http://www.oobergeek.com en-us Traditional defenses such as antivirus and firewalls are no longer effective. Organizations need to consider new approaches to battling malware. One such approach called application whitelisting has been around for a while, but only now gaining momentum. Is whitelisting just another passing fad or a solution to this ever growing problem? Join us as we attempt to answer this question. http://www.sans.org/reading_room/whitepapers/application/application-whitelisting-panacea-propaganda_33599 Sun, 28 Aug 2011 12:52:30 GMT http://www.oobergeek.com/application-security/application-whitelisting-panacea-or-propaganda-5-thread.html This whitepaper will summarize how mobile devices relate to Sarbanes-Oxley, California SB 1386 and Gramm-Leach-Bliley. It will also detail why compliance strategies MUST include control and protection of mobile devices, and describe how CREDANT encryption management solutions are uniquely capable of addressing mobile security compliance issues for organizations such as yours. http://www.credant.com/docs/CRE00563-Compliance%20White%20Paper.pdf Wed, 24 Aug 2011 19:54:50 GMT http://www.oobergeek.com/laws-and-regulations/sox-glba-sb-and-mobile-devices-4-thread.html The migration to SIP-powered IP telephony has taken the world’s businesses by storm as it paves the way toward the new world of Unified Communications. Have you joined the crowd? If you have been contemplating moving towards IP- based telephony supported by such services as SIP trunking, perhaps now is the ideal time to make the leap. http://www.patton.com/whitepapers/sip_trunking_white_paper.pdf Wed, 24 Aug 2011 19:53:00 GMT http://www.oobergeek.com/voip/sip/sip-trunking-ip-telephony-for-the-enterprise-3-thread.html The information within electronic documents faces a bombardment of risk and compliance challenges from every direction. IT security has been in reactive mode, tightening down access using enterprise rights management, perimeter security, laptop encryption, but has not addressed the issue of how information is used outside the enterprise. http://www.brainloop.com/fileadmin/assets/PDFs/White_Papers/brainloop_white_paper_managing_information_risk.pdf Wed, 24 Aug 2011 19:45:00 GMT http://www.oobergeek.com/laws-and-regulations/why-corporate-compliance-and-it-security-must-join-2-thread.html Technology and capability is forever changing and the defenses employed to mitigate and restrict vulnerabilities opened up by these advances must also. Coupled alongside this though attackers are agile, changing their targets and vectors alike to take into account such changes. Stuxnet was detected potentially a full year after having initially been released, with hindsight potential changes to the code base could have extended this period or for that matter prolonged its life whilst the Incident response process was ongoing. http://www.vulnerabilityassessment.co.uk/education/whitepaper.pdf Wed, 24 Aug 2011 17:25:52 GMT http://www.oobergeek.com/exploits/a-survey-of-usb-exploit-mechanisms-1-thread.html