Mission critical defense
Attackers don't work in silos. To defend against them, your defenses can't be siloed either. The teams, tools, and solutions you use in the response ......
Identity as a service is emerging as a new, innovative approach to identity and access management (IAM) in the cloud that brings with it the potential to reduce costs, enhance end-user and IT administrator productivity, and enable greater enterprise agility.
One of the biggest concerns expressed by IT managers about outsourcing their IAM operations to a cloud-based service provider is security. When user credentials (e.g., user ID, password, and other attributes) are ...
October 2012- The software-as-a-service (SaaS) application delivery model is growing rapidly. However, customers who adopt the SaaS model struggle to manage the overwhelming number of user accounts they have to create. Their users are constantly forgetting their passwords and calling the help desk. They are unhappy because they have to reenter their user ID and password every time they logon to an application during the day. Overwhelmed IT administrators take too long to create accounts for new ...
October 2012- With online applications and services driving the market - and providing a key competitive differentiator - organizations are under mounting pressure to remain agile and accelerate the delivery of web-enabled capabilities. But at the same time, they must ensure that new online offerings are supported by security measures capable of effectively protecting personal information - plus critical business data - without impeding the user experience.
Dan Woods, Chief Analyst CITO Research, outlines enterprise architecture requirements for designing, managing, and protecting APIs and how the emerging API Gateway "proxy" deployment model is speeding deployment across industries.
In this model, authentication using OAuth and other lightweight protocols such as REST and JSON are all the rage but Enterprise-class security is still lacking. To present actionable solutions, Dan presents 5 core API patterns for mobile, partner, data control, and PaaS infrastructure with ...
This technical white paper is designed for security architects, app developers, and program managers that are chartered to rapidly repurpose and expose enterprise application services for app store and mobile consumption. We present how to develop/deploy a server side architecture to enable the mobile application economy via REST APIs with JSON, contrast native vs web based client architectures, and the resulting impacts on security, protocol mediation, and data control.
We posit how ...
October 2012- This buyer's guide, written by independent industry security expert, Gunnar Peterson, will provide the analysis and decision support that will enable you to make an informed choice. Learn about Security Gateway architectural capabilities and common business use cases where they are deployed.
October 2012- Get the most up-to-date view of the IT security threat landscape from the experts at ESET. This monthly threat report is required reading for anyone involved with IT Security.
October 2012- Cloud computing has become another key resource for IT deployments, but there is still fear of securing applications and data in the cloud. These concerns include authentication, authorization, accounting (AAA) services; encryption; storage; security breaches; regulatory compliance; location of data and users; and other risks associated with isolating sensitive corporate data. Add to this array of concerns the potential loss of control over your data, and the cloud model starts to get a little scary. ...
Employees feel more empowered than ever to use any application they believe will help them do their job. And attackers are taking advantage of the sheer volume of applications, the Bring-Your-Own-Device (BYOD) trend, social media and other opportunities to glean information and penetrate networks.
How do you encourage productivity and minimize risks?
Application control is key.
Read "The Five Key Benefits of Application Control and How to Achieve Them," ...
Learn how security professionals are extending the use of Splunk with the Splunk App for Enterprise Security. This document describes how you can take full advantage of Splunk's analytics and visualization capabilities and unique ability to process big data.
With the ability to search and process known and unknown threats, you can use Splunk as your primary security data interface. Splunk and the App for Enterprise Security are equally suitable for a small ...
September 2012- Forward-thinking CSOs are embracing the right security strategy and exercising appropriate caution without dampening cloud optimism. By overcoming the number one perceived challenge security-CIOs-can move beyond their fears to pursue their IT transformation to cloud computing.
Each year thousands of critical software flaw vulnerabilities are reported in operating systems, databases, servers, and other applications. Patching these vulnerabilities can be disruptive and time consuming, requiring systems to be rebooted and impacting service level agreements. Even when a patch is available, it can take weeks or even months before the patch can be fully deployed.
Download "Vulnerability Shielding: The Patch Management Challenge" to learn about some of the key features and ...
Security for hybrid clouds must span both the private and public cloud infrastructures. To keep data and applications safe throughout the hybrid cloud, you'll need self-defending VMs using agent-less security for the private cloud as well as agent-based security for the public cloud.
Download "Total Cloud Protection: Securing Your Unique Cloud Journey" to find out how you can leverage a hybrid solution that allows you to:
ē Control when and where data ...
Passwords are a known weak link and continue to be exploited at alarming rates. From simple phishing schemes to sophisticated, targeted phishing attacks, gaining access to a user's password is an easy and prolific attack. Regulatory agencies agree and are setting increasingly rigorous requirements for strongly authenticating users. Multi-factor authentication is no longer optional for many organizations.
Whether you're planning to implement multi-factor authentication for the first time or are looking to expand ...
Escalating IT security threats and strengthening regulatory requirements are driving adoption of multi-factor authentication to unprecedented levels. Increasingly, new and expanded multi-factor implementations are leveraging phone-based authentication instead of hardware security tokens, which had previously dominated the multi-factor market. According to Goode Intelligence, an information security research and analysis firm, phone-based authentication will comprise 61% of the multi-factor authentication market by the year 2014.
This paper will address the key drivers for this market shift ...
Information security has never been a bigger challenge for organizations, given cloud computing and virtualization, remote access, mobile technologies and social networking. Many companies today rely on hardware-based authentication for security, but this method of authentication is flawed in a number of ways.
Modern software-based authentication solutions provide far more cost-effective ways to ensure strong, two-factor authentication.
Read this white paper to learn about the security challenges businesses face today, and ...
Managing smartphones and tablets is only half the MDM story. Securing the data and access points between corporate systems and your workers' iOS, Android, Windows, and BlackBerry devices requires just as much consideration and planning as protecting the devices themselves.
This white paper explores ten policy best-practices for secure and compliant enterprise mobility including industry regulations, passcodes, secure email, apps and features.
Advanced malware targeting employee endpoints is a major threat to corporate intellectual property, regulated data and financial assets. Perimeter and traditional endpoint defenses are struggling to meet this emerging threat in the face of a changing IT landscape: desktop virtualization, remote access, BYOD and Cloud migration.
This whitepaper explains how advanced malware challenges traditional defenses to take advantage of the increased exposure of employee endpoints. It review's the evolution of advanced targeted attacks, ...
As advances in mobility and client computing technology extend from the home into the work place, the classroom and even into government entities, CIOs should consider seriously the opportunities for increased productivity and communication with customers and constituents, as well as understand the increased security risks posed by online, anytime access to private networks and data.
Read this paper to learn more about how CIOs can proactively respond to these trends by developing ...
Today's evolving threat landscape requires a new approach to endpoint security. With the exponential growth in malware and the targeted nature of today's attacks, a reactive approach is just not effective enough.
Download this whitepaper and learn how Bit9 integrates into a SIEM console, provides the holistic view necessary to ensure an open network isnít a vulnerable one, and provides a defense-in-depth security strategy that spans network sensors and endpoints.
One of the biggest challenges in desktop administration is application control. If administrators are to keep desktops secure, then they must be able to ensure only safe applications are installed on user desktops.
Download this whitepaper to learn how Bit9 has emerged as the most effective application control mechanism.
Anonymous hacktivists, cyber criminals and nation-states are viewed as the top three threats in 2012 in this Bit9 survey of more than 1,800 IT professionals. And more than 60 percent of those surveyed believe that they will be the target of a cyber-attack in the next 6 months.
Download this research report to find out how your security and IT colleagues view the world of advanced cyber threats and find out how you compare.
RSA, The Security Division of EMC released key findings from the RSA Archer GRC Executive Forum it hosted recently, where governance, risk and compliance (GRC) leaders from 34 leading corporations discussed enterprise risk management strategies and best practices.
A dominant theme from the forum's executive participants was that corporate boards of directors are taking note of GRC demands and are now looking for greater visibility into the risks that could negatively impact their organizations.<...
August 2012- The focus of this research is to examine the challenges global organizations face in meeting escalating enterprise Governance, Risk and Compliance (eGRC) objectives.
August 2012- Over the past few years, ESG has noticed a distinctive trend: many large organizations are now eschewing reactive information security and regulatory compliance activities in favor of structured and documented risk management.
August 2012- Organizations must look to improve operational efficiency in enterprise governance, risk and compliance (eGRC) initiatives to meet current fiscal concerns while providing a framework on which to build a rigorous eGRC program.
View All Categories
Business Intelligence : Analytics, Business Process Management, Content management, Dashboards, Data Mining, Performance Management, Databases, Datamarts/Data Warehouses, Information Management, Knowledge Management, Data Quality
Hardware : Virtualization Hardware, Windows Servers, Utility/On-demand Computing, Unix/Linux servers, Supercomputers, Peripherals, Macintosh, Handhelds/PDAs, Grid/Cluster Computing, Desktops/PCs, Data centers, Blades, Processors
Infrastructure : ATM, Ethernet/Gigabit Ethernet, Frame relay, IPv6, Traffic Management, Network/Systems Management, PBXs, Printers, Remote Access, Routers, Switches, UPS, VPNs, WAN Optimization/Acceleration, Wide Area File Services
Internet : B2B, B2C, Browsers, E-Business/E-Commerce, E-retail, Google, Social Business, Internet Security, Search, Social Networks, Traffic Reporting/Monitoring, Web 2.0, Web Development, Internet Policy
Management : Career Development, Training, Small-Medium Business, Salary/Compensation, ROI/TCO, Regulation/Compliance, Recruiting, Personnel Management, Outsourcing, Legal, H-1B, Executive Insights/Interviews, Workplace Trends
Personal Tech : Blackberry, Bluetooth, Bluray, Digital Cameras, Digital Music, Digital Rights Management, Virtual worlds, iPhone, iPod, Peripherals, Smartphones, TVs/Home Theater, Global Positioning Systems
Security : Security Administration, End user/Client Security, Encryption, Cyberterror, Attacks/Breaches, Application Security, Antivirus, NAC, Perimeter Security, Privacy, Vulnerabilities and Threats, Storage Security, Intrusion Prevention
Services : Telecom/Voice Services, Business Process Outsourcing, Business Services, Disaster Recovery, Systems Integration, Hosted Storage, Internet/Data Services, Outsourcing, Software as a Service, Hosted Applications
Software : Web Services, Service Oriented Architecture, Server Virtualization, Productivity Applications, Operating Systems, Open Source, Linux, Hosted Software/Applications, ERP, Development Tools, Databases, Database Applications, CRM, Business Systems Management, Integration, Application Optimization
More Security Resources
Mission critical defense