Sort results by: Published date | Company name
Showing items 1-25

Breach Preparation: Plan for the Inevitability of Compromise eGuide [ Source: Bit9 ]

January 2015- You can't open a newspaper or visit an online news site these days without some mention of a cyber-attack or data breach. These activities are becoming more prevalent, and as a result, the reporting of these activities is also on the rise. Bit9 + Carbon Black reached out to a series of experts to collect their thoughts and advice on dealing with data security incidents or breaches, which included:

Designing a Continuous Response Architecture eGuide [ Source: Bit9 ]

October 2014- Businesses need to view security as a process and leverage solutions that can proactively collect data, apply aggregated threat intelligence, reduce the cost and complexity of incident response and evolve, adapt and learn from your investigation.

This eGuide will cover how a continuous approach to response can resolve these challenges and put your organization in a better security posture by proactively preparing for a breach.

How to Stop Social Media Hacks [ Source: Proofpoint ]

February 2015- A how to guide describing the key steps that organizations should take to prevent their social media accounts from being hacked.

Trend Advisor: Hacking Crisis Highlights 'Crypto Chaos' [ Source: Certes ]

January 2015- IT departments were battered by a cyber security perfect storm in 2014. While the security community was still rolling in the wake of the Target breach in late 2013, the continuing parade of breaches in 2014 cast a harsh light on inadequate security architectures and poorly implemented security practices.

Securing Enterprise Applications [ Source: Onapsis ]

November 2014- Business-critical platforms such as SAP and Oracle have been in place for more than a decade, however a majority of firms using these applications currently have gaps in their security program. There are many reasons for these security gaps ranging from a reliance on generic security tools, to IT teams lacking complete understanding of how application platforms work.

Implementing SAP Security Solutions [ Source: Onapsis ]

January 2015- Gaps in security practices of business-critical applications running on SAP are causing organizations to rethink their current approach and embrace a new strategy.

Analysis of Cybercrime Infrastructure [ Source: Proofpoint ]

January 2015- Proofpoint security researchers have published an analysis that exposes the inner workings of a cybercrime operation targeting online banking credentials for banks in the United States and Europe. This Proofpoint research report provides a detailed and rarely seen inside view of the infrastructure, tools and techniques that enabled this cybercrime group to infect over 500,000 PCs.

Key facts from the Proofpoint analysis:
• Qbot (aka Qakbot) botnet of 500,000 infected systems sniffed “conversations&...

The Failure of Cloud Information Governance: A Global Data Security Study [ Source: SafeNet ]

January 2015- As technology evolves, more and more organizations are moving applications and data to the cloud. Although cloud solutions can save money and improve accessibility for remote users, it can also leave your sensitive data vulnerable to new security threats. With the lack of governance policies and security practices for the transition to cloud computing, it is important to consider how this move can affect your organization’s security. Ponemon Institute conducted a survey sponsored ...

Sleeping Through the Alarm: What Breaches Should be Telling Us, and Why the Message is Missed [ Source: SafeNet ]

January 2015- Security professionals are living in a time of rapid and fundamental change. Computing and delivery models, user platforms and devices, and security threats have changed radically in recent years. However, in many ways, the security technologies and approaches employed by many organizations have remained relatively static, sometimes leading to disastrous results. To gain a picture of how organizations are contending with the changing technology and security landscape, SafeNet undertook an extensive survey.

This ...

Authentication Best Practices: Put Control Where It Belongs [ Source: SafeNet ]

January 2015- A significant number of high profile security breaches have occurred recently, bringing the organizations affected to the front pages of the business press. These events have had a negative impact on the public image of these companies, and may also have had a negative impact on their business. Due to these incidents, CIOs of many organizations have had to re-evaluate their info-security strategy in general, while also placing specific focus on their user authentication and ...

Secure the Breach Manifesto [ Source: SafeNet ]

January 2015- As hackers continue to successfully conduct large-scale attacks against financial services, retail and entertainment companies, organizations must rethink their security strategy. No longer are network firewalls and other perimeter “breach-prevention” technologies good enough. Many enterprises today rely on these technologies as the foundation for their data security strategy and unfortunately there is no fool-proof way to prevent a breach from occurring. This paper outlines SafeNet’s 3 step approach to help your company accept the ...

Threat Intelligence Defined [ Source: Solutionary ]

January 2015- The entire security industry has focused in on the newest buzzwords: Threat Intelligence. The term is so broadly used the definition of "intelligence" is sometimes lost. Some services are simply offering access to minimally analyzed (or even raw) data. Learn how to tell what "intelligence" really means and how to differentiate the offerings in this Solutionary white paper.

Top-Down Security and the Security Life Cycle [ Source: Solutionary ]

December 2014- Security is a necessary component in the corporate digital infrastructure. Unfortunately, rallying support behind security initiatives is often easier said than done. By improving mutual understanding of management and analyst perspectives, IT security professionals and non-technical managers can define a smoother process to develop and improve the organization's security infrastructure.

Malware Detection with Network Monitoring: Not Quite Enough [ Source: Solutionary ]

September 2014- When IT professionals think about information security, they often think about network intrusion detection systems (IDS) and intrusion protection systems (IPS) early in the process. Network IDS/IPS has long been a mainstay for detecting malicious activity and continues to be a very important piece of the security puzzle. Unfortunately for security professionals, that puzzle continues to evolve and becomes increasingly large and complex.

Office 365 - Strong Authentication and SSO for the Cloud-based suite [ Source: SecureAuth ]

January 2015- To ensure secure access control for Office 365 organizations need to rely on more than just a username and password. In this whitepaper we discuss the requirements for achieving secure access control for Office 365. We'll explore how SecureAuth IdP can solve these many challenges with one solution that provides both two-factor authentication and single-sign on capabilities that easily integrate with your existing infrastructure and Office 365.

What is an Identity Provider (IdP) and Why Do I Need one? [ Source: SecureAuth ]

January 2015- To address today's security risks and to embrace new technology trends such as cloud, mobility and SaaS, enterprises must rethink how they handle their employees' identities. IT organizations should leverage these standards to improve their security posture by becoming an Identity Provider (IdP). This paper will discuss the reasons enterprises should become an IdP, what it involves and how automation of the IdP process can bring big benefits.

Preventing Attackers from Getting What They Want: A Case for Context-Based Authentication [ Source: SecureAuth ]

January 2015- This whitepaper explores the anatomy of an attack - how attackers gain a foothold and move laterally inside your organization to achieve their goal of stealing valuable information. Then we'll look inside the belief that preventative measures inevitably fail and how you can prepare. Next we'll look at how two-factor authentication can help - and why traditional two-factor alone may be insufficient. We'll explore a powerful strategy that can supplement two-factor authentication: context-based authentication.

Enterprise Security & the Mainframe: A Holistic Approach [ Source: CA Technologies ]

January 2015- Ten years ago security breaches were mostly widespread nuisances perpetrated by young script kiddies out for notoriety. Today, they are targeted, sophisticated, and highly damaging. Most are perpetrated by well-funded elements of organized crime, foreign governments, and terrorist groups out for money and a competitive edge. Newer advanced persistent threats (APT's) can penetrate a single victim's network and secretly remain there for months or years, stealing large volumes of valuable proprietary or private customer information.

Can Your Organization Brave the New World of Advanced Cyber Attacks? [ Source: WEBSENSE, INC. ]

January 2015- Protect your critical data from criminal intent outside your organization, as well as from insiders that may put your information assets at risk. Many security solutions are overly dependent on 'technology' alone. A critical weak link has always been the end user. Whether by accident or malicious intent, companies need to protect themselves from employees who will inevitably make profound errors of judgment. They need a solution that provides real-time feedback to educate and motivate ...

Why Your Next Generation Firewall Protection Isn't Enough [ Source: Webroot ]

November 2014- Enterprise security organizations face a daily onslaught of external attacks. According to a recent survey by IBM X-Force and Verizon's 2014 Data Breach Report, 92% of attacks being perpetrated are by outsiders. Because of this, organizations have to focus on how these attacks successfully penetrate their network perimeter security defenses. Many organizations have invested in next generation firewalls (NGFWs) to protect them from network-based attacks.

Detect and Investigate Malicious IP Activities in SIEM with Predictive Threat Intelligence [ Source: Webroot ]

October 2014- Malicious IPs are a new and growing problem for enterprises. To effectively defend against these malicious IPs, enterprises need to augment their SIEM solutions with real-time predictive threat Intelligence so they can detect attacks from unknown IPs as early as possible and respond to them before they lead to more severe incidents and costly breaches.

A Smarter Solution to Malware Prevention [ Source: Webroot ]

November 2014- Traditional endpoint security has failed to keep up with today's threats and is exposing organizations to unacceptable levels of risk. It's time for smarter, next-generation malware prevention to replace or supplement traditional defenses. New approaches to malware can wrest back control and give security administrators greater visibility and control over their endpoints at a lower cost than traditional solutions. This paper looks at the endpoint threats organizations are facing, the means to combat those threats, ...

Group Encryption Whitepaper [ Source: Certes ]

December 2014- Protecting data in motion has become a high priority for a growing number of companies. As more companies face the real and growing threat of data theft, along with increased regulatory pressure to protect their data, encryption of data in motion has gone from a "nice to have" technology to a critical budgeted project. However, companies that have deployed IPsec VPNs across their network have discovered that while encryption is a great mode of data ...

Spiceworks Survey: Crypto Chaos - Data Traffic Security is a Mess [ Source: Certes ]

December 2014- Poor network security and inadequate traffic segmentation were chief causes of data breaches in 2013 and 2014, compromising billions of data records costing corporate hacking victims, banks, retailers and credit card issuers billions of dollars to clean up.

In November 2014, Certes Networks worked with Spiceworks and its community of more than 6 million IT professionals to discover how companies across the globe handle data in motion and other IT security issues. The results made one ...

The CryptoFlow Manifesto [ Source: Certes ]

December 2014- Over half a billion data records have been stolen from enterprises and governments around the world in the last 12 months. And those are just the data breaches we know about.

In every one of the high-profile documented data breaches, the hackers took advantage of poorly protected networked applications to steal sensitive information.

They bypassed firewalls. They hopped network segmentation controls. They implanted malware that sent data to unauthorized locations. They exploited ...

Anatomy of a Cyber-attack [ Source: Dell ]

December 2014- You need to understand the enemy before you can defeat them. As the number and severity of cyber-crimes continues to grow, it's important to understand the steps cyber-criminals take to attack your network, the types of malware they use, and the tools you need to stop them. The basic steps of a cyber attack include reconnaissance (finding vulnerabilities); intrusion (actual penetration of the network); malware insertion (secretly leaving code behind); and cleanup (covering tracks). Malware ...

Next 25