The new scoring system promises to make it easier for security managers and the IT industry to better measure the real-world risks associated with software flaws.

Webster defines security as, the quality or state of being free from risk of loss and that measures [are] taken to guard against espionage or sabotage, crime, attack or escape.

IT security has the potential to impact a business at every level. Few other business areas, if any, have the potential to damage customer relations, disrupt supplier dealings, lower employee productivity, lose revenue and even lead to the arrest of the CEO.

Buffer overflows have long been a primary vector of attack against computer systems — and the rise of local buffer overflow vulnerabilities and zero-day attacks makes it a problem that's likely to grow more troublesome.

SaaS is no longer just about CRM — more security vendors are revamping their applications to be delivered as services over the web. SaaS is coming to the security market in a big way. And this trend promises to save organizations time and some of what they spend on security gear, and free more resources to actually secure systems.

The concept of malware morphing is not new. For years, malware authors and anti-virus researchers have documented and classified the methods used to obfuscate and hide malware code with each infection.

Due to the interactive nature and required access to exploit, local privilege escalation vulnerabilities have traditionally been thought to have a minimal impact on the strategies enterprise IT departments incorporate to protect networks when compared to other code execution vulnerabilities.

Hot: It's one of the primary methods that malicious hackers use to find new application and operating system vulnerabilities. And it's also a powerful tool that professionals use to analyze the security strength of their applications. We're talking about reverse code engineering.

On-demand security services, or "in the cloud" services, refer to security technology that is managed from a central location and delivered over the Internet, eliminating the need for small to medium sized businesses (SMBs) to deal with the high costs of hardware deployment, software upkeep and future scalability.

Last months race between a group of security researchers who promised to disclose, every day, a newfound vulnerability in the Apple OS X platform, and an opposing group, led by a former Apple employee, to independently plug those security flaws, has sparked new debate around the validity of third-party security patches.