Sort results by: Published date | Company name
Showing items 1-25

Beginner's Guide to Open Source Intrusion Detection Tools [ Source: AlienVault ]

March 2015- If you aren't already running network IDS, you should be. Whether you need to monitor hosts or the networks connecting them to identify the latest threats, there are some great open source intrusion detection (IDS) tools available to you. This guide provides an overview of some of the most popular Open Source IDS tools, along with pros/cons of each and learn more about implementing intrusion detection tools.

Best Practices for AWS Security [ Source: AlienVault ]

January 2015- Amazon Web Services is one of the most secure public cloud platforms available, with deep datacenter security and many user-accessible security features. But, don't forget that you are still responsible for everything you deploy on top of AWS, and for properly configuring AWS security features. This paper covers AWS security best practices to get you started and focus your efforts as you begin to develop a comprehensive cloud security strategy.

Principles & Policies of Perpetual Paranoia: The New Rules for Enterprise IT Security [ Source: Certes ]

March 2015- Enterprise users are putting many more demands on IT security than ever before. At the same time, the IT security architecture is being tested by hackers at unprecedented levels.

In the middle of this "perfect storm" of demands and challenges, how is IT security to cope? How do the stakeholders in network, applications and information security departments gain clarity and alignment to ensure gaps are plugged and compliance needs are met? An emerging ...

Securing Networked Applications with Cryptographic Segmentation [ Source: Certes ]

March 2015- The rules and economics of IT security have changed radically in the past two years. Hacking attacks and data breaches are no longer mere nuisances or relatively trivial cases of "cyber graffiti" like in the past. The costs of breach cleanup in only one of the retail breaches last year could easily top half a billion dollars. In another case, a judge has cleared the way for banks to sue a retailer for negligence for ...

Making the Move from Threat Detection to Remediation Faster [ Source: NopSec ]

March 2015- Vulnerability risk management is a foundational practice in most information security programs today. In fact, nearly half of organizations agree that it is the most accepted method for deterring cybercrime.

Despite its importance, traditional vulnerability risk management programs are failing. The labor-intensive manual task lists, mountains of static scan data, expanding attack surface brought on by new technologies such as mobile, and other inherent challenges are crippling organizations in making the move from ...

The Right Way to Protect Against DDoS Attacks [ Source: F5 ]

October 2014- CIOs want harmony. Security directors loathe point products. Network operations won't buy into anything new. CIOs can get the harmony they need around DDoS mitigation by extending the F5 Application Delivery Controller into a hybrid solution: on premises with a new cloud component. Read the white paper to learn more.

Deploying a Next-Gen IPS Infrastructure [ Source: F5 ]

May 2014- Enterprises require intrusion prevention systems (IPSs) to protect their network against attacks. However, implementing an IPS involves challenges of scale and performance. Leveraging the power of an Application Delivery Controller allows enterprises to efficiently deploy a next-generation IPS infrastructure. Read this white paper to learn how installing the right solution allows the IPS to focus on identifying and mitigating threats to the network, and ensure that no application is left unprotected.

The Expectation of SSL Everywhere [ Source: F5 ]

March 2015- SSL is the set of cryptographic protocols that secure data in transit. Today SSL is often the only tool standing between your organization and the bad actors. The stakes around SSL have been upleveled to the limit. Whether or not it's convenient to admit, it's time for organizations to uplevel their overall security posture to protect this last line of defense. Read this white paper to learn how your organization can properly embrace a higher ...

Trend Advisor: Hacking Crisis Highlights 'Crypto Chaos' [ Source: Certes ]

January 2015- IT departments were battered by a cyber security perfect storm in 2014. While the security community was still rolling in the wake of the Target breach in late 2013, the continuing parade of breaches in 2014 cast a harsh light on inadequate security architectures and poorly implemented security practices.

The SAP Security Survival Guide [ Source: Onapsis ]

January 2015- As a CISO, learn which questions to ask in order to uncover security challenges facing your SAP systems.

The Current State of Encryption and Key Management: Where Security Gaps Persist - Strategies for Addressing Them [ Source: SafeNet ]

April 2015- While encryption has been employed for decades, there has never been a higher need than in today’s market with data breaches consistently littering the headlines. As more organizations adopt encryption strategies many questions are posed.

Where is encryption being employed today and why?

Where do security practitioners see encryption’s usage increasing?

What do current usage trends tell us about existing security gaps, and how should those weaknesses ...

Threat Intelligence Defined [ Source: Solutionary ]

January 2015- The entire security industry has focused in on the newest buzzwords: Threat Intelligence. The term is so broadly used the definition of "intelligence" is sometimes lost. Some services are simply offering access to minimally analyzed (or even raw) data. Learn how to tell what "intelligence" really means and how to differentiate the offerings in this Solutionary white paper.

Enterprise Security & the Mainframe: A Holistic Approach [ Source: CA Technologies ]

January 2015- Ten years ago security breaches were mostly widespread nuisances perpetrated by young script kiddies out for notoriety. Today, they are targeted, sophisticated, and highly damaging. Most are perpetrated by well-funded elements of organized crime, foreign governments, and terrorist groups out for money and a competitive edge. Newer advanced persistent threats (APT's) can penetrate a single victim's network and secretly remain there for months or years, stealing large volumes of valuable proprietary or private customer information.

Why Your Next Generation Firewall Protection Isn't Enough [ Source: Webroot ]

November 2014- Enterprise security organizations face a daily onslaught of external attacks. According to a recent survey by IBM X-Force and Verizon's 2014 Data Breach Report, 92% of attacks being perpetrated are by outsiders. Because of this, organizations have to focus on how these attacks successfully penetrate their network perimeter security defenses. Many organizations have invested in next generation firewalls (NGFWs) to protect them from network-based attacks.

Detect and Investigate Malicious IP Activities in SIEM with Predictive Threat Intelligence [ Source: Webroot ]

October 2014- Malicious IPs are a new and growing problem for enterprises. To effectively defend against these malicious IPs, enterprises need to augment their SIEM solutions with real-time predictive threat Intelligence so they can detect attacks from unknown IPs as early as possible and respond to them before they lead to more severe incidents and costly breaches.

A Smarter Solution to Malware Prevention [ Source: Webroot ]

November 2014- Traditional endpoint security has failed to keep up with today's threats and is exposing organizations to unacceptable levels of risk. It's time for smarter, next-generation malware prevention to replace or supplement traditional defenses. New approaches to malware can wrest back control and give security administrators greater visibility and control over their endpoints at a lower cost than traditional solutions. This paper looks at the endpoint threats organizations are facing, the means to combat those threats, ...

Protect Your Brand Against Today's Malware Threats with Code Signing [ Source: Symantec ]

January 2015- The malware threat and resulting lack of confidence on the part of online users puts software developers and other companies that rely on software downloads at risk. Code signing is an industry-recommended and widely-used defense against tampering, corruption, or malware infection in software code, armed with a powerful method to both identify code and assure the identity of the code signer. This white paper discusses the malware threat, the potential impact on your business, and ...

Group Encryption Whitepaper [ Source: Certes ]

December 2014- Protecting data in motion has become a high priority for a growing number of companies. As more companies face the real and growing threat of data theft, along with increased regulatory pressure to protect their data, encryption of data in motion has gone from a "nice to have" technology to a critical budgeted project. However, companies that have deployed IPsec VPNs across their network have discovered that while encryption is a great mode of data ...

Spiceworks Survey: Crypto Chaos - Data Traffic Security is a Mess [ Source: Certes ]

December 2014- Poor network security and inadequate traffic segmentation were chief causes of data breaches in 2013 and 2014, compromising billions of data records costing corporate hacking victims, banks, retailers and credit card issuers billions of dollars to clean up.

In November 2014, Certes Networks worked with Spiceworks and its community of more than 6 million IT professionals to discover how companies across the globe handle data in motion and other IT security issues. The results made one ...

The CryptoFlow Manifesto [ Source: Certes ]

December 2014- Over half a billion data records have been stolen from enterprises and governments around the world in the last 12 months. And those are just the data breaches we know about.

In every one of the high-profile documented data breaches, the hackers took advantage of poorly protected networked applications to steal sensitive information.

They bypassed firewalls. They hopped network segmentation controls. They implanted malware that sent data to unauthorized locations. They exploited ...

Anatomy of a Cyber-attack [ Source: Dell ]

December 2014- You need to understand the enemy before you can defeat them. As the number and severity of cyber-crimes continues to grow, it's important to understand the steps cyber-criminals take to attack your network, the types of malware they use, and the tools you need to stop them. The basic steps of a cyber attack include reconnaissance (finding vulnerabilities); intrusion (actual penetration of the network); malware insertion (secretly leaving code behind); and cleanup (covering tracks). Malware ...

Guarding the Castle [ Source: Dell ]

December 2014- This ebook details the strategies and tools that cybercriminals use to infiltrate your network and how you can stop them. Today's cybercriminals employ several complex techniques to avoid detection as they sneak quietly into corporate networks to steal intellectual property. Their threats are often encoded using multifarious complicated algorithms to evade detection by intrusion prevention systems. Once they have exploited a target, attackers will attempt to download and install malware onto the compromised system. In ...

How Traditional Firewalls Fail [ Source: Dell ]

December 2014- Your current firewall may be jeopardizing your security. This white paper explains exactly where traditional firewalls fall short, and how next-generation firewalls can help you counter today's threats, manage web 2.0 apps and enforce acceptable-use policies. If your company has a traditional firewall, it is probably jeopardizing your security and costing you money. Firewalls are an essential part of network security, but most are very limited. They can close unneeded ports, apply routing rules to packets ...

Single Sign-On: with Passwords, Less is More [ Source: NetIQ ]

September 2014- Your workforce is using more applications from a wider variety of sources than ever. This causes security issues as users forget passwords, share them or write them down. Single sign-on (SSO) is a quick way to solve this problem. Now is the perfect time to implement SSO. This paper will explain SSO options and questions you should ask to determine the right solution for you. Security and productivity are both at stake: put SSO to ...

Mobile and Remote Access: Balancing Productivity and Security in a BYOD World [ Source: NetIQ ]

September 2014- In today's BYOD world, securing access and maintaining productivity is challenging; users want access from their own devices, and the applications, data and services they're accessing aren't inside the perimeter. But even in this environment, you can secure access. Read this paper to learn how you can implement access controls that keep up with the modern world. Get advice on how to take stock of your environment, leverage your current investments and keep your access ...

Is Your Identity and Access Governance Program Vulnerable to Risk? [ Source: NetIQ ]

September 2014- Many organizations implement identity and access governance (IAG) as a quick-fix to appease auditors and avoid fines. Such an ad-hoc approach can lead to poorly managed access, which in turn can create big security issues. Instead, a proactive IAG program that answers the question: "Who has access to what, and is it appropriate?" not only appeases auditors, it pleases the CIO by helping to prevent risk from insider attacks. Read this white paper to learn ...

Next 25