Sort results by: Published date | Company name
Showing items 1-25

Implementing SAP Security Solutions [ Source: Onapsis ]

January 2015- Gaps in security practices of business-critical applications running on SAP are causing organizations to rethink their current approach and embrace a new strategy.

The SAP Security Survival Guide [ Source: Onapsis ]

January 2015- As a CISO, learn which questions to ask in order to uncover security challenges facing your SAP systems.

Analysis of Cybercrime Infrastructure [ Source: Proofpoint ]

January 2015- Proofpoint security researchers have published an analysis that exposes the inner workings of a cybercrime operation targeting online banking credentials for banks in the United States and Europe. This Proofpoint research report provides a detailed and rarely seen inside view of the infrastructure, tools and techniques that enabled this cybercrime group to infect over 500,000 PCs.

Key facts from the Proofpoint analysis:
• Qbot (aka Qakbot) botnet of 500,000 infected systems sniffed “conversations&...

The Failure of Cloud Information Governance: A Global Data Security Study [ Source: SafeNet ]

January 2015- As technology evolves, more and more organizations are moving applications and data to the cloud. Although cloud solutions can save money and improve accessibility for remote users, it can also leave your sensitive data vulnerable to new security threats. With the lack of governance policies and security practices for the transition to cloud computing, it is important to consider how this move can affect your organization’s security. Ponemon Institute conducted a survey sponsored ...

Sleeping Through the Alarm: What Breaches Should be Telling Us, and Why the Message is Missed [ Source: SafeNet ]

January 2015- Security professionals are living in a time of rapid and fundamental change. Computing and delivery models, user platforms and devices, and security threats have changed radically in recent years. However, in many ways, the security technologies and approaches employed by many organizations have remained relatively static, sometimes leading to disastrous results. To gain a picture of how organizations are contending with the changing technology and security landscape, SafeNet undertook an extensive survey.

This ...

The Current State of Encryption and Key Management: Where Security Gaps Persist - Strategies for Addressing Them [ Source: SafeNet ]

January 2015- While encryption has been employed for decades, there has never been a higher need than in today’s market with data breaches consistently littering the headlines. As more organizations adopt encryption strategies many questions are posed.

Where is encryption being employed today and why?

Where do security practitioners see encryption’s usage increasing?

What do current usage trends tell us about existing security gaps, and how should those weaknesses ...

Authentication Best Practices: Put Control Where It Belongs [ Source: SafeNet ]

January 2015- A significant number of high profile security breaches have occurred recently, bringing the organizations affected to the front pages of the business press. These events have had a negative impact on the public image of these companies, and may also have had a negative impact on their business. Due to these incidents, CIOs of many organizations have had to re-evaluate their info-security strategy in general, while also placing specific focus on their user authentication and ...

Secure the Breach Manifesto [ Source: SafeNet ]

January 2015- As hackers continue to successfully conduct large-scale attacks against financial services, retail and entertainment companies, organizations must rethink their security strategy. No longer are network firewalls and other perimeter “breach-prevention” technologies good enough. Many enterprises today rely on these technologies as the foundation for their data security strategy and unfortunately there is no fool-proof way to prevent a breach from occurring. This paper outlines SafeNet’s 3 step approach to help your company accept the ...

Threat Intelligence Defined [ Source: Solutionary ]

January 2015- The entire security industry has focused in on the newest buzzwords: Threat Intelligence. The term is so broadly used the definition of "intelligence" is sometimes lost. Some services are simply offering access to minimally analyzed (or even raw) data. Learn how to tell what "intelligence" really means and how to differentiate the offerings in this Solutionary white paper.

Top-Down Security and the Security Life Cycle [ Source: Solutionary ]

December 2014- Security is a necessary component in the corporate digital infrastructure. Unfortunately, rallying support behind security initiatives is often easier said than done. By improving mutual understanding of management and analyst perspectives, IT security professionals and non-technical managers can define a smoother process to develop and improve the organization's security infrastructure.

Malware Detection with Network Monitoring: Not Quite Enough [ Source: Solutionary ]

September 2014- When IT professionals think about information security, they often think about network intrusion detection systems (IDS) and intrusion protection systems (IPS) early in the process. Network IDS/IPS has long been a mainstay for detecting malicious activity and continues to be a very important piece of the security puzzle. Unfortunately for security professionals, that puzzle continues to evolve and becomes increasingly large and complex.

Enterprise Security & the Mainframe: A Holistic Approach [ Source: CA Technologies ]

January 2015- Ten years ago security breaches were mostly widespread nuisances perpetrated by young script kiddies out for notoriety. Today, they are targeted, sophisticated, and highly damaging. Most are perpetrated by well-funded elements of organized crime, foreign governments, and terrorist groups out for money and a competitive edge. Newer advanced persistent threats (APT's) can penetrate a single victim's network and secretly remain there for months or years, stealing large volumes of valuable proprietary or private customer information.

Why Your Next Generation Firewall Protection Isn't Enough [ Source: Webroot ]

November 2014- Enterprise security organizations face a daily onslaught of external attacks. According to a recent survey by IBM X-Force and Verizon's 2014 Data Breach Report, 92% of attacks being perpetrated are by outsiders. Because of this, organizations have to focus on how these attacks successfully penetrate their network perimeter security defenses. Many organizations have invested in next generation firewalls (NGFWs) to protect them from network-based attacks.

Detect and Investigate Malicious IP Activities in SIEM with Predictive Threat Intelligence [ Source: Webroot ]

October 2014- Malicious IPs are a new and growing problem for enterprises. To effectively defend against these malicious IPs, enterprises need to augment their SIEM solutions with real-time predictive threat Intelligence so they can detect attacks from unknown IPs as early as possible and respond to them before they lead to more severe incidents and costly breaches.

A Smarter Solution to Malware Prevention [ Source: Webroot ]

November 2014- Traditional endpoint security has failed to keep up with today's threats and is exposing organizations to unacceptable levels of risk. It's time for smarter, next-generation malware prevention to replace or supplement traditional defenses. New approaches to malware can wrest back control and give security administrators greater visibility and control over their endpoints at a lower cost than traditional solutions. This paper looks at the endpoint threats organizations are facing, the means to combat those threats, ...

Defend Against Injection-Based Attacks [ Source: Rogue Wave Software ]

January 2015- We'll explore some of the most common security vulnerabilities currently plaguing the software development industry, and present different ways in which Static Code Analysis, or SCA, can detect them.

In this paper, we'll:
• Provide a detailed description of the weakness
• Show how it presents itself to the end user and the developer
• Explain mitigation strategies to help resolve each issue.

The CryptoFlow Manifesto [ Source: Certes ]

December 2014- Over half a billion data records have been stolen from enterprises and governments around the world in the last 12 months. And those are just the data breaches we know about.

In every one of the high-profile documented data breaches, the hackers took advantage of poorly protected networked applications to steal sensitive information.

They bypassed firewalls. They hopped network segmentation controls. They implanted malware that sent data to unauthorized locations. They exploited ...

What to Look For When Evaluating NGFW [ Source: Dell ]

December 2014- It is never easy to evaluate and compare complex technology products. Vendors provide feature lists and documentation, but feature lists never tell the whole story. Testing products in your own environment is costly and time consuming. In this paper, we summarize the results of three independent tests that can help you select a next-generation firewall for your organization. We also provide links to the portions of the research that have been made public, so you ...

How Traditional Firewalls Fail [ Source: Dell ]

December 2014- Your current firewall may be jeopardizing your security. This white paper explains exactly where traditional firewalls fall short, and how next-generation firewalls can help you counter today's threats, manage web 2.0 apps and enforce acceptable-use policies. If your company has a traditional firewall, it is probably jeopardizing your security and costing you money. Firewalls are an essential part of network security, but most are very limited. They can close unneeded ports, apply routing rules to packets ...

How to Achieve Intelligence-Driven Threat Detection and Response [ Source: RSA, The Security Division of EMC ]

November 2014- Learn the four key areas that organizations should focus on to achieve intelligence-driven threat detection and response.

Signature-less Malware Detection: Finding an Evil in the Haystack [ Source: RSA, The Security Division of EMC ]

November 2014- Learn about the tools, technologies and techniques required for comprehensive detection and remediation of advanced malware threats and why traditional signature-based approaches fall short of protecting your organization.

ESG Reviews the Processes and Technologies Required for Effective Incident Detection and Response Today [ Source: RSA, The Security Division of EMC ]

November 2014- Learn what CISOs can do to better protect their organizations from security breaches, and why a big data security analytics architecture is necessary for threat detection and response.

Single Sign-On: with Passwords, Less is More [ Source: NetIQ ]

September 2014- Your workforce is using more applications from a wider variety of sources than ever. This causes security issues as users forget passwords, share them or write them down. Single sign-on (SSO) is a quick way to solve this problem. Now is the perfect time to implement SSO. This paper will explain SSO options and questions you should ask to determine the right solution for you. Security and productivity are both at stake: put SSO to ...

Mobile and Remote Access: Balancing Productivity and Security in a BYOD World [ Source: NetIQ ]

September 2014- In today's BYOD world, securing access and maintaining productivity is challenging; users want access from their own devices, and the applications, data and services they're accessing aren't inside the perimeter. But even in this environment, you can secure access. Read this paper to learn how you can implement access controls that keep up with the modern world. Get advice on how to take stock of your environment, leverage your current investments and keep your access ...

CyberEdge: 2014 Cyberthreat Defense Report [ Source: NetIQ ]

March 2014-

As trusted experts in the field of cybersecurity, CyberEdge has provided the 2014 Cyberthreat Defense Report to demonstrate just what the current security landscape looks like. IT professionals from North America and Europe responded to a survey, and an overwhelming majority of them said their organization had been the victim of at least one attack in 2013. To mitigate that danger, organizations are expected to put more money into IT budgets in the upcoming years.

<...

Advanced Persistent Threats: Hijacking Insider Credentials [ Source: NetIQ ]

May 2014-

Sophisticated groups of hackers, known as advanced persistent threats (APTs), often use stolen insider credentials to evade security measures. So how can you know who's logging on? Learn how to spot suspicious activity before it's too late.


Individual hackers are no longer the foremost threat. APTs have evolved. These malicious actors now use sophisticated tactics to circumvent security policies. Whether people are trying to use spear-phishing scams or other means to ...

Next 25