-
Mitigating Security Threats by Minimizing Software Attack Surfaces
An important method for improving the security of software is to assess and minimize the system's "attack surface." In this report, we provide a conceptual understanding of attack surfaces and explore how to use this concept to improve security of both internally-developed software as well as systems purchased as off-the-shelf software. We conclude by recommending best practices for limiting attack opportunities on IT systems. (4 pp., 2 figs.) [Executive Summary]
May, 2008
-
Combating Back Door Vulnerabilities in Data Center Procedures
Although IT professionals usually adhere to strict security guidelines when dealing with user systems, they sometimes drop their guard when the implement systems and procedures in the data center itself. This article highlights the security weaknesses that can be created by such administrative procedures and outlines common sense management practices that can close such back door vulnerabilities.
March, 2006
-
Aberdeen: New Poster Child for Sloppy Research? (1Q03)
A recent study, which shows Linux and other open source software suppliers have more security problems than Microsoft, has serious flaws.
January, 2003