When an organization has been compromised, some of the first questions to ask are critical:
•Which systems can I trust?
•What was done to compromise my systems or data?
•How quickly can I figure out where I stand?
Tripwire is often called in after the fact to help answer these questions, even if the breached organization was not monitoring their systems with Tripwire technology. The following ...
May 2012- Organizations have traditionally viewed vulnerability scanners as a tactical product, largely commoditized, and only providing value around audit time. How useful is a 100-page vulnerability report to an operations person trying to figure out what to fix next? But the tide is definitely turning?there is now a clear shift from a largely compliance-driven orientation to a more security-centric view. It?s widely acknowledged that compliance provides a low bar for security, and it just ...
March 2014- Measuring and managing the security risk associated with information and information technology remains one of the most challenging and elusive problems faced by all levels of an organization. The challenge of how to measure, and therefore how to manage, risk is ever-present and top of mind for information security professionals. Unfortunately, most of the tools for vulnerability and risk management that exist today do not provide a suitable metric and consequently do not improve an ...
Most organizations understand the critical role that vulnerability management (VM) plays in helping them meet compliance requirements,ensure security and reduce risk. However, many organizations discover,only after investing in a solution, that it doesn't properly address their needs. Avoiding this costly mistake can be difficult though, because at first glance many VM solutions appear similar.
This guide helps you objectively choose a new or replacement VM solution by teasing out the real ...
March 2014- With the sophistication and sheer volume of exploits targeting major applications and operating systems, the speed of assessment and deployment of security patches across your complex IT infrastructure is key to mitigating risks and remediating vulnerabilities. Here are the Lumension-recommended steps to cure your patch management headache.
March 2014- Last year we offered our thoughts on buying Endpoint Security Management offerings - including patching, configuration, device control, and file integrity monitoring - which are increasingly bundled in suites to simplify management. In this updated and revised 2014 Endpoint Security Buyer's Guide we update our research on the management functions described last year and add coverage of antimalware, mobility, and BYOD. All very timely and relevant topics. The goal of this guide remains to provide clear ...
March 2014- True North advisors wanted a file sharing solution which was simple and had enterprise grade security. After finding multiple security holes in Box and Dropbox they chose Egnyte as it provided superior security controls and deployment flexibility.
March 2014- Understanding the industry of fraud and its impact on global businesses is critical to defend against the growing sophistication of cyber threats. Learn how organizations are using dynamic, intelligence-driven techniques to redefine fraud risk.
March 2014- In its latest Executive Brief, security industry analyst Frost & Sullivan examines why any organization can be a target, and how robust authentication from leading global vendor RSA is a proven strategy for reducing your vulnerability. RSA's breadth of form factors - including Risk-Based Authentication - is just one aspect that sets RSA solutions apart. The insightful content focuses on: Why even secure passwords aren't enough, what makes an organization a target, four key areas that ...
March 2014- Making the Case for Strong Authentication - in this paper, RSA examines the need for strong authentication and explores the return on investment that can be realized in order to help organizations make an informed decision when contemplating their strategic move toward more effective security.
March 2014- This paper focuses on defining levels of critical incident response maturity and how organizations can continually improve their incident response capabilities to help reduce the risk of experiencing a damaging incident. It provides a framework to help organizations determine where they are in the security journey and where they want to be.
March 2014- Learn about the tools, technologies and techniques required for comprehensive detection and remediation of advanced malware threats and why traditional signature-based approaches fall short of protecting your organization.
Competitive advantage is derived by an organization when it develops strategies, techniques, or resources that allow it to outperform its competition. One such resource is the innovative use of analytics to improve business decisions or operational processes. Decision makers can use analytics to cultivate the data collected from day-to-day operations into key insights unavailable to the competition.
The field of predictive analytics is the next evolution in business intelligence - moving beyond the ...
February 2014- DNS has become a key part of enterprise networks and is used constantly to perform business-critical functions. Unfortunately, it has been largely overlooked in efforts to protect IT infrastructures and is increasingly targeted by hackers. A comprehensive solution is now available to protect against both types of attacks that exploit DNS-attacks from outside aimed at bringing the network down, and attempts by malware planted on internal servers to exfiltrate sensitive information. Read this white paper ...
February 2014- Stories about devastating cyberattacks are plaguing the news every week. You might be thinking your network is secure. You have a sophisticated, layered, defense-in-depth strategy in place. Your customer data-and your business reputation-are undoubtedly secure, but is it? Take a look at yourself through the eyes of the cybercriminals who are making today's headlines. They know that there is a hole in most defenses and how to exploit it. Carrying out a DNS attack is ...
You're aware of the threats of malware to your business but what about the ever-changing ground rules? Cybercriminals today are launching attacks against businesses by copying sophisticated malware and techniques used to target governments and high-profile organizations.
Don't get caught in the crossfire. Read our special report "Who's spying on you?" to find out more:
• Techniques cybercriminals use
• Common exploited vulnerabilities
• Collateral damage from cyberespionage
• Protecting your business ...
February 2014- This book provides an overview of network security in general, and explains how cybercriminals can use hidden or currently undetectable methods to penetrate protected network systems. Advanced evasion techniques (AETs) bypass current common network security solutions. They can transport any attack or exploit through network security devices and firewalls, next generation firewalls, intrusion detection and prevention systems, and even routers doing deep packet inspection. In this book you'll find out all about AETs, and get ...
February 2014- As next-generation firewall (NGFW) technology becomes more mainstream, it is time to review the advanced capabilities and features that separate the leaders from the laggards. At its most basic, the consensus of a NGFW definition would include these capabilities - standard firewall features like stateful inspection and network address translation, integrated intrusion prevention, application awareness and some level of intelligence and integration with vulnerability and reputation databases. Network and cyber security teams understand the three ...
January 2014- Which IT risks cause the most financial damage? What can you do now to address IT and reputational risk? A recent worldwide IBM study focused on understanding the financial and reputational consequences of IT failures. We set out to discover the elusive numbers that organizations need for building a business case for IT risk management. Read this analyst paper to learn more about how you can protect the reputation and value of your company.
January 2014- The growing emphasis on application agility requires IT focus on excellence in application release operations. Getting application release operations right streamlines the process of getting an application into the hands of users, providing the business with justification for a move to the cloud.
Execution, combined with innovative thinking and bright ideas, is the key differentiator setting leading companies apart from trailing competitors. This emphasis on execution contributes to the fact that Agile development is becoming increasingly hot.
This white paper discusses key concepts supporting the Agile methodology and the foundational role of enterprise management tools in automating the "ideas to action" cycle. Inside, learn how business' ability to adapt is largely dependent on the speed at ...
January 2014- In this white paper, learn about the specific problems around data protection when using servers within Amazon Web Services (AWS) environments. This includes both problems specific to the environment, the motivations that drive the need for this data protection, and recent changes in cyber threats that highlight the need for this protection. The paper also examines the core elements of a data protection solution for AWS implementations, and then reviews how the Vormetric Data Firewall ...
December 2013- The boundaries of the modern enterprise have undergone massive changes, and these shifts are causing IT, security and networking teams to fundamentally reevaluate the way they think about and manage the network. It is no secret that near-universal Internet connectivity has changed society and user behavior along with it. Users simply assume that they will be able to connect and work (or not) from anywhere, whether using their corporate laptop or increasingly popular platforms such ...
Injection vulnerabilities allow a malicious attacker to insert specific commands into an application or code that will execute undesired behaviour on their behalf. These attacks usually exploit an application at the point where it requests user input for later processing. The most common types of injection vulnerabilities include SQL Injection, Command Injection, Cross Site Scripting, XPath and LDAP Injection.
This paper provides a detailed description of injection vulnerabilities, discusses how they present themselves ...
December 2013- This white paper will discuss the growing need for unified, cross-organizational endpoint management, issues such as security and regulatory compliance surrounding these management capabilities-including those created by the increasing use of mobile computing-and solutions for providing secure, scalable, streamlined IT capabilities to control all endpoints in healthcare environments.
View All Categories
Business Intelligence : Analytics, Business Process Management, Content management, Dashboards, Data Mining, Data Quality, Databases, Datamarts/Data Warehouses, Information Management, Knowledge Management, Performance Management
Hardware : Blades, Data centers, Desktops/PCs, Grid/Cluster Computing, Handhelds/PDAs, Macintosh, Peripherals, Processors, Supercomputers, Unix/Linux servers, Utility/On-demand Computing, Virtualization Hardware, Windows Servers
Infrastructure : ATM, Ethernet/Gigabit Ethernet, Frame relay, IPv6, Traffic Management, Network/Systems Management, PBXs, Printers, Remote Access, Routers, Switches, UPS, VPNs, WAN Optimization/Acceleration, Wide Area File Services
Internet : B2B, B2C, Browsers, E-Business/E-Commerce, E-retail, Google, Internet Policy, Internet Security, Search, Social Networks, Traffic Reporting/Monitoring, Web 2.0, Web Development, Social Business
Management : Career Development, Executive Insights/Interviews, H-1B, Legal, Outsourcing, Personnel Management, Recruiting, Regulation/Compliance, ROI/TCO, Salary/Compensation, Small-Medium Business, Training, Workplace Trends
Personal Tech : Blackberry, Bluetooth, Bluray, Digital Cameras, Digital Music, Digital Rights Management, Global Positioning Systems, iPhone, iPod, Peripherals, Smartphones, TVs/Home Theater, Virtual worlds
Security : Antivirus, Application Security, Attacks/Breaches, Cyberterror, Encryption, End user/Client Security, Intrusion Prevention, NAC, Perimeter Security, Privacy, Security Administration, Storage Security, Vulnerabilities and Threats
Services : Business Process Outsourcing, Business Services, Disaster Recovery, Hosted Applications, Hosted Storage, Internet/Data Services, Outsourcing, Software as a Service, Systems Integration, Telecom/Voice Services
Software : Integration, Application Optimization, Business Systems Management, CRM, Database Applications, Databases, Development Tools, ERP, Hosted Software/Applications, Linux, Open Source, Operating Systems, Productivity Applications, Server Virtualization, Service Oriented Architecture, Web Services