Security
(567)- Antivirus (27)
- Application Security (52)
- Attacks/Breaches (43)
- Cyberterror (8)
- Encryption (40)
- End User/Client Security (42)
- Government/Vertical Industries (44)
- Intrusion Prevention (67)
- NAC (21)
- Perimeter Security (53)
- Privacy (20)
- Security Administration (125)
- Storage Security (54)
- Vulnerabilities and Threats (170)
The Virtual Safe: A User-Focused Approach to Data Encryption
[ Source: Steganos ]
March 2008-The personal computer has never been more personal. We routinely trust it with private correspondence, diary entries, emails, all sorts of addresses, the household budget and holiday photographs. We use it to shop, seek health advice, and manage our savings, while the more creative among us use it to write poetry, compose music or paint pictures. It could be said that our hard drive provides a unique portrait of our most private personal lives. And ....
99% of Companies Use Antivirus Software 78% of Them Were Hit by Viruses, Worms, Etc.
[ Source: Websense ]
January 2008-The employee computing environment has changed dramatically over time, offering access to rich content and tempting new applications on the internet. This recent evolution has given organizations an idea to deal with even more security risks than ever before. Websense software helps organizations address web security concerns in the most effective manner. Websense blocks employee access to malicious websites and spyware backchannel communication, by managing security risks from non-HTTP protocols such as peer-to-peer file sharing ....
How to Scope Your Enterprise CMDB Project Successfully: Big Vision, Baby Steps
[ Source: Enterprise Management Associates ]
July 2008-Setting realistic expectations, managing project scope, and delivering timely value are challenges that cause over 50% of CMDB projects to fail. Understanding the detailed requirements for your CMDB project, which set scope and drive the project timeline, is the cornerstone of successful implementation. Learn about techniques used by some of the largest companies in the world to overcome "analysis paralysis" and move forward with their CMDB initiatives. Find out first-hand how to create a requirements ....
Transforming Information Security to Information Risk Management
[ Source: Getronics ]
July 2008-Why is security so difficult? Adversaries have fewer rules and more resources than most defenders. Today, security focuses on technology, and compliance is driving many security decisions. A risk management program headed by a chief risk officer, can bring a structured, organized approach to your companyýs security. It provides feedback loops and checks-and-balance capabilities, ensures appropriate communication and collaboration between risk program and organization, and guarantees that a member from risk management is represented in ....
PDF Security: Passwords, Access Control, and DRM
[ Source: LockLizard ]
March 2008-This paper covers the development of PDF security from simple password mechanisms to access controls and DRM. It discusses lifecycle management, PKI, third party systems and standards. The background of the PDF format is covered and how backwards compatibility has hindered the development of security going forwards.
Sophos Security Threat Report: Mid-Year Update
[ Source: Sophos ]
July 2008-Hackers attack businesses, blogs and Web 2.0 sites... The latest Security Threat Report from Sophos gives you a comprehensive insight into the very latest methods being used by cybercriminals to try to out-fox traditional security systems. Download a copy and benefit from the expert analysis and opinion that will help you stay ahead of today’s increasingly covert threats.
e-Government: Five Key Challenges For Management
[ Source: Copenhagen Business School ]
January 2008-This paper published by Copenhagen Business School describes that e-Government holds the potential to facilitate the complementary use of information systems in government comprising both operational and strategic use. This paper argues that if this metamorphosis is to occur, managers are facing five key strategic challenges: Assessing the demand paradox of e-government, ensuring that gate-keeping mechanisms of the street-level bureaucrats are not eroding the dynamics of e-government, Use of IT to decrease the high labor ....
Real World Security for SCADA & Process Control Systems
[ Source: Progress Energy ]
July 2008-As physical and information security convergesýparticularly in transportation, utilities and national security systemsýinfosec professionals must learn more about Supervisory Control and Data Acquisition (SCADA) and process control systems. This presentation looks at how control systems work, threats particular to control systems and a case study in Progress Energy's approach to cyber security standards for the electric power industry.
Small Business DR Planning
[ Source: TechWeb TV ]
June 2008-Networks Are Our Lives Chief Scientist Howard Marks spells out 9 steps small and mid-size businesses must take to plan for disaster recovery. He urges companies to learn and understand what they have in place by taking a detailed inventory.
2008 InformationWeek Strategic Security Survey Audiobook
[ Source: InformationWeek ]
September 2008-This year, it's all about managing risk. That's the overall finding of our 2008 InformationWeek Strategic Security Study, which quizzed nearly 2,000 IT professionals about their plans and priorities for securing their companies' assets.
The Business Relevance of Security: Challenges & Solutions
[ Source: Cisco Systems ]
July 2008-
Security continues to be an area of growth as risks continue to be on the rise. Attacks are becoming more sophisticated, as botnets, spam and fraud continue to proliferate. Understand the vision and innovations in network security, content security, and application security. And, learn key solutions that address customers' business-relevant security problems such as compliance, data loss prevention, and threat management.
TriGeo Security Information Management in the Payment Card Industry
[ Source: TriGeo Network Security ]
September 2008-
Simply deploying a security solution cannot guarantee meeting every Payment Card Industry (PCI) requirement in full. This whitepaper discusses the challenges of PCI compliance and how security information and event management (SIEM) provides the data visibility, log management, end-point security and active response needed to demonstrate and meet each of the 12 PCI compliance requirements.
Selling to Zebras
[ Source: Selling to Zebras, Inc. ]
July 2008-
The new book "Selling to Zebras" shows how to close 90 percent of the business you pursue faster, more easily and more profitably. Zebra Buying Cycle is a process that targets the person who is going to buy from you -- the person with decision-making power, who conceives of and owns the business drivers, who is responsible for the promises that will get the project approved and for achieving and reporting the end results.
Does Size Matter? The security challenge of the SMB
[ Source: McAfee ]
September 2008-
Just because a business is small, doesn’t mean it’s immune to security threats. Security challenges facing Small and Medium Businesses in North America are on the rise. For businesses of all sizes, viruses, hacker intrusions, spyware and spam can lead to lost or stolen data, computer downtime, decreased productivity, compliance issues, lost sales and even loss of reputation. According to a recent survey conducted by McAfee, many small and medium sized businesses felt they ....
2008 InformationWeek Strategic Security Survey Audiobook
[ Source: InformationWeek ]
September 2008-
This year, it's all about managing risk. That's the overall finding of our 2008 InformationWeek Strategic Security Study, which quizzed nearly 2,000 IT professionals about their plans and priorities for securing their companies' assets.
A Process-based Approach to Protecting Privileged Accounts
[ Source: Symark ]
August 2008-
This paper discusses best practices for privileged account access management and privileged password management (PPM), and shows how the Symark PowerKeeper appliance creates a “defense in depth” across the IT portfolio. PowerKeeper is a secure, hardened appliance that provides both a mechanism and a “process” to ensure best practices to secure and control access to any accounts deemed “privileged” or sensitive and thus sharply reduce the likelihood of fraud or theft of proprietary data. ....
PowerBroker Demo
[ Source: Symark ]
August 2008-
Symark PowerBroker is a policy-driven, root account access control application that provides granular privileged access delegation, detailed logging and reporting, and centralized administration across heterogeneous UNIX and Linux environments. It provides UNIX and Linux security and accountability by enabling system administrators to delegate administrative privileges and authorization without disclosing the root password and to grant selective access to UNIX and Linux-based corporate resources. Administrators can create powerful and granular security policies in PowerBroker to restrict ....
2007 InformationWeek/Accenture Global Information Security Survey
[ Source: InformationWeek ]
July 2007-
With the constant threat of hackers and malicious coders, and the alarming rate of customer data breaches and identity theft, information security remains one of the highest priorities for business technology professionals around the globe. InformationWeek Research and Accenture provide you with in-depth data about security investments and practices in the 2007 Information Security Survey report. This study -- in it's tenth year -- examines the security practices and experiences of ....
New McAffee New CEO Dave DeWalt's Grand Plan
[ Source: TechWeb TV ]
June 2008-
McAfee's got worries from huge new competitors -- Cisco and Microsoft -- to stock options backdating. Here's how new CEO DeWalt plans to get past those, including a vision for the industry to go from best-of-breed to best-of-suite.
Brief overview of Sentrigo, a database security company.
[ Source: TechWeb TV ]
June 2008-
Nathan Shuchami, CEO of Sentrigo, discusses the company's database security product. After years of shoring up mostly their perimeters, companies are now focusing on securing their data, where criminals are now focusing. Sentrigo offers two tiers of products--one for small and midsize businesses, and the other for enterprises.
Trends in Information Security: A CompTIA Analysis of IT Security and the Workforce
[ Source: CompTIA ]
September 2008-
As global trends of workforce mobility and decentralization put a greater strain on IT security infrastructure, it is becoming increasingly more complex for corporate IT departments to safeguard information. More than ever before, firms are using diverse devices to exchange information faster and over longer distances, and the growing use of technologies supporting this trend - such as handheld devices or voice over IP – gives rise to new risks. As a result, corporate IT ....
Anonymous Proxy: A Growing Trend in Internet Abuse, and How to Defeat it
[ Source: Bloxx, Inc. ]
October 2008-
Anonymous proxies are an unseen threat—a student's or employee's backdoor to malicious or productivity-sapping sites on the Internet. If your URL filtering solution relies on the old-school URL database/keyword approach, your ship is leaking and you may not see the holes.
With hundreds of new proxy sites created each day, traditional URL filtering just can't keep up, even when supplemented by standard keyword analysis. What follows is a primer on the problems, ....
The Case for Security Information and Event Management (SIEM) in Proactive Network Defense
[ Source: TriGeo Network Security ]
January 2008-
It’s widely accepted that Security Information and Event Management (SIEM) systems are excellent tools for regulatory compliance, log management and analysis, trouble-shooting and forensic analysis. What’s surprising to many is that this technology can play a significant role in actively defending networks. This whitepaper explains precisely how real-time analysis, combined with in-memory correlation, and automated notification and remediation capabilities can provide unprecedented network visibility, security and control.
TriGeo Security Information Management in the Payment Card Industry
[ Source: TriGeo Network Security ]
September 2008-
Simply deploying a security solution cannot guarantee meeting every Payment Card Industry (PCI) requirement in full. This whitepaper discusses the challenges of PCI compliance and how security information and event management (SIEM) provides the data visibility, log management, end-point security and active response needed to demonstrate and meet each of the 12 PCI compliance requirements.
The Virtual Safe: A User-Focused Approach to Data Encryption
[ Source: Steganos ]
March 2008-
The personal computer has never been more personal. We routinely trust it with private correspondence, diary entries, emails, all sorts of addresses, the household budget and holiday photographs. We use it to shop, seek health advice, and manage our savings, while the more creative among us use it to write poetry, compose music or paint pictures. It could be said that our hard drive provides a unique portrait of our most private personal lives. And ....
The benefits of Integrating SIEM, Log Management, and Database Activity Monitoring
[ Source: NitroSecurity ]
September 2008-
When used together, SIEM, Log Management, and Database Monitoring provide signifiant value that is greater than the sum of its parts. The integration of these functions into a common analysis and reporting tool provides greater visibility and insight into all areas of information security, offering better detection and response capabilities.
Combining SIEM and Database Monitoring for Total Payment Card Industry Compliance
[ Source: NitroSecurity ]
September 2008-
PCI compliance involves the careful monitoring and protection of key network and data systems, especially systems involving cardholder data. Using Database Activity Monitoring (DAM) and Security Information and Event Management (SIEM) together, all twelve areas of the PCI DSS requirements can be met, simplifying compliance efforts and reducing costs.
Sophos Security Threat Report: Mid-Year Update
[ Source: Sophos ]
July 2008-
Hackers attack businesses, blogs and Web 2.0 sites... The latest Security Threat Report from Sophos gives you a comprehensive insight into the very latest methods being used by cybercriminals to try to out-fox traditional security systems. Download a copy and benefit from the expert analysis and opinion that will help you stay ahead of today’s increasingly covert threats.
NAC 2.0: A New Model For a More Secure Future
[ Source: Sophos ]
September 2008-
As organizations turn to network access control (NAC) technologies to protect their networks and data, the flaws of earlier versions of NAC are becoming apparent. New pressures from a constantly changing threat environment and an increasingly mobile workforce require a new NAC model that will offer more finely controlled network access, an increased agility of response, and a better focus on network, desktop, and security operations. This paper looks at where NAC 1.0 went wrong ....
Stopping Data Leakage: Exploiting Your Existing Security Investment
[ Source: Sophos ]
September 2008-
As attitudes to work and information continue to evolve away from those of the past, organizations are become more aware of the acute need to control the information that flows into, through and out of their networks. This paper demonstrates the need for a high-profile acceptable use policy to prevent data leakage, gives practical guidance on how to use current investments in IT security technologies at the gateway and endpoint to support this policy, and ....