IIS iterations, but can still be further tightened. By following these 10 steps, you can greatly increase security for your IIS web apps and servers.
Cyber resilience is a fundamental change in understanding and accepting the true relationship between technology and risk. IT risk (or cyber risk, if you prefer) is actually business risk, and always has been. And the cybersecurity industry, for what it's worth, has generally avoided this concept because it goes against the narrative that their respective offerings—whether it's a firewall, IDS, monitoring tool, or otherwise—would be the one-size-fits-all silver bullet that can keep businesses safe. But reality tells a different story.