If you've got a browser and a spare computer, you can run penetration tests using Fast-Track's mass client-side attacks in no time.

Having dodged a widespread backdoor that shut down the protection provided by a number of secure USB drives, SafeStick is establishing itself as an alternative for enterprise security.

SQL injection attacks could allow hackers to compromise your network, access and destroy your data, and take control of your machines.

Motorola's vulnerability assessment tool works best when it's used as a complement to existing security practices – including on-site VA scans.

RoboForm Enterprise provides a simple alternative to enterprise single sign-on systems that achieves many of the same benefits at a far lower cost.

Its severity is rated "low," but patches are out for the second flaw in DNSSEC to be discovered in three months. DNS experts say some exploits are to be expected as the transition continues.

Automated penetration testing tools are a two edged sword: Learn how to run Metasploit-based Fast-Track on your own network before the black hats do.

Netflow has changed since Cisco first introduced it. To get the maximum security benefit from this useful protocol, make sure collectors operating on your network are able to collect, analyze and store Flexible NetFlow templates and data.

Most IT shops have handled the e-mail threat but overlook the rise of the Web as today's primary attack vector. Secure Web gateways that know better than to trust "good" sites will be key to addressing that oversight.

Recently acquired, the Metasploit project is a popular pen testing framework loved by white- and black-hats alike. Now that it has a corporate parent, does it have a future as a viable open source project?

Network security isn't easy, but there are plenty of ways to maximize the return you get on your efforts. Here are fifteen ways to gain a lot more security for less effort than you might expect.

You might be ready to move beyond OpenVPN, but feel daunted by IPSEC's learning curve. With our quick guide, you'll be up and running with free, open Openswan in no time.

Bought by Symantec, buried and now back in the hands of its creators, L0phtcrack provides network administrators with a way to mass-audit passwords on their networks, then remediate problem accounts.

The problem with user-hostile password policies and the associated feats of memorization involved is how poorly they address every other threat to your network besides dictionary attacks.

Formulating password policy is a balancing act - a trade-off between usability and security