Best Practice Log Management: Correlation is Key [ Source: CorreLog ]
October 2011- Today, collecting email data is a necessity for compliance standards, forensic analysis and managing end-user performance and availability. But making sense of the data is a challenge within itself. Collecting the data is only part of the equation and research and many shops are turning towards correlation which helps bring meaning to the massive amount of data collected. This white paper explains how to establish a systematic approach to identifying relationships (correlating!) between log data ...

Unraveling Web Malware [ Source: FireEye ]
September 2009- There has been a rapid rise in the use of web blended threats to exploit client browsers and operating systems. These can lead to infection by bots which can be controlled remotely. Eleven percent of the world’s computers are enmeshed in at least one botnet and 72% of corporate networks with more than 100 computers have an infection.

Obfuscated code and encrypted exploits are increasing in prevalence. The point of these exploits is to ...

IronPort 2008 Internet Malware Trends Report [ Source: IronPort Systems ]
November 2008- In 2007, Storm burst onto the scene and rapidly spread. A new form of malware that propagated using a combination of email and websites, it proved extraordinarily sophisticated. Storm and newer malware botnets that build on Storm’s strengths continue to affect and threaten Internet communication. To help explain the spread of Storm and current and future threats posed by similar malware, this report offers an examination of Storm and its history.

Secure Desktop Solution: A Modern-Day Marriage of Business Benefit and Risk Reduction [ Source: Novell ]
May 2008- Traditional security is no longer good enough because complexity is increasing significantly. Traditional IT security was formerly provided by firewalls, antivirus solutions, and other security products. Such measures worked fine when security was defined around known threats and well-defined perimeter defenses. Now, a comprehensive security strategy must deal with the increased vulnerability of mobile assets and a threat environment that is smarter and more aggressive, organized, focused, and profit oriented. Download this white paper to ...

The Web Hacking Incidents Database 2008: Annual Report [ Source: Breach Security ]
March 2009- The much anticipated Breach Security Lab’s Web Hacking Incidents Database (WHID) 2008 Annual Report is ready for download. The WHID project is dedicated to maintaining a record of web application-related security incidents. The WHID’s purpose is to serve as a tool for raising awareness of web application security problems and provide information for statistical analysis of web application security incidents. This year the report findings prove that no company or market sector is immune ...

The State of DDoS Protection: Organizations Remain Unprepared for DDoS Attacks [ Source: Neustar ]
December 2012- Distributed denial-of-service (DDoS) attacks continue to grow in size, complexity and danger. Witness the recent wave of attacks on major U.S. banks, which knocked websites offline, angered customers and took a grave toll on brand reputations. The lessons of those attacks echo the findings of this report: Previously successful DDoS mitigation solutions no longer work.

UBM Tech conducted research with IT professionals who have suffered DDoS attacks. The drastic changes in attack ...

Tolly Report: Anti-Virus Performance in VMWare ESX Virtual Environments [ Source: Symantec ]
October 2012- Symantec Corp. commissioned Tolly to benchmark the performance of its new Symantec Endpoint Protection (SEP) 12.1 within VMware ESXi 5 virtual environments vs. Trend Micro Deep Security 8. Specifically, this testing focused on the system resource requirements of each solution when performing on-demand and on-access scanning, and during distributed virus definition update

Cybersecurity in Action [ Source: Guidance Software ]
October 2012- 4 Days, 465 Systems, 3 continents

The Zeus Trojan virus was destructive enough, but the tech media are constantly alerting us to evolving threats to every industry. The good news is that you can transform the way your organization exposes, analyzes, and respond to advanced endpoint threats and errant sensitive data.

Here are seven quick case studies to prove it. Download these real-world examples of how customers in industries such as financial services, hospitality, ...

How Three Cyber Threats Transform the Role of Incident Response [ Source: Guidance Software ]
October 2012- “The theft began with an instant message sent to a Google employee in China who was using Microsoft’s Messenger program… Ultimately, the intruders were able to gain control of a software repository used by the development team.” - New York Times - Cyberattack on Google Said to Hit Password System

While we still use many of the same old names - viruses, Trojans, and worms - today’s malware enables potent multistage ...

The 5 Key Benefits of Application Control and How to Achieve Them [ Source: Sourcefire ]
September 2012- Employees feel more empowered than ever to use any application they believe will help them do their job. And attackers are taking advantage of the sheer volume of applications, the Bring-Your-Own-Device (BYOD) trend, social media and other opportunities to glean information and penetrate networks.

How do you encourage productivity and minimize risks?

Application control is key.

Read "The Five Key Benefits of Application Control and How to Achieve Them," ...