Utilizing Apani EpiForce as a Mitigating Control for PCI/CISP Compliance
[ Source: Apani ]
June 2008-
A recent survey of 231 large merchants by Visa USA indicates that 83% have still not achieved compliance, even though the date to become PCI compliant has now passed. The major reason so few large organizations have been able to achieve PCI compliance is because the scope of the regulation is so encompassing.
This whitepaper identifies ways of using new technologies as a mitigating control for PCI-DSS compliance and to solve the issue of ....
Anonymous Proxy: A Growing Trend in Internet Abuse, and How to Defeat it
[ Source: Bloxx, Inc. ]
October 2008-
Anonymous proxies are an unseen threat - a student's or employee's backdoor to malicious or productivity-sapping sites on the Internet. If your URL filtering solution relies on the old-school URL database/keyword approach, your ship is leaking and you may not see the holes.
With hundreds of new proxy sites created each day, traditional URL filtering just can't keep up, even when supplemented by standard keyword analysis. What follows is a primer on ....
Trends in Information Security: A CompTIA Analysis of IT Security and the Workforce
[ Source: CompTIA ]
September 2008-
As global trends of workforce mobility and decentralization put a greater strain on IT security infrastructure, it is becoming increasingly more complex for corporate IT departments to safeguard information. More than ever before, firms are using diverse devices to exchange information faster and over longer distances, and the growing use of technologies supporting this trend - such as handheld devices or voice over IP – gives rise to new risks. As a result, corporate IT ....
Unraveling Web Malware
[ Source: FireEye ]
September 2009-
There has been a rapid rise in the use of web blended threats to exploit client browsers and operating systems. These can lead to infection by bots which can be controlled remotely. Eleven percent of the world’s computers are enmeshed in at least one botnet and 72% of corporate networks with more than 100 computers have an infection.
Obfuscated code and encrypted exploits are increasing in prevalence. The point of these exploits is to ....
Protecting Data from the Cyber Theft Pandemic
[ Source: FireEye ]
September 2009-
Malware-related data breaches have reached pandemic proportions as criminals discover that Internet crime is easy to commit, highly lucrative, and largely under-policed. With a few hundred dollars, a cyber criminal can begin a career of breaking into computers to steal identity and confidential data for sale to the highest bidder. The cyber crime economy is so robust that there is a vibrant market for professional malware toolkits available for $500 to $1,000 that come pre-configured ....
Web Application Security Testing
[ Source: GamaSec ]
March 2008-
The need to provide web security and defend web applications from hackers due to software and hardware vulnerabilities requires remote an online web vulnerability-assessment service to combat maximum vulnerabilities. The risks must be continually updated and the tests tailor-made to provide optimal solutions.
Website Security Tests Protect Against Application Vulnerabilities
[ Source: GamaSec GamaScan Website Security Scan ]
May 2008-
Small and medium-sized enterprises (SMBs) can protect websites against application vulnerabilities with simple, easy-to-use, and affordable service. Firewall, Intrusion prevention and Detection System (IDS/IPS) are not enough to protect your Website against today's application vulnerabilities.
Knowledge-based Authentication Is Not Enough
[ Source: Global Crypto ]
February 2009-
Everyday millions of consumers login to financial institutions, brokerage accounts, trading platforms and other web sites using Knowledge Based Authentication (KBA) solutions. Typically these solutions ask users to respond to questions selected by the user during the web site’s initial enrollment process.
The assumption is only that particular user knows the correct answer to these common questions. But the reality is these solutions tend to create user confusion and do little to protect ....
Ten Ways Hackers Breach Security
[ Source: Global Knowledge ]
February 2007-
Hacking, cracking, and cyber crimes are hot topics these days and will continue to be for the foreseeable future. However, there are steps you can take to reduce your organization's threat level. The first step is to understand what risks, threats, and vulnerabilities currently exist in your environment. The second step is to learn as much as possible about the problems so you can formulate a solid response. The third step is to intelligently deploy ....
Risk Management: Bridging Policies and Procedures - Fundamental Security Concepts
[ Source: Global Knowledge ]
October 2008-
One thing that security professionals know is that security is about processes, not about the technology. The key to security is to match the technology to the process, but you have to know the process first. Policies and procedures are the requirements, and risk management is the bridge between the two. Collectively, they are the road maps that lead to effective and efficient security designs. This white paper covers the basics of risk management in ....