• Dear CSO, do you know how to build security culture?
• How to secure a company’s Chinese development center?
• The state of web application security in numbers
• Web application exploitation with broken authentication and path traversal

• Becoming a computer forensic examiner
• UEFI secure boot: Next generation booting or a controversial debate
• How to detect malicious network behavior
• What startups can learn from enterprise level data security tactics

• Becoming a malware analyst
• Five questions for Microsoft’s Chief Privacy Officer
• Application security testing for AJAX and JSON
• Penetrating and achieving persistence in highly secured networks

• What makes security awareness training successful?
• Five questions for Microsoft’s Worldwide Chief Security Advisor
• Computer forensic examiners are from Mars, attorneys are from Venus

• Administrative scripting with Nmap
• Information security in Europe with ENISA Executive Director Prof. Udo Helmbrecht
• Unintended, malicious and evil applications of augmented reality
• The enemy at the gate

• Fitness as a model for security
• Security and migrating to the cloud: Is it all doom and gloom?
• Solid state drives: Forensic preservation issues
• Introduction to Android malware analysis

Special issue focused on RSA Conference US 2012.

• Securing Android: Think outside the box
• Interview with Joe Sullivan, CSO at Facebook
• White hat shellcode: Not for exploits
• Using mobile device management for risk mitigation in a heterogeneous environment
• Metasploit: The future of penetration testing with HD Moore
• Using and extending the Vega open source web security platform
• Next-generation policies: Managing the human factor in security

• 7 questions you always wanted to ask a professional vulnerability researcher
• Insights on drive-by browser history stealing
• PacketFence: Because NAC doesn’t have to be hard!
• Information security and the threat landscape with Raj Samani

• The changing face of hacking
• The need for foundational controls in cloud computing
• A new approach to data centric security

• Microsoft’s Enhanced Mitigation Experience Toolkitup?
• Transaction monitoring as an issuer fraud risk management technique in the banking up?

card payment systemup?

• IPv6: Saviour and threatup?
• The hard truth about mobile application security: Separating hype from realityup?

• Virtual machines: Added planning to the forensic acquisition process
• Financial Trojans: Following the money
• Mobile encryption: The new frontier