Sort results by: Published date | Company name
Showing items 1-25

Layered Protection - Thirteen Days of Cybercrime [ Source: ControlNow ]

April 2015- Did you know that most companies usually find out about the security breach around 200 days after the occurrence (www.securityweek.com)? By that time, their confidential information is all over the web and it takes time and money to bring everything back to normal and regain your customers trust. Read our whitepaper to see why your business needs multiple layers of protection to stay secure.

Beginner's Guide to Open Source Intrusion Detection Tools [ Source: AlienVault ]

March 2015- If you aren't already running network IDS, you should be. Whether you need to monitor hosts or the networks connecting them to identify the latest threats, there are some great open source intrusion detection (IDS) tools available to you. This guide provides an overview of some of the most popular Open Source IDS tools, along with pros/cons of each and learn more about implementing intrusion detection tools.

Best Practices for AWS Security [ Source: AlienVault ]

January 2015- Amazon Web Services is one of the most secure public cloud platforms available, with deep datacenter security and many user-accessible security features. But, don't forget that you are still responsible for everything you deploy on top of AWS, and for properly configuring AWS security features. This paper covers AWS security best practices to get you started and focus your efforts as you begin to develop a comprehensive cloud security strategy.

Principles & Policies of Perpetual Paranoia: The New Rules for Enterprise IT Security [ Source: Certes ]

March 2015- Enterprise users are putting many more demands on IT security than ever before. At the same time, the IT security architecture is being tested by hackers at unprecedented levels.

In the middle of this "perfect storm" of demands and challenges, how is IT security to cope? How do the stakeholders in network, applications and information security departments gain clarity and alignment to ensure gaps are plugged and compliance needs are met? An emerging ...

Securing Networked Applications with Cryptographic Segmentation [ Source: Certes ]

March 2015- The rules and economics of IT security have changed radically in the past two years. Hacking attacks and data breaches are no longer mere nuisances or relatively trivial cases of "cyber graffiti" like in the past. The costs of breach cleanup in only one of the retail breaches last year could easily top half a billion dollars. In another case, a judge has cleared the way for banks to sue a retailer for negligence for ...

Epic Security Fail: Roots of the Hacking Crisis [ Source: Certes ]

March 2015- The worldwide hacking crisis continues. In case after case, hacked enterprises had firewalls, intrusion detection, incident response and other systems in place. So why did these security measures fail to prevent so many breaches? In every documented case, it was because networked applications were not properly secured. This infographic explores the three primary IT security gaps that enabled hackers to get a foothold in enterprises and exfiltrate sensitive data.

How to Mitigate the Risks of Insider Threats [ Source: Digital Guardian ]

November 2014- Insider threats with potential to steal valuable intellectual property (IP) and data can cause significant damage to any organization. Dan Geer elaborates on how you can mitigate the security risk.

Outsider Threat Protection: Building a Kill Chain Defense [ Source: Digital Guardian ]

November 2014- The Kill Chain Defense exploits a critical weakness in the outsider attack model; for an attack to be successful, all steps must be completed and the target data exfiltrated from the organization. This white paper explains the Kill Chain Defense model and how it can be used to pragmatically prevent outsider attackers from succeeding.

Making the Move from Threat Detection to Remediation Faster [ Source: NopSec ]

March 2015- Vulnerability risk management is a foundational practice in most information security programs today. In fact, nearly half of organizations agree that it is the most accepted method for deterring cybercrime.

Despite its importance, traditional vulnerability risk management programs are failing. The labor-intensive manual task lists, mountains of static scan data, expanding attack surface brought on by new technologies such as mobile, and other inherent challenges are crippling organizations in making the move from ...

Think Like A Hacker: A New Approach to Vulnerability Risk Management [ Source: NopSec ]

March 2015- In 2014, there were 7,945 security vulnerabilities identified. That is 22 new vulnerabilities a day. Nearly one an hour. While the number does not appear alarming at face value, when you multiply that by the servers, applications and endpoints across the IT environment, the number is staggering.

Making sense out of mountains of threat data is just one of the many challenges organizations face as part of their vulnerability risk management program. So how can organizations ...

Advanced Threat Defense Tactics [ Source: GENERAL DYNAMICS Fidelis Cybersecurity Solutions ]

March 2015- Advanced Persistent Threats (APTs) in the online realm are a painful reality for companies of all sizes, from the largest enterprises down to small and medium-sized businesses (SMBs). Business leaders might be tempted to think that their own organizations are exempt from APTs, or that the security measures they already have in place are adequate to defend against these persistent, methodical attacks. Yet those temptations must be avoided. If your business has something of value ...

Case Study: A Critical Infrastructure Breach Response [ Source: GENERAL DYNAMICS Fidelis Cybersecurity Solutions ]

March 2015- Read this case study to learn from a company who suspected that suspicious activity was occurring on their network. After determining they were likely the victim of a network breach, they were not sure how the breach occurred or what, if anything, had been taken. With more than 1600 servers and approximately 6000 user devices, there was a need to prioritize forensic evidence as they worked to determine affected infrastructure. Download this paper to find out how ...

The Right Way to Protect Against DDoS Attacks [ Source: F5 ]

October 2014- CIOs want harmony. Security directors loathe point products. Network operations won't buy into anything new. CIOs can get the harmony they need around DDoS mitigation by extending the F5 Application Delivery Controller into a hybrid solution: on premises with a new cloud component. Read the white paper to learn more.

Deploying a Next-Gen IPS Infrastructure [ Source: F5 ]

May 2014- Enterprises require intrusion prevention systems (IPSs) to protect their network against attacks. However, implementing an IPS involves challenges of scale and performance. Leveraging the power of an Application Delivery Controller allows enterprises to efficiently deploy a next-generation IPS infrastructure. Read this white paper to learn how installing the right solution allows the IPS to focus on identifying and mitigating threats to the network, and ensure that no application is left unprotected.

The Expectation of SSL Everywhere [ Source: F5 ]

March 2015- SSL is the set of cryptographic protocols that secure data in transit. Today SSL is often the only tool standing between your organization and the bad actors. The stakes around SSL have been upleveled to the limit. Whether or not it's convenient to admit, it's time for organizations to uplevel their overall security posture to protect this last line of defense. Read this white paper to learn how your organization can properly embrace a higher ...

How Traditional Firewalls Fail and Next-Generation Firewalls Prevail [ Source: Dell SonicWALL ]

March 2015- Learn exactly where traditional firewalls fall short, and discover how next-generation firewalls produce excellent network performance without compromising security. Read this whitepaper and uncover where next-generation firewalls fill the gaps left by traditional firewalls.

Breach Detection: What you need to know [ Source: Bit9 ]

September 2014- Today's cyber attacks have changed in sophistication, in focus, and in their potential impact on your business. This eBook will outline the tactics today's advanced attackers are using to break into your organization and why you require a defense-in-depth cyber-security program that incorporates automatic detection and incident response. The goal of this eBook is to leave you with the knowledge you need to effectively protect your business against today's advanced attacks.

Breach Preparation: Plan for the Inevitability of Compromise eGuide [ Source: Bit9 ]

January 2015- You can't open a newspaper or visit an online news site these days without some mention of a cyber-attack or data breach. These activities are becoming more prevalent, and as a result, the reporting of these activities is also on the rise. Bit9 + Carbon Black reached out to a series of experts to collect their thoughts and advice on dealing with data security incidents or breaches, which included:

Designing a Continuous Response Architecture eGuide [ Source: Bit9 ]

October 2014- Businesses need to view security as a process and leverage solutions that can proactively collect data, apply aggregated threat intelligence, reduce the cost and complexity of incident response and evolve, adapt and learn from your investigation.

This eGuide will cover how a continuous approach to response can resolve these challenges and put your organization in a better security posture by proactively preparing for a breach.

Securing Enterprise Applications [ Source: Onapsis ]

November 2014- Business-critical platforms such as SAP and Oracle have been in place for more than a decade, however a majority of firms using these applications currently have gaps in their security program. There are many reasons for these security gaps ranging from a reliance on generic security tools, to IT teams lacking complete understanding of how application platforms work.

Implementing SAP Security Solutions [ Source: Onapsis ]

January 2015- Gaps in security practices of business-critical applications running on SAP are causing organizations to rethink their current approach and embrace a new strategy.

The SAP Security Survival Guide [ Source: Onapsis ]

January 2015- As a CISO, learn which questions to ask in order to uncover security challenges facing your SAP systems.

Malware Detection with Network Monitoring: Not Quite Enough [ Source: Solutionary ]

September 2014- When IT professionals think about information security, they often think about network intrusion detection systems (IDS) and intrusion protection systems (IPS) early in the process. Network IDS/IPS has long been a mainstay for detecting malicious activity and continues to be a very important piece of the security puzzle. Unfortunately for security professionals, that puzzle continues to evolve and becomes increasingly large and complex.

Enterprise Security & the Mainframe: A Holistic Approach [ Source: CA Technologies ]

January 2015- Ten years ago security breaches were mostly widespread nuisances perpetrated by young script kiddies out for notoriety. Today, they are targeted, sophisticated, and highly damaging. Most are perpetrated by well-funded elements of organized crime, foreign governments, and terrorist groups out for money and a competitive edge. Newer advanced persistent threats (APT's) can penetrate a single victim's network and secretly remain there for months or years, stealing large volumes of valuable proprietary or private customer information.

Why Your Next Generation Firewall Protection Isn't Enough [ Source: Webroot ]

November 2014- Enterprise security organizations face a daily onslaught of external attacks. According to a recent survey by IBM X-Force and Verizon's 2014 Data Breach Report, 92% of attacks being perpetrated are by outsiders. Because of this, organizations have to focus on how these attacks successfully penetrate their network perimeter security defenses. Many organizations have invested in next generation firewalls (NGFWs) to protect them from network-based attacks.

Detect and Investigate Malicious IP Activities in SIEM with Predictive Threat Intelligence [ Source: Webroot ]

October 2014- Malicious IPs are a new and growing problem for enterprises. To effectively defend against these malicious IPs, enterprises need to augment their SIEM solutions with real-time predictive threat Intelligence so they can detect attacks from unknown IPs as early as possible and respond to them before they lead to more severe incidents and costly breaches.

Next 25