Ensuring application security in mobile device environments [ Source: IBM ]
May 2013- In today's business environments, mobile devices make up the fastest growing segment of computing devices - outpacing desktop and laptop computers. As more employees prefer to use mobile devices in the workplace, organizations are rapidly moving towards a bring-your-owndevice (BYOD) model - allowing employees to use their own mobile devices for business purposes. This often leads to employees having a mix of corporate and personal applications on the same device, which gives the security team ...
Transforming IT GRC into a Mainstream Business Application [ Source: TraceSecurity, Inc ]
February 2013-
Coping with the complexities of IT GRC is a growing market dilemma for small and medium organizations (SMEs) and a new IT GRC prescription is well overdue - one that provides true enterprise-class capabilities, but without the enterprise burden on resources.
This paper explains the SME information security landscape and how to best leverage an integrated, cloud-based approach to adopt an IT GRC strategy that reveals your organization's risk posture, enforces security policies, ...
McAfee Vulnerability Manager Product Review by S3KUR3 Inc [ Source: McAfee ]
February 2013- Threats and vulnerabilities are a way of life for IT admins. This paper focuses on how McAfee's Vulnerability Manager and McAfee ePolicy Orchestrator provide IT Admins with powerful and effective tool for identifying and remediating vulnerable systems.
ESG Technology Brief: Real-Time Risk Management [ Source: McAfee ]
February 2013- Information security based on regulatory compliance stipulations cannot keep up with today's sophisticated and rapidly changing threat landscape. CISOs need to implement a new discipline that ESG calls, "Real-time Risk Management."
Miercom Lab Test Report - McAfee Risk Management Solution January 2011 [ Source: McAfee ]
February 2013- Taking a risk-based approach to vulnerability lifecycle management is becoming the norm for vulnerability assessment vendors. This paper reports on the findings when testing McAfee's Risk Management solution from a holistic risk management and vulnerability lifecycle management perspective.
Gartner MarketScope for Vulnerability Assessment Report [ Source: McAfee ]
February 2013- Vulnerability assessment vendors compete on management features, configuration assessment, price, reporting and integratin with other security products. Buyers must consider how VA will fit into their overal vulnerability management process when evaluatiing VA products and services.
Top 10 Reasons Your Company Does NOT Need McAfee Vulnerability Manager [ Source: McAfee ]
February 2013- Some IT and Security teams wonder if automated vulnerability management is important given the many pressing demands for other IT projects and investments they face. The purpose of this paper is to help these IT and Security professionals evaluate their security posture and risk.
Protect Critical Assets with Virtual Patching White Paper [ Source: McAfee ]
February 2013- As long as there is software, there will be software vulnerabilities. And wherever there are vulnerabilities, you will find malware and cybercriminals. This paper will examine that risk and provide a step by step process to protect your companies critical assets.
Discover. Evaluate. Act. White Paper [ Source: McAfee ]
February 2013- Up until now, your view of risk while monitoring your network has been incomplete. This white paper discusses a new, innovative approach to protecting your network through a combination of active and passive network discovery and monitoring, in real-time.
Using ADC's to Effectively Mitigate DDoS Attacks [ Source: F5 ]
February 2013- Companies are in high alert to fight off Distributed Denial of Services (DDoS) attacks that can halt business and amount to a costly burden on companies and customers. DDoS attacks are increasing in volume, frequency, and sophistication, and they are targeting every level in the data center. Smart organizations are moving to defend not only their network, session, and application layers, but also their business logic and database tiers as well. In defense, today's enterprises ...
The New Application Delivery Firewall Paradigm [ Source: F5 ]
February 2013- The firewall is, and has been, the primary foundation around which conventional network security architectures are built. But the conventional firewall is beginning to show its limitations in detecting and repelling modern attacks. Diverse attacks involving multiple layers of the network stack are causing firewall failures with alarming frequency. As a result, traditional firewall services alone are insufficient for detecting attacks and subsequently preventing business disruption. The new application delivery firewall technology provides enforcement of ...
A New Breed of Information Security Leader: The Hyper-Connected Era and What It Means for CIOs and CISOs [ Source: IBM ]
December 2012- 2011 was the year of the security breach. And while many security organizations remain in crisis response mode, some security leaders have moved to take a more proactive position, taking steps to reduce future risk. These leaders see their organizations as more mature in their security-related capabilities and better prepared to meet new threats. What have they done to create greater confidence? More importantly, can their actions show the way forward for others?
Consolidated Security Management for Mainframe Clouds [ Source: IBM ]
December 2012- IBM Security and IBM Information Management solutions for security work with the IBM System z platform to allow the mainframe to serve as an enterprise security hub, providing comprehensive, centralized security capabilities for organizations with distributed, multiplatform IT environments.
How Does IBM Deliver Cloud Security [ Source: IBM ]
December 2012- Cloud computing is changing the way we use computing and has the potential for significant economic and efficiency benefits. But the speed of adoption depends on how quickly trust in new cloud models can be established. Some of the growing cloud security concerns include: security of highly virtualised environments from targeted threats and attacks, enabling secure collaboration, protection of the data (isolation, sharing) in a rapid provisioning and deprovisioning environment while experiencing the loss of ...
Intelligent Role Management for Improved Security and Compliance [ Source: IBM ]
December 2012- In complex organizations with sprawling role structures, managing user access and entitlements can be overwhelming. As part of an effective strategy for identity and access management governance, role management is a powerful method with which to strengthen and streamline the management process. Although role management solutions may help, many are overly complex and are not suited for business users. To find out how the integrated Role and Policy Modeler component of IBM Security Identity Manager ...
DDoS for Dummies [ Source: Corero ]
October 2012-
A Distributed Denial of Service (DDoS) attack against your organization’s network and systems can bring your online business to a grinding halt, costing you hundreds of thousands – even millions – of dollars, ruining your brand, and driving away your customers.
Far too many organizations are ill-prepared to deal with the effects of DDoS attacks and other Internet security threats. They rely on traditional security devices including firewalls, intrusion prevention systems (IPS) and other ...
Cloud Servers: New Risk Considerations [ Source: CloudPassage ]
September 2012-
The tremendous scalability, flexibility, and speed of Infrastructure-as-a-Service (IaaS) make it one of the fastest-growing sectors of the cloud computing markets. IaaS providers combine virtualization technologies with massive infrastructure to deliver bandwidth, storage, and CPU power on-demand and with granular control over scale and costs. The potential benefits of hosting applications and workloads on cloud servers are enormous, making cloud servers the de facto norm for a rapidly growing set of use cases.
...
PCI and the Cloud [ Source: CloudPassage ]
September 2012-
Cloud computing has sparked a huge trend in rapid-fire application development and dynamic, elastic application hosting. Desires for cloud-based delivery and the emergence of software-defined infrastructure have caused developers, technology operations and security functions to converge
These cross-functional cloud teams are responsible for securing the servers and applications under their care. PCI compliance is a very common demand, one that presents special challenges in the cloud.
This white paper provides cloud ...
Enterprise Strategy Group: A Prudent Approach to Risk Management [ Source: EMC ]
August 2012- Over the past few years, ESG has noticed a distinctive trend: many large organizations are now eschewing reactive information security and regulatory compliance activities in favor of structured and documented risk management.
Intel 3rd Gen Core vPro Processor Overview [ Source: Intel ]
July 2012- 3rd generation Intel Core vPro overview covering threat management, identity and access, data protection, and monitoring and remediation.
Cricket Communications Turns to Splunk for Assuring Automated Service Management [ Source: Splunk ]
December 2012-
Keeping up with a quickly expanding business is difficult if you do not have the right tools. Cricket Communications was growing in its number of subscribers at a rate of 10 to 20% annually and needed a system that could handle processing of up to 3,000 new subscriber requests per hour.
It implemented automated business processes and contract processing systems to keep up with the new requests, but if an error occurred the whole system would ...
Expedia Leverages Splunk to Consolidate Data and Tools [ Source: Splunk ]
June 2012- Expedia, Inc. is the largest online travel company in the world. Serving customers in an on-demand fashion - where user experience and system uptime is everything - puts a severe demand on an IT infrastructure. This analyst case study reveals how Expedia used Splunk to improve response time by 300%, reduce downtime by 90% and retire over 200 servers. Discover how Expedia delivered a total annual ROI of $14 million.
When Good Backups Go Bad: Data Recovery Failures and What to Do About Them [ Source: Symantec.cloud ]
May 2012- Successfully backing up critical systems and data is key to disaster recovery and business continuity. Yet, Symantec's 2011 SMB Disaster Preparedness Survey revealed that only half of respondents have appropriate backup and data recovery plans in place. Why? Read When Good Backups Go Bad: Data Recovery Failures and What to Do About Them to understand backup challenges, impacts, and solutions. Don't let your business fall victim to downtime because of a computer or system failure.
The Data is the New Perimeter [ Source: Voltage Security ]
April 2012- Most companies place a high premium on IT security, and believe they have ironclad protection. However, the toll from cyber-attacks continues to climb. That's because there are gaping vulnerabilities in the way defenses are deployed - firewalls, endpoint security and even protected storage can all be bypassed by attackers. Learn how a data-centric security approach can make data useless to data thieves.
Establishing a Data-Centric Approach to Encryption [ Source: Voltage Security ]
April 2012- Many data breaches occur at companies that already have a data security policy in place. What is the problem? Typically, intrusion detection and other technologies designed to keep intruders out of your system are built to protect against previously known hacking strategies. This approach exposes your IT systems to great risk as new methods of intrusion are constantly being devised. Learn how to protect corporate data with a data-centric encryption strategy.