Cisco recently announced the expansion of TrustSec to help create identity secured networks.

Open source antivirus comes to the Windows desktop with a little help from a new cloud backend to accelerate security.

At RSA, IBM announces it will expand its security portfolio with new static code analysis and secure Web services.

Making sites go faster isn't enough for Citrix. Now it wants to make site delivery both faster and more secure.

The Internet's hallmark for trusted sites rolls out a new mark signifying that a site is free from malware, aimed at sites that don't require SSL.

3Com announced Monday a trio of new products including a new switching platform and a pair new security initiatives from its TippingPoint security division.

HP and Fortify have joined forces to combine the benefits of dynamic and static code analysis to better detect and repair vulnerabilities in software.

Technology built into routers from 15 vendors could enable an attacker to wiretap anyone, but there are fixes to be had.

On the mobile client side, Junos Pulse leverages Juniper's SSL-VPN technology for use on wireless devices. SSL-VPNs provide secure VPN tunnels using SSL encryption.

Mozilla offers Firefox 3.0.18 and 3.5.8 patches for a trio of critical security vulnerabilities that Mozilla fixed a month ago for Firefox 3.6 users.

Yet another commercial tool integrates open source metasploit for security testing – is this a good thing?

The Firefox developer revealed it had mistakenly identified an add-on to its popular browser as malware. Version 4.0 of the Sothink Video Downloader does not contain a Trojan.

Chrome 4 gets its first security fixes--three of them rated as "high" in importance. But it's not all bad news.

With potentially thousands of users hit by a Trojan posted on addons.mozilla.org, Mozilla is advising Windows users to run an antivirus scan.

Old flaws with new attack vectors re-emerge for IE on Windows XP, but there is help for users.

Report finds the majority of financial Web site customers reuse the same logins elsewhere, posing a potentially serious security risk.

Black Hat security researcher details flaws including XSS-like attacks -- and what Web site owners and developers can do to avoid them.

The widely deployed open source antispam engine gets its first major update in two years, with changes aimed at better tackling the problem of spam.

Yet another flaw is found in technology aimed at fixing DNS's own flaws. Should we worry?

Mac users get Flash, audio, and printing updates for some very serious security issues.

First Oracle critical patch update of the year shows that databases are still very much at risk in 2010, though more so on Windows than on Linux.

On the enterprise IT side, network and security software has been hit with some unexpected Y2K10-related glitches.

Big Blue integrates static analysis into Rational following the acquisition of Ounce Labs.

Intel patches for a critical flaw that could have made trusted execution less than trustworthy.

New version of open source browser tackles memory corruption and spoofing issues.

New attack on Adobe products is out in the wild and there is no patch.

Thought that just an IPS was enough? Nope -- Akamai says you need a WAF, and the CDN giant thinks it has just the solution.