Sort results by: Published date | Company name
Showing items 1-25

Breach Preparation: Plan for the Inevitability of Compromise eGuide [ Source: Bit9 ]

January 2015- You can't open a newspaper or visit an online news site these days without some mention of a cyber-attack or data breach. These activities are becoming more prevalent, and as a result, the reporting of these activities is also on the rise. Bit9 + Carbon Black reached out to a series of experts to collect their thoughts and advice on dealing with data security incidents or breaches, which included:

Designing a Continuous Response Architecture eGuide [ Source: Bit9 ]

October 2014- Businesses need to view security as a process and leverage solutions that can proactively collect data, apply aggregated threat intelligence, reduce the cost and complexity of incident response and evolve, adapt and learn from your investigation.

This eGuide will cover how a continuous approach to response can resolve these challenges and put your organization in a better security posture by proactively preparing for a breach.

Trend Advisor: Hacking Crisis Highlights 'Crypto Chaos' [ Source: Certes ]

January 2015- IT departments were battered by a cyber security perfect storm in 2014. While the security community was still rolling in the wake of the Target breach in late 2013, the continuing parade of breaches in 2014 cast a harsh light on inadequate security architectures and poorly implemented security practices.

Threat Intelligence Defined [ Source: Solutionary ]

January 2015- The entire security industry has focused in on the newest buzzwords: Threat Intelligence. The term is so broadly used the definition of "intelligence" is sometimes lost. Some services are simply offering access to minimally analyzed (or even raw) data. Learn how to tell what "intelligence" really means and how to differentiate the offerings in this Solutionary white paper.

Top-Down Security and the Security Life Cycle [ Source: Solutionary ]

December 2014- Security is a necessary component in the corporate digital infrastructure. Unfortunately, rallying support behind security initiatives is often easier said than done. By improving mutual understanding of management and analyst perspectives, IT security professionals and non-technical managers can define a smoother process to develop and improve the organization's security infrastructure.

Malware Detection with Network Monitoring: Not Quite Enough [ Source: Solutionary ]

September 2014- When IT professionals think about information security, they often think about network intrusion detection systems (IDS) and intrusion protection systems (IPS) early in the process. Network IDS/IPS has long been a mainstay for detecting malicious activity and continues to be a very important piece of the security puzzle. Unfortunately for security professionals, that puzzle continues to evolve and becomes increasingly large and complex.

Why Your Next Generation Firewall Protection Isn't Enough [ Source: Webroot ]

November 2014- Enterprise security organizations face a daily onslaught of external attacks. According to a recent survey by IBM X-Force and Verizon's 2014 Data Breach Report, 92% of attacks being perpetrated are by outsiders. Because of this, organizations have to focus on how these attacks successfully penetrate their network perimeter security defenses. Many organizations have invested in next generation firewalls (NGFWs) to protect them from network-based attacks.

Detect and Investigate Malicious IP Activities in SIEM with Predictive Threat Intelligence [ Source: Webroot ]

October 2014- Malicious IPs are a new and growing problem for enterprises. To effectively defend against these malicious IPs, enterprises need to augment their SIEM solutions with real-time predictive threat Intelligence so they can detect attacks from unknown IPs as early as possible and respond to them before they lead to more severe incidents and costly breaches.

A Smarter Solution to Malware Prevention [ Source: Webroot ]

November 2014- Traditional endpoint security has failed to keep up with today's threats and is exposing organizations to unacceptable levels of risk. It's time for smarter, next-generation malware prevention to replace or supplement traditional defenses. New approaches to malware can wrest back control and give security administrators greater visibility and control over their endpoints at a lower cost than traditional solutions. This paper looks at the endpoint threats organizations are facing, the means to combat those threats, ...

Anatomy of a Cyber-attack [ Source: Dell ]

December 2014- You need to understand the enemy before you can defeat them. As the number and severity of cyber-crimes continues to grow, it's important to understand the steps cyber-criminals take to attack your network, the types of malware they use, and the tools you need to stop them. The basic steps of a cyber attack include reconnaissance (finding vulnerabilities); intrusion (actual penetration of the network); malware insertion (secretly leaving code behind); and cleanup (covering tracks). Malware ...

Guarding the Castle [ Source: Dell ]

December 2014- This ebook details the strategies and tools that cybercriminals use to infiltrate your network and how you can stop them. Today's cybercriminals employ several complex techniques to avoid detection as they sneak quietly into corporate networks to steal intellectual property. Their threats are often encoded using multifarious complicated algorithms to evade detection by intrusion prevention systems. Once they have exploited a target, attackers will attempt to download and install malware onto the compromised system. In ...

CyberEdge: 2014 Cyberthreat Defense Report [ Source: NetIQ ]

March 2014-

As trusted experts in the field of cybersecurity, CyberEdge has provided the 2014 Cyberthreat Defense Report to demonstrate just what the current security landscape looks like. IT professionals from North America and Europe responded to a survey, and an overwhelming majority of them said their organization had been the victim of at least one attack in 2013. To mitigate that danger, organizations are expected to put more money into IT budgets in the upcoming years.

<...

Make remote vendor access more secure [ Source: ObserveIT ]

July 2014- The threat of user-based attacks has never been higher, with 76% of all breaches coming from accounts with access to sensitive data. With the exploitation of remote vendor access a huge concern, learn how to make working with your contractors more secure with this free e-Book from ObserveIT.

The future of user-based security risks [ Source: ObserveIT ]

September 2014- IT security personnel spend time protecting against external attacks, but often miss the biggest source of data breaches--user-based threats including account hijacking, stolen passwords, insiders and more. Learn more about the need for a user-centric security strategy with this free Gartner report.

Energy Companies and Financial Services Firms Vulnerable to Data-Breaching Malware [ Source: ThreatTrack Security ]

October 2014- Financial services firms and energy companies – two industries highly targeted by cybercriminals – must move quickly to address their cybersecurity deficiencies and shore up their defenses against advanced malware threats.

2014 Cost of Cyber Crime study: Global [ Source: HP ]

October 2014- Ponemon Institute has completed its fifth year studying the cost of cyber crime to businesses around the world. The 2014 Cost of Cyber Crime study taps the collective experience of 257 organizations in seven countries. It shows that cyber crime and its associated cost to businesses continue to rise. But there is good news, too. Security defenses and a strong security posture help drive down the losses.

Separate reports exist for each country, and this ...

2014 Cost of Cyber Crime study: United States [ Source: HP ]

October 2014- For the fifth year running, the United States led the world in number and cost of cyber attacks. The Ponemon Institute surveyed 59 U.S. companies, performing 544 individual interviews to assess their experience with cyber crime. The mean annualized cost for the U.S. companies surveyed was $12.7 million—up 9.3 percent from last year. There is good news, though. A strong security posture and deployment of security intelligence systems drives down the cost for many companies. ...

Using Cyber Insurance and Cybercrime Data to Limit Your Business Risk [ Source: SurfWatch Labs ]

July 2014- The market for cyber liability insurance has been around for over a decade, but only recently has it experienced a spike in demand. The variety of recent high-profile data breaches have cast light on the importance of having coverage should a cyber-attack strike a business. No business is immune to a cyber-attack, which can wreak havoc not only on the IT environment, but also on the bottom line.

Despite all of this, cyber ...

Forensic Domain Mapping: How to Reverse Engineer Domain Ownership in a Cyber Investigation [ Source: DomainTools ]

July 2014- For investigators tasked with identifying the perpetrator of online fraud, it's often the little things that can make the difference. Cyber investigators must work diligently to ferret out the smallest details in order to snare their quarry. Investigating a digital crime is not so dissimilar as investigating a crime in the 'real world'. While popular TV shows might have you believe that a single fiber found at the scene of a crime will lead directly ...

Domain Attribution: Piercing the Veil of Masked Domain Owners [ Source: DomainTools ]

July 2014- As the Internet has evolved to become a primary channel of trade and commerce, so has the sophistication of criminal organizations and other perpetrators of fraudulent schemes who take advantage of domain privacy features as a means by which to mask their true identity. Domain privacy, a controversial topic since its introduction in 2003, provides domain owners with the option to substitute the registrar's contract information for their own. While there are a variety of legitimate ...

Best Practices Guide: Using DNS Data for Threat Intelligence and Incident Forensics [ Source: DomainTools ]

July 2014- Cybercrime represents a major threat to both government and businesses, costing the economy hundreds of billions of dollars in losses every year. Often, the most challenging part for an investigator is discovering the who behind an attack. Is it a coordinated attack orchestrated by a criminal syndicate or an amateur hacker looking for a backdoor into your network? If the actual individual cannot be identified-as is too often the case-then investigators can build a Threat ...

Selecting the Right Cybercrime-Prevention Solution [ Source: IBM ]

June 2014- Financial institutions, commercial enterprises and government organizations are all prime targets for cybercrime. Malicious software, or malware, is the primary attack tool used by cybercriminals to execute account takeover attacks, steal credentials and personal information, and initiate fraudulent transactions. The attack tactics, or crime logic, are constantly becoming more sophisticated so they can continue to exploit human and system weaknesses. Fraud-, risk- and IT-security professionals are looking to establish an effective defense against these attacks.

HawkEye G: The Active Defense Grid [ Source: Hexis Cyber ]

May 2014- HawkEye G is a dynamic active defense system designed to leverage existing security assets while providing advanced cyber security analytics and automated countermeasure techniques. The combination of the traditional signature-based and new behavior-based heuristics leads to heightened awareness of standard network activity and deviations that could indicate a potentially disastrous situation. Understanding the full threat and defense landscape is crucial for cyber security mitigation and the HawkEye G team has invested the time and resources ...

Five Things To Do After An Attack The Unique Challenges of Dealing with an Advanced Persistent Threat [ Source: Hexis Cyber ]

May 2014- After an organization been hacked, reducing the amount of time an APT lives within the environment is paramount.

To get the job done organizations must deploy a methodical approach that includes steps to detect/identify, contain - or perhaps not, and remove/recover from the attack as quickly as possible. But the process can't stop there. Attackers are increasingly creative in their methods of attack. To truly gain an advantage against attackers, security ...

Anti-Evasion: Why It's a Critical Component of Intrusion Prevention Systems [ Source: Dell Software ]

April 2014- Learn why anti-evasion is a critical component for your intrusion prevention system. Sophisticated exploits that utilize advanced evasion techniques are all too common.

Intrusion prevention systems (IPS) are designed to prevent known attack traffic patterns from penetrating systems on the network. But there’s an inherent problem with the technology, since it can block only the attacks it sees and is already familiar with. If malicious code is cleverly disguised, it can slip ...

Guarding The Castle: The Strategies and Tools of Cybercriminals and How To Defeat Them [ Source: Dell Software ]

April 2014- Discover the top four strategies and tools that cybercriminals use to infiltrate your network, and how you can stop them. You need to understand your enemies before you can defeat them. This e-book will teach you why it is important that you know how you can secure your network every minute of the day against all types of malware, with a high performance firewall that protects against the latest global threats.

Find out ...

Next 25