Sort results by: Published date | Company name
Showing items 1-25

Think Like A Hacker: A New Approach to Vulnerability Risk Management [ Source: NopSec ]

March 2015- In 2014, there were 7,945 security vulnerabilities identified. That is 22 new vulnerabilities a day. Nearly one an hour. While the number does not appear alarming at face value, when you multiply that by the servers, applications and endpoints across the IT environment, the number is staggering.

Making sense out of mountains of threat data is just one of the many challenges organizations face as part of their vulnerability risk management program. So how can organizations ...

Anatomy of a Cyber-Attack [ Source: Dell SonicWALL ]

March 2015- Discover the most common strategies and tools cyber-criminals are using and how to stop them.

Breach Detection: What you need to know [ Source: Bit9 ]

September 2014- Today's cyber attacks have changed in sophistication, in focus, and in their potential impact on your business. This eBook will outline the tactics today's advanced attackers are using to break into your organization and why you require a defense-in-depth cyber-security program that incorporates automatic detection and incident response. The goal of this eBook is to leave you with the knowledge you need to effectively protect your business against today's advanced attacks.

Breach Preparation: Plan for the Inevitability of Compromise eGuide [ Source: Bit9 ]

January 2015- You can't open a newspaper or visit an online news site these days without some mention of a cyber-attack or data breach. These activities are becoming more prevalent, and as a result, the reporting of these activities is also on the rise. Bit9 + Carbon Black reached out to a series of experts to collect their thoughts and advice on dealing with data security incidents or breaches, which included:

Designing a Continuous Response Architecture eGuide [ Source: Bit9 ]

October 2014- Businesses need to view security as a process and leverage solutions that can proactively collect data, apply aggregated threat intelligence, reduce the cost and complexity of incident response and evolve, adapt and learn from your investigation.

This eGuide will cover how a continuous approach to response can resolve these challenges and put your organization in a better security posture by proactively preparing for a breach.

Trend Advisor: Hacking Crisis Highlights 'Crypto Chaos' [ Source: Certes ]

January 2015- IT departments were battered by a cyber security perfect storm in 2014. While the security community was still rolling in the wake of the Target breach in late 2013, the continuing parade of breaches in 2014 cast a harsh light on inadequate security architectures and poorly implemented security practices.

Threat Intelligence Defined [ Source: Solutionary ]

January 2015- The entire security industry has focused in on the newest buzzwords: Threat Intelligence. The term is so broadly used the definition of "intelligence" is sometimes lost. Some services are simply offering access to minimally analyzed (or even raw) data. Learn how to tell what "intelligence" really means and how to differentiate the offerings in this Solutionary white paper.

Top-Down Security and the Security Life Cycle [ Source: Solutionary ]

December 2014- Security is a necessary component in the corporate digital infrastructure. Unfortunately, rallying support behind security initiatives is often easier said than done. By improving mutual understanding of management and analyst perspectives, IT security professionals and non-technical managers can define a smoother process to develop and improve the organization's security infrastructure.

Malware Detection with Network Monitoring: Not Quite Enough [ Source: Solutionary ]

September 2014- When IT professionals think about information security, they often think about network intrusion detection systems (IDS) and intrusion protection systems (IPS) early in the process. Network IDS/IPS has long been a mainstay for detecting malicious activity and continues to be a very important piece of the security puzzle. Unfortunately for security professionals, that puzzle continues to evolve and becomes increasingly large and complex.

Why Your Next Generation Firewall Protection Isn't Enough [ Source: Webroot ]

November 2014- Enterprise security organizations face a daily onslaught of external attacks. According to a recent survey by IBM X-Force and Verizon's 2014 Data Breach Report, 92% of attacks being perpetrated are by outsiders. Because of this, organizations have to focus on how these attacks successfully penetrate their network perimeter security defenses. Many organizations have invested in next generation firewalls (NGFWs) to protect them from network-based attacks.

Detect and Investigate Malicious IP Activities in SIEM with Predictive Threat Intelligence [ Source: Webroot ]

October 2014- Malicious IPs are a new and growing problem for enterprises. To effectively defend against these malicious IPs, enterprises need to augment their SIEM solutions with real-time predictive threat Intelligence so they can detect attacks from unknown IPs as early as possible and respond to them before they lead to more severe incidents and costly breaches.

A Smarter Solution to Malware Prevention [ Source: Webroot ]

November 2014- Traditional endpoint security has failed to keep up with today's threats and is exposing organizations to unacceptable levels of risk. It's time for smarter, next-generation malware prevention to replace or supplement traditional defenses. New approaches to malware can wrest back control and give security administrators greater visibility and control over their endpoints at a lower cost than traditional solutions. This paper looks at the endpoint threats organizations are facing, the means to combat those threats, ...

Anatomy of a Cyber-attack [ Source: Dell ]

December 2014- You need to understand the enemy before you can defeat them. As the number and severity of cyber-crimes continues to grow, it's important to understand the steps cyber-criminals take to attack your network, the types of malware they use, and the tools you need to stop them. The basic steps of a cyber attack include reconnaissance (finding vulnerabilities); intrusion (actual penetration of the network); malware insertion (secretly leaving code behind); and cleanup (covering tracks). Malware ...

Guarding the Castle [ Source: Dell ]

December 2014- This ebook details the strategies and tools that cybercriminals use to infiltrate your network and how you can stop them. Today's cybercriminals employ several complex techniques to avoid detection as they sneak quietly into corporate networks to steal intellectual property. Their threats are often encoded using multifarious complicated algorithms to evade detection by intrusion prevention systems. Once they have exploited a target, attackers will attempt to download and install malware onto the compromised system. In ...

CyberEdge: 2014 Cyberthreat Defense Report [ Source: NetIQ ]

March 2014-

As trusted experts in the field of cybersecurity, CyberEdge has provided the 2014 Cyberthreat Defense Report to demonstrate just what the current security landscape looks like. IT professionals from North America and Europe responded to a survey, and an overwhelming majority of them said their organization had been the victim of at least one attack in 2013. To mitigate that danger, organizations are expected to put more money into IT budgets in the upcoming years.

<...

Make remote vendor access more secure [ Source: ObserveIT ]

July 2014- The threat of user-based attacks has never been higher, with 76% of all breaches coming from accounts with access to sensitive data. With the exploitation of remote vendor access a huge concern, learn how to make working with your contractors more secure with this free e-Book from ObserveIT.

The future of user-based security risks [ Source: ObserveIT ]

September 2014- IT security personnel spend time protecting against external attacks, but often miss the biggest source of data breaches--user-based threats including account hijacking, stolen passwords, insiders and more. Learn more about the need for a user-centric security strategy with this free Gartner report.

Energy Companies and Financial Services Firms Vulnerable to Data-Breaching Malware [ Source: ThreatTrack Security ]

October 2014- Financial services firms and energy companies – two industries highly targeted by cybercriminals – must move quickly to address their cybersecurity deficiencies and shore up their defenses against advanced malware threats.

2014 Cost of Cyber Crime study: Global [ Source: HP ]

October 2014- Ponemon Institute has completed its fifth year studying the cost of cyber crime to businesses around the world. The 2014 Cost of Cyber Crime study taps the collective experience of 257 organizations in seven countries. It shows that cyber crime and its associated cost to businesses continue to rise. But there is good news, too. Security defenses and a strong security posture help drive down the losses.

Separate reports exist for each country, and this ...

2014 Cost of Cyber Crime study: United States [ Source: HP ]

October 2014- For the fifth year running, the United States led the world in number and cost of cyber attacks. The Ponemon Institute surveyed 59 U.S. companies, performing 544 individual interviews to assess their experience with cyber crime. The mean annualized cost for the U.S. companies surveyed was $12.7 million—up 9.3 percent from last year. There is good news, though. A strong security posture and deployment of security intelligence systems drives down the cost for many companies. ...

Using Cyber Insurance and Cybercrime Data to Limit Your Business Risk [ Source: SurfWatch Labs ]

July 2014- The market for cyber liability insurance has been around for over a decade, but only recently has it experienced a spike in demand. The variety of recent high-profile data breaches have cast light on the importance of having coverage should a cyber-attack strike a business. No business is immune to a cyber-attack, which can wreak havoc not only on the IT environment, but also on the bottom line.

Despite all of this, cyber ...

Forensic Domain Mapping: How to Reverse Engineer Domain Ownership in a Cyber Investigation [ Source: DomainTools ]

July 2014- For investigators tasked with identifying the perpetrator of online fraud, it's often the little things that can make the difference. Cyber investigators must work diligently to ferret out the smallest details in order to snare their quarry. Investigating a digital crime is not so dissimilar as investigating a crime in the 'real world'. While popular TV shows might have you believe that a single fiber found at the scene of a crime will lead directly ...

Domain Attribution: Piercing the Veil of Masked Domain Owners [ Source: DomainTools ]

July 2014- As the Internet has evolved to become a primary channel of trade and commerce, so has the sophistication of criminal organizations and other perpetrators of fraudulent schemes who take advantage of domain privacy features as a means by which to mask their true identity. Domain privacy, a controversial topic since its introduction in 2003, provides domain owners with the option to substitute the registrar's contract information for their own. While there are a variety of legitimate ...

Best Practices Guide: Using DNS Data for Threat Intelligence and Incident Forensics [ Source: DomainTools ]

July 2014- Cybercrime represents a major threat to both government and businesses, costing the economy hundreds of billions of dollars in losses every year. Often, the most challenging part for an investigator is discovering the who behind an attack. Is it a coordinated attack orchestrated by a criminal syndicate or an amateur hacker looking for a backdoor into your network? If the actual individual cannot be identified-as is too often the case-then investigators can build a Threat ...

Selecting the Right Cybercrime-Prevention Solution [ Source: IBM ]

June 2014- Financial institutions, commercial enterprises and government organizations are all prime targets for cybercrime. Malicious software, or malware, is the primary attack tool used by cybercriminals to execute account takeover attacks, steal credentials and personal information, and initiate fraudulent transactions. The attack tactics, or crime logic, are constantly becoming more sophisticated so they can continue to exploit human and system weaknesses. Fraud-, risk- and IT-security professionals are looking to establish an effective defense against these attacks.

HawkEye G: The Active Defense Grid [ Source: Hexis Cyber ]

May 2014- HawkEye G is a dynamic active defense system designed to leverage existing security assets while providing advanced cyber security analytics and automated countermeasure techniques. The combination of the traditional signature-based and new behavior-based heuristics leads to heightened awareness of standard network activity and deviations that could indicate a potentially disastrous situation. Understanding the full threat and defense landscape is crucial for cyber security mitigation and the HawkEye G team has invested the time and resources ...

Next 25