Sort results by: Published date | Company name
Showing items 1-25

Shellshock and Future Vulnerabilities - Buying Precious Time [ Source: Dell SonicWALL ]

April 2015- Shellshock wasn't the first widespread network vulnerability to grab headlines, and it won't be the last. Find out how attackers are able to exploit your network vulnerabilities, and how IT managers and network administrators can be better prepared.

Rules of Engagement: A Call to Action to Automate Breach Response [ Source: Digital Guardian ]

December 2014- This Forrester report is a call to action for a more automated threat response process based on developing a set of cyber "rules of engagement" that will empower security teams to act more quickly and aggressively to stop data breaches before they can threaten the business.

Dealing with Data Breaches and Data Loss Prevention [ Source: Proofpoint ]

April 2015- As data grows and organizations become more vast, the risk of sensitive data being breached increases at an alarming pace. With data breaches making the headlines more than ever, organizations are forced to consider the safety of their data, the policies they have in place to protect it, and the strategies and tools at their disposal for breach mitigation.

Download the latest research report from Osterman Research, Inc., Dealing with Data Breaches and ...

The New Phishing Threat: Phishing Attacks [ Source: Proofpoint ]

April 2015- The threat of email borne attacks is greater than ever with malware volumes increasing drastically. One of the most common, and difficult to detect, email threats comes in the form of phishing and spear-phishing emails.

Historically, phishing attacks targeted end-users with attackers going after credentials to financial accounts. But modern phishing attacks have evolved toward targeting sensitive corporate data as evidenced by the high profile data breaches targeted at diverse organizations including RSA ...

Defending Against Advanced Threats - Addressing the Cyber Kill Chain [ Source: Proofpoint ]

April 2015- As clearly evidenced by the daily headlines about security breaches, traditional defense tools are failing to protect enterprises from advanced targeted attacks. A deeper understanding of these attacks and how cybercriminals approach them is key to ensuring your organization is protected.

Understanding the Cyber Kill Chain model and how attackers use the cycle of compromise, persistence and exfiltration against an organization is simple but creating an architecture and supporting policies to address it ...

Cracking the Endpoint: Insider Tips for Endpoint Security [ Source: Bit9 ]

April 2015- Despite decades of attacks, many organizations continue to struggle with the fundamentals of endpoint security. IT organizations, large and small, continue to wrestle with basic endpoint challenges such as understanding what applications are running in their environment, who has administrative privileges, and what versions of software are installed on endpoints. In today's dynamic security landscape, each new day brings new and different threats targeting your organization. Cyber criminals today are more sophisticated than in day's ...

Why Are You Still Paying for Antivirus? [ Source: Bit9 ]

April 2015- The front lines of the cyber war have moved away from the perimeter and onto the endpoint. End user desktops and laptops are under fire from two types of security issues: nuisance malware and advanced threats. Nuisance malware can damage productivity and consume IT time, but advanced threats can cripple a company. As advanced attacks increase in both sophistication and quantity, the potential risk and damage they pose to organizations has increased exponentially. While antivirus (...

Breach Detection: What you need to know [ Source: Bit9 ]

April 2015- Today's cyber attacks have changed in sophistication, in focus, and in their potential impact on your business. This eBook will outline the tactics today's advanced attackers are using to break into your organization and why you require a defense-in-depth cybersecurity program that incorporates automatic detection and incident response. The goal of this ebook is to leave you with the knowledge you need to effectively protect your business against today's advanced attacks. Who should read this ...

Point-of-Sale Security for Dummies [ Source: Bit9 ]

April 2015- Whether you're just getting started down the path of securing your organization's POS systems or you're already neck-deep in the quagmire of security and compliance, there's a lot to learn and a lot to lose. This book highlights the "must have" knowledge and requirements necessary for keeping your POS in check. We help you understand the history of POS technology and advanced threats. We also share with you the limitations of existing security controls and ...

Breach Preparation: Plan for the Inevitability of Compromise [ Source: Bit9 ]

April 2015- You can't open a newspaper or visit an online news site these days without some mention of a cyber attack or data breach. These activities are becoming more prevalent, and as a result, the reporting of these activities is also on the rise. Bit9 + Carbon Black reached out to a series of experts to collect their thoughts and advice on dealing with data security incidents or breaches. This eGuide includes observations from a data forensics ...

The Total Economic Impact of Alert Logic Solutions [ Source: Alert Logic ]

January 2014- Alert Logic commissioned Forrester Consulting to conduct a Total Economic Impact™ (TEI) study to examine the potential return on investment (ROI) enterprises may realize by deploying Alert Logic Solutions. The purpose of this study is to provide readers with a framework to evaluate the potential financial impact of Alert Logic Solutions on their organizations

Unified Security Management vs. SIEM: A Technical Comparison [ Source: AlienVault ]

September 2014- SIEM solutions have been widely adopted to help IT teams correlate data from a variety of security point products. However, traditional SIEM deployments require a great deal of time, money and expertise to properly normalize data feeds, create correlation rules to detect threats and tune those rules to limit false positives. Download this white paper to learn more about how a different approach - Unified Security Management (USM) - is delivering improved threat detection, starting ...

Principles & Policies of Perpetual Paranoia: The New Rules for Enterprise IT Security [ Source: Certes ]

March 2015- Enterprise users are putting many more demands on IT security than ever before. At the same time, the IT security architecture is being tested by hackers at unprecedented levels.

In the middle of this "perfect storm" of demands and challenges, how is IT security to cope? How do the stakeholders in network, applications and information security departments gain clarity and alignment to ensure gaps are plugged and compliance needs are met? An emerging ...

Securing Networked Applications with Cryptographic Segmentation [ Source: Certes ]

March 2015- The rules and economics of IT security have changed radically in the past two years. Hacking attacks and data breaches are no longer mere nuisances or relatively trivial cases of "cyber graffiti" like in the past. The costs of breach cleanup in only one of the retail breaches last year could easily top half a billion dollars. In another case, a judge has cleared the way for banks to sue a retailer for negligence for ...

Epic Security Fail: Roots of the Hacking Crisis [ Source: Certes ]

March 2015- The worldwide hacking crisis continues. In case after case, hacked enterprises had firewalls, intrusion detection, incident response and other systems in place. So why did these security measures fail to prevent so many breaches? In every documented case, it was because networked applications were not properly secured. This infographic explores the three primary IT security gaps that enabled hackers to get a foothold in enterprises and exfiltrate sensitive data.

Case Study: Leveraging Metadata for a Proactive Defense [ Source: GENERAL DYNAMICS Fidelis Cybersecurity Solutions ]

March 2015- All too often network security professionals are forced into an escalating workflow - an arms race - remediating alerts (indicators of attacks) as they come in, instead of proactively hunting for the adversary - who is likely already in your network. Resource and time constraints, as well as a lack of visibility and the right tools, lead to a best-effort security posture (doing everything you can to stay above the rising tide of incoming attacks). ...

How to Mitigate the Risks of Insider Threats [ Source: Digital Guardian ]

November 2014- Insider threats with potential to steal valuable intellectual property (IP) and data can cause significant damage to any organization. Dan Geer elaborates on how you can mitigate the security risk.

Outsider Threat Protection: Building a Kill Chain Defense [ Source: Digital Guardian ]

November 2014- The Kill Chain Defense exploits a critical weakness in the outsider attack model; for an attack to be successful, all steps must be completed and the target data exfiltrated from the organization. This white paper explains the Kill Chain Defense model and how it can be used to pragmatically prevent outsider attackers from succeeding.

Making the Move from Threat Detection to Remediation Faster [ Source: NopSec ]

March 2015- Vulnerability risk management is a foundational practice in most information security programs today. In fact, nearly half of organizations agree that it is the most accepted method for deterring cybercrime.

Despite its importance, traditional vulnerability risk management programs are failing. The labor-intensive manual task lists, mountains of static scan data, expanding attack surface brought on by new technologies such as mobile, and other inherent challenges are crippling organizations in making the move from ...

Think Like A Hacker: A New Approach to Vulnerability Risk Management [ Source: NopSec ]

March 2015- In 2014, there were 7,945 security vulnerabilities identified. That is 22 new vulnerabilities a day. Nearly one an hour. While the number does not appear alarming at face value, when you multiply that by the servers, applications and endpoints across the IT environment, the number is staggering.

Making sense out of mountains of threat data is just one of the many challenges organizations face as part of their vulnerability risk management program. So how can organizations ...

Comprehensive Advanced Threat Defense [ Source: GENERAL DYNAMICS Fidelis Cybersecurity Solutions ]

March 2015- The hot topic in the information security industry these days is “Advanced Threat Defense?” (ATD). There are many definitions, and plenty of marketing hype and spin on the topic, but it's the science – and the art – of defending yourself against sophisticated, persistent adversaries who can get past (or have already gotten past) your security defenses. We like to define advanced threat defense in terms of the adversary rather than the attack technique used to remind ...

Advanced Threat Defense Tactics [ Source: GENERAL DYNAMICS Fidelis Cybersecurity Solutions ]

March 2015- Advanced Persistent Threats (APTs) in the online realm are a painful reality for companies of all sizes, from the largest enterprises down to small and medium-sized businesses (SMBs). Business leaders might be tempted to think that their own organizations are exempt from APTs, or that the security measures they already have in place are adequate to defend against these persistent, methodical attacks. Yet those temptations must be avoided. If your business has something of value ...

Case Study: A Critical Infrastructure Breach Response [ Source: GENERAL DYNAMICS Fidelis Cybersecurity Solutions ]

March 2015- Read this case study to learn from a company who suspected that suspicious activity was occurring on their network. After determining they were likely the victim of a network breach, they were not sure how the breach occurred or what, if anything, had been taken. With more than 1600 servers and approximately 6000 user devices, there was a need to prioritize forensic evidence as they worked to determine affected infrastructure. Download this paper to find out how ...

What Does the Cloud Mean to Enterprise Security [ Source: Zscaler ]

December 2013- The world of enterprise security is changing and being driven by mobility, cloud applications and social media. The disappearing corporate perimeter has made it easier to breach security as employees access corporate assets over unprotected networks. The level of protection needed cannot be achieved with traditional appliance-based security and hybrid solutions. This whitepaper talks about a new approach needed in today's complex IT environments that gives CISOs visibility into every user and device accessing the ...

Turning the Corporate Network Inside Out [ Source: Zscaler ]

December 2013- The world of IT security is undergoing tremendous change as the corporate perimeter disappears and employees are increasingly mobile. These always-on, connected employees become a point of vulnerability as they access the corporate network through unprotected Wi-Fi. This white paper talks about a new approach needed in order to protect the network from Internet security threats. It also highlights how Zscaler's Security-as-a-Service platform, built from the ground up and 100% cloud, protects organizations and employees irrespective ...

APT: The Best Defense is a Full Spectrum Offense [ Source: Zscaler ]

December 2014- APT attacks have led to breaches at very high visibility targets like financial institutions, government agencies and high tech companies. A new approach to defense is needed as security appliances and hybrid solutions are limited in protecting organizations and employees in today's social, mobile world. This whitepaper explores a uniquely differentiated approach to combating the four stages of an Advanced Persistent Threat (APT) attack lifecycle - Reconnaissance, Initial Infection, Control, Exfiltration. Zscaler's comprehensive new approach ...

Next 25