Friday, September 2, 2011

Download Free Hacking & Security Foundstone White Papers

Organizations must protect their most valuable digital assets in an intelligent, measurable way. For this reason, Foundstone’s network security experts offer intelligent strategies that simplify security while fortifying the enterprise.

Foundstone white papers clarify the complex world of digital security and demonstrate how organizations can proactively monitor, manage and mitigate risk.

Download Foundstone white papers on a range of vital security issues and market trends.


TitleDescriptionDownload
.NET White Paper
Overview of the security architecture of Microsoft’s .NET Framework.
Download Now
.NETMon™ White Paper
.NETMon monitors the .NET common language runtime enabling detailed analysis of how the .NET framework enforces security controls.
Download Now
2007 Top 10 Malicious Code Trends
Details the trends that were observed in the evolution of malicious code over the course of 2007
Download Now
802.11 Attacks
Provides a step by step walkthrough of popular wireless attacks
Download Now
AJAX Security White Paper
Check out our Presentation on Ajax Security from the Rich Web Experience.
Download Now
ASP.NET Forms Authentication
This article describes limitations of the FormsAuthentication.SignOut method, and provides more information about how to ease cookie reply attacks when a forms authentication cookie may have been obtained by an malicious user.
Download Now
AJAX Storage White Paper
A look at AJAX applications using Flash "cookies" (shared objects) and Internet Explorer User-Data Persistence to store data out side of the standard browser cache.
Download Now
CookieDigger™ White Paper
CookieDigger helps identify weak cookie generation and insecure implementations of session management by web applications.
Download Now
Corporate Incident Response Plan White Paper
Whether your company needs to comply with new legislation, defend against financial loss, protect its corporate reputation - or a combination of the three - it is crucial that you have a comprehensive incident response plan.
Download Now
Data Loss Prevention Program
Safeguarding Intellectual Property
Download Now
Foundstone SSLDigger™ - The Need for Strong SSL Ciphers
SSLDigger is a tool to assess the strength of SSL servers by testing the ciphers supported. Some of these ciphers are known to be insecure.
Download Now
Foundstone Hacme Books User Guide
The Hacme Books application simulates a ‘real-world’ eCommerce bookstore and was built with known and common vulnerabilities to teach application developers, programmers, architects and security professionals how to create secure Java software.
Download Now
Foundstone SiteDigger™ 2.0 - Identifying Information Leakage Using Search Engines
Learn how to use search engines and Foundstone SiteDigger to identify accidental exposure of confidential information including financial records, passwords, and personal information via your Web site.
Download Now
Foundstone Hacme Bank™ User and Solution Guide
User and Solution Guide for Foundstone's Hacme Bank security application training tool.
Download Now
Got Citrix? Hack It! Presentation
Presentation deck used by Shanit Gupta at Shmoocon 2008
Download Now
Hacking the Kiosk: Managing the Risk of Public Information Systems
Find out how to identify threats and uncover common vulnerabilities in kiosks
Download Now
How Virtualization Affects PCI DSS
Part 1: Mapping PCI Requirements and Virtualization
Download Now
How Virtualization Affects PCI DSS
Part 2: Review of the Top 5 Issues
Download Now
IIS Lockdown and URLScan
Foundstone Review of Microsoft's IIS Lockdown and URLScan tools.
Download Now
Insecure Trends in Web Technologies
A Review of Insecure Implementations of Rich Internet Applications
Download Now
ISA Server SP1 Audit White Paper
Provides an overview of a security assessment conducted by Foundstone of Microsoft’s ISA Server 2000 after the addition of the Service Pack 1 (SP1).
Download Now
Java Client Side Application Basics: Decompiling, Recompiling and Signing
Java Web Start is a mechanism for program delivery through a web server. These programs are initiated by the client’s web browser, deployed, and ultimately executed independently on the system.
Download Now
Key Components of a Risk-Based Security Plan
How to Create a Plan That Works
Download Now
Managing a Malware Outbreak
Sality - A Case Study
Download Now
Microsoft System Architecture 2.0
Foundstone Security Review of Microsoft Systems Architecture 2.0 (MSA 2.0).
Download Now
Microsoft/Foundstone IP SEC
Using Microsoft Windows IPSec to Help Secure an Internal Corporate Network Server.
Download Now
Mobile Application Security Testing
Methodology, tools and techniques for testing mobile applications.
Download Now
Passive Host Characterization Presentation
Matthew Wollenweber Presentation at ShmooCon 2008
Download Now
Remote Forensics System White Paper
The Remote Forensics System application facilitates data acquisition, storage, and analysis in a forensically sound and efficient manner. The application was created by graduate students at Carnegie Mellon University in collaboration with Foundstone. The software is also available for download.
Download Now
Securely Registering Applications
Learn how to securely register applications that are automatically initiated. Intro to Foundstone free tool - DIRE
Download Now
SecureUML
Describes the SecureUML Visio template which is a custom Unified Modeling Language (UML) dialect to help system architects build roles based access control systems (RBAC).
Download Now
Security Training – Why It Benefits Your Organization and How to Make Your Case to Management
This whitepaper explores the reasons why you should invest in Information Security training, and how to present a case to company management.
Download Now
Socket Hijacking
Discusses the socket hijacking vulnerability, the impact of the vulnerability and what it takes to successfully exploit the vulnerability
Download Now
Software Security: Going Beyond the Development Phase
Find out why securing software from the start is important
Download now
Validator.NET™
Validator.NET enables developers to programmatically determine user input locations that could be potentially exploited by hackers and provides proactive steps to build data validation routines which are loaded into a protection module.
Download Now
Virtualization and Risk
Virtualization and Risk - Key Security Considerations for your Enterprise Architecture
Download Now
Wireless Intrusion Detection System
This paper presents an overview of the Whiff Intrusion Detection System, which was developed during the summer and fall of 2002 by a team of graduate students majoring in Information Security and Assurance at Carnegie Mellon University.
Download Now
Writing Effective Policies Part 1: Dissecting an Email Use Policy
The goal of this whitepaper is to outline the characteristics of an effective policy and explain clearly how to write an effective policy by showing both correct and incorrect examples.
Download Now

No comments:

Post a Comment