Protect Your Systems from Stealthy Attacks [ Source: McAfee ]

May 2013- The most menacing type of cyberattack is invisible. Using sophisticated techniques to hide its presence, a stealth attack may operate outside of the OS or move dynamically across endpoints to conceal the attackers' actions. The risk to enterprises is real, with high-profile attacks such as Operation High Roller impacting companies around the globe. Traditional antivirus or intrusion prevention systems are no match for this new breed of attack; instead, enterprises need layered security controls that ...

Combating Advanced Persistent Threats Through Detection [ Source: Seculert ]

April 2013- Organizations are discovering that effective Advanced Persistent Threats (APTs) protection is a critical priority. Without APT protection, organizations are vulnerable to potentially devastating malware attacks that could last for months or years before they're identified.

Realistic Security, Realistically Deployed: Today's Application Control and Whitelisting [ Source: Bit9 ]

April 2013- Historically, IT defense has focused largely on the threat. So-called "blacklist" technologies maintain an inventory of specific attack types, and provide defense against each. Today, the volume, variety and sophistication of attacks highlights the limitations of such approaches, as signature databases approach their upper limits and leave exploitable gaps in defense.

These changes in the threat landscape have led many organizations to consider the alternative to a blacklist approach. In contrast to blacklisting ...

Getting (and Staying) Ahead of Advanced Threats [ Source: Bit9 ]

April 2013- Download this workbook to create a personalized scorecard that assesses the effectiveness of your current security strategy and shows you why a trust-based security solution is your best defense against advanced malware. This workbook will:

•  Show you why traditional antivirus solutions are no longer effective against today's advanced threats

•  Offer tools to measure how your current security posture affects the productivity of your IT and operations staff and end users
<...

Securing Big Data: Recommendations for Hadoop and NoSQL Environments [ Source: Vormetric ]

March 2013- Big Data repositories enable enterprises to use large volumes of varied data to make more rapid decisions, but repositories frequently include sensitive data that must be secured. Most Hadoop and NoSQL environments that manipulate Big Data have little to no integrated security.

This technical paper provides an overview of NoSQL Big Data security issues and includes security recommendations that enterprises should consider when securing Big Data environments.

Longline Phishing: The Rise of Email-Borne Threats and the Cloud [ Source: Proofpoint ]

March 2013- The last few years have seen a dramatic increase in the use of email as a vehicle for cyberattacks on organizations and large corporations.

Such attacks have evolved from the simple inclusion of malware as a non-disguised executable file, to more socially engineered "phishing"style attacks, which attempt to persuade the recipient voluntarily provide valid security credentials-often simply by clicking a link that leads to a malicious or fraudulent website. But how can ...

The State of DDoS Protection: Organizations Remain Unprepared for DDoS Attacks [ Source: Neustar ]

December 2012- Distributed denial-of-service (DDoS) attacks continue to grow in size, complexity and danger. Witness the recent wave of attacks on major U.S. banks, which knocked websites offline, angered customers and took a grave toll on brand reputations. The lessons of those attacks echo the findings of this report: Previously successful DDoS mitigation solutions no longer work.

UBM Tech conducted research with IT professionals who have suffered DDoS attacks. The drastic changes in attack ...

Cerberus: Malware Triage and Analysis [ Source: AccessData Group ]

October 2012- This document reviews new malware analysis technology, Cerberus, which determines the behavior and intent of suspect binaries without the need for signatures, white lists or a sandbox environment. Using this “triage” approach, organizations are able to detect unknown threats that signature-based technologies will miss. In addition, they are able to gain critical information immediately, allowing them to take decisive action prior to engaging a malware team. There are tens of thousands of static executables on ...

How Three Cyber Threats Transform the Role of Incident Response [ Source: Guidance Software ]

October 2012- “The theft began with an instant message sent to a Google employee in China who was using Microsoft’s Messenger program… Ultimately, the intruders were able to gain control of a software repository used by the development team.” - New York Times - Cyberattack on Google Said to Hit Password System

While we still use many of the same old names - viruses, Trojans, and worms - today’s malware enables potent multistage ...

DDoS for Dummies [ Source: Corero ]

October 2012- A Distributed Denial of Service (DDoS) attack against your organization’s network and systems can bring your online business to a grinding halt, costing you hundreds of thousands – even millions – of dollars, ruining your brand, and driving away your customers.

Far too many organizations are ill-prepared to deal with the effects of DDoS attacks and other Internet security threats. They rely on traditional security devices including firewalls, intrusion prevention systems (IPS) and other ...

Remove the Endpoint Blind Spot: Augmenting SIEM filters with Trust and Threat Indicators [ Source: Bit9 ]

August 2012- Today's evolving threat landscape requires a new approach to endpoint security. With the exponential growth in malware and the targeted nature of today's attacks, a reactive approach is just not effective enough.

Download this whitepaper and learn how Bit9 integrates into a SIEM console, provides the holistic view necessary to ensure an open network isn’t a vulnerable one, and provides a defense-in-depth security strategy that spans network sensors and endpoints.

Bit9 Parity Suite: Moving Beyond a Porous Perimeter [ Source: Bit9 ]

August 2012- Today's cyber attacks are more targeted and sophisticated than ever. They require a proactive approach to protecting your enterprise. What is needed is more automated, effective correlation and intelligent analysis of the overwhelming quantity of system data. In other words, today's security professional needs more actionable data for faster insight into system usage and activity.

Download this whitepaper to learn how Bit9 extends threat detection to endpoints and provides the information the Security ...

SCADA Product Sheet [ Source: Norman ]

July 2012- SCADA (Supervisory Control and Data Acquisition) describes computerized industrial control systems that monitor and control industrial and infrastructure processes. With recent attacks, manufacturers, utilities and industries must now implement solutions to protect their SCADA systems. See the product sheet to learn how the Norman SCADA Protection system protects against cyber-attacks that target critical SCADA systems.