Organizations must protect their most valuable digital assets in an intelligent, measurable way. For this reason, Foundstone’s network security experts offer intelligent strategies that simplify security while fortifying the enterprise.
Foundstone white papers clarify the complex world of digital security and demonstrate how organizations can proactively monitor, manage and mitigate risk.
Download Foundstone white papers on a range of vital security issues and market trends.
| Title | Description | Download |
| .NET White Paper | Overview of the security architecture of Microsoft’s .NET Framework. | Download Now |
| .NETMon™ White Paper | .NETMon monitors the .NET common language runtime enabling detailed analysis of how the .NET framework enforces security controls. | Download Now |
| 2007 Top 10 Malicious Code Trends | Details the trends that were observed in the evolution of malicious code over the course of 2007 | Download Now |
| 802.11 Attacks | Provides a step by step walkthrough of popular wireless attacks | Download Now |
| AJAX Security White Paper | Check out our Presentation on Ajax Security from the Rich Web Experience. | Download Now |
| ASP.NET Forms Authentication | This article describes limitations of the FormsAuthentication.SignOut method, and provides more information about how to ease cookie reply attacks when a forms authentication cookie may have been obtained by an malicious user. | Download Now |
| AJAX Storage White Paper | A look at AJAX applications using Flash "cookies" (shared objects) and Internet Explorer User-Data Persistence to store data out side of the standard browser cache. | Download Now |
| CookieDigger™ White Paper | CookieDigger helps identify weak cookie generation and insecure implementations of session management by web applications. | Download Now |
| Corporate Incident Response Plan White Paper | Whether your company needs to comply with new legislation, defend against financial loss, protect its corporate reputation - or a combination of the three - it is crucial that you have a comprehensive incident response plan. | Download Now |
| Data Loss Prevention Program | Safeguarding Intellectual Property | Download Now |
| Foundstone SSLDigger™ - The Need for Strong SSL Ciphers | SSLDigger is a tool to assess the strength of SSL servers by testing the ciphers supported. Some of these ciphers are known to be insecure. | Download Now |
| Foundstone Hacme Books User Guide | The Hacme Books application simulates a ‘real-world’ eCommerce bookstore and was built with known and common vulnerabilities to teach application developers, programmers, architects and security professionals how to create secure Java software. | Download Now |
| Foundstone SiteDigger™ 2.0 - Identifying Information Leakage Using Search Engines | Learn how to use search engines and Foundstone SiteDigger to identify accidental exposure of confidential information including financial records, passwords, and personal information via your Web site. | Download Now |
| Foundstone Hacme Bank™ User and Solution Guide | User and Solution Guide for Foundstone's Hacme Bank security application training tool. | Download Now |
| Got Citrix? Hack It! Presentation | Presentation deck used by Shanit Gupta at Shmoocon 2008 | Download Now |
| Hacking the Kiosk: Managing the Risk of Public Information Systems | Find out how to identify threats and uncover common vulnerabilities in kiosks | Download Now |
| How Virtualization Affects PCI DSS | Part 1: Mapping PCI Requirements and Virtualization | Download Now |
| How Virtualization Affects PCI DSS | Part 2: Review of the Top 5 Issues | Download Now |
| IIS Lockdown and URLScan | Foundstone Review of Microsoft's IIS Lockdown and URLScan tools. | Download Now |
| Insecure Trends in Web Technologies | A Review of Insecure Implementations of Rich Internet Applications | Download Now |
| ISA Server SP1 Audit White Paper | Provides an overview of a security assessment conducted by Foundstone of Microsoft’s ISA Server 2000 after the addition of the Service Pack 1 (SP1). | Download Now |
| Java Client Side Application Basics: Decompiling, Recompiling and Signing | Java Web Start is a mechanism for program delivery through a web server. These programs are initiated by the client’s web browser, deployed, and ultimately executed independently on the system. | Download Now |
| Key Components of a Risk-Based Security Plan | How to Create a Plan That Works | Download Now |
| Managing a Malware Outbreak | Sality - A Case Study | Download Now |
| Microsoft System Architecture 2.0 | Foundstone Security Review of Microsoft Systems Architecture 2.0 (MSA 2.0). | Download Now |
| Microsoft/Foundstone IP SEC | Using Microsoft Windows IPSec to Help Secure an Internal Corporate Network Server. | Download Now |
| Mobile Application Security Testing | Methodology, tools and techniques for testing mobile applications. | Download Now |
| Passive Host Characterization Presentation | Matthew Wollenweber Presentation at ShmooCon 2008 | Download Now |
| Remote Forensics System White Paper | The Remote Forensics System application facilitates data acquisition, storage, and analysis in a forensically sound and efficient manner. The application was created by graduate students at Carnegie Mellon University in collaboration with Foundstone. The software is also available for download. | Download Now |
| Securely Registering Applications | Learn how to securely register applications that are automatically initiated. Intro to Foundstone free tool - DIRE | Download Now |
| SecureUML | Describes the SecureUML Visio template which is a custom Unified Modeling Language (UML) dialect to help system architects build roles based access control systems (RBAC). | Download Now |
| Security Training – Why It Benefits Your Organization and How to Make Your Case to Management | This whitepaper explores the reasons why you should invest in Information Security training, and how to present a case to company management. | Download Now |
| Socket Hijacking | Discusses the socket hijacking vulnerability, the impact of the vulnerability and what it takes to successfully exploit the vulnerability | Download Now |
| Software Security: Going Beyond the Development Phase | Find out why securing software from the start is important | Download now |
| Validator.NET™ | Validator.NET enables developers to programmatically determine user input locations that could be potentially exploited by hackers and provides proactive steps to build data validation routines which are loaded into a protection module. | Download Now |
| Virtualization and Risk | Virtualization and Risk - Key Security Considerations for your Enterprise Architecture | Download Now |
| Wireless Intrusion Detection System | This paper presents an overview of the Whiff Intrusion Detection System, which was developed during the summer and fall of 2002 by a team of graduate students majoring in Information Security and Assurance at Carnegie Mellon University. | Download Now |
| Writing Effective Policies Part 1: Dissecting an Email Use Policy | The goal of this whitepaper is to outline the characteristics of an effective policy and explain clearly how to write an effective policy by showing both correct and incorrect examples. | Download Now |
Posts
![SQL Injection Basics - Union Based [Detailed Tutorial]](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjjQpa2wuMB-m5CXPVf71GUOkfiIOQA8KTyQ-_zfAl0SZa23UBN1QJaO2ZMGRDZlmDJTYf2jJ4ik3Xnj1locc38Yv9l6VMxTWt32s86JtXtLABDn20DRuAcbLPKMb9m2hc6PDmjIjvU-us/s72-c/SQL-Injection-Attack.jpg)
No comments:
Post a Comment