Mission critical defense
Attackers don't work in silos. To defend against them, your defenses can't be siloed either. The teams, tools, and solutions you use in the response ......
Big Data repositories enable enterprises to use large volumes of varied data to make more rapid decisions, but repositories frequently include sensitive data that must be secured. Most Hadoop and NoSQL environments that manipulate Big Data have little to no integrated security.
This technical paper provides an overview of NoSQL Big Data security issues and includes security recommendations that enterprises should consider when securing Big Data environments.
March 2013- The Securing and Controlling Data in the Cloud white paper describes the various cloud formations (Private Cloud, Public Cloud, SaaS, PaaS, IaaS), the new security challenges posed by the cloud and solutions that enterprises can bring to bear for securing and controlling sensitive data in cloud environments.
The last few years have seen a dramatic increase in the use of email as a vehicle for cyberattacks on organizations and large corporations.
Such attacks have evolved from the simple inclusion of malware as a non-disguised executable file, to more socially engineered "phishing"style attacks, which attempt to persuade the recipient voluntarily provide valid security credentials-often simply by clicking a link that leads to a malicious or fraudulent website. But how can ...
February 2013- Current market solutions are built to protect the enterprise and are too resource intensive for most organizations to manage. Learn about five key components that any risk-based information security solution must include to cost effectively and efficiently protect information and meet regulatory requirements - regardless of industry, organization size or security skill set.
February 2013- Law enforcement and domain registrars will continue to curb cybercrime efforts. This will likely be coordinated through CERT groups and relations with security firms. However, a more comprehensive, multi-layered approach to security will be key in bolstering that effort.
We've all seen the reports about what goes wrong when proper controls are not implemented while storing and transferring data. Large enterprises face messy notifications, customer dissatisfaction and, in many cases large fines. In fact, a data breach in the U.S. comes with an average price tag of $5.5 million, according to a 2011 Ponemon Institute study.
This paper from Imation Mobile Security explains when compliance alone may not offer the protection enterprises need ...
February 2013- Threats and vulnerabilities are a way of life for IT admins. This paper focuses on how McAfee's Vulnerability Manager and McAfee ePolicy Orchestrator provide IT Admins with powerful and effective tool for identifying and remediating vulnerable systems.
February 2013- Information security based on regulatory compliance stipulations cannot keep up with today's sophisticated and rapidly changing threat landscape. CISOs need to implement a new discipline that ESG calls, "Real-time Risk Management."
February 2013- Taking a risk-based approach to vulnerability lifecycle management is becoming the norm for vulnerability assessment vendors. This paper reports on the findings when testing McAfee's Risk Management solution from a holistic risk management and vulnerability lifecycle management perspective.
February 2013- Vulnerability assessment vendors compete on management features, configuration assessment, price, reporting and integratin with other security products. Buyers must consider how VA will fit into their overal vulnerability management process when evaluatiing VA products and services.
February 2013- Some IT and Security teams wonder if automated vulnerability management is important given the many pressing demands for other IT projects and investments they face. The purpose of this paper is to help these IT and Security professionals evaluate their security posture and risk.
February 2013- As long as there is software, there will be software vulnerabilities. And wherever there are vulnerabilities, you will find malware and cybercriminals. This paper will examine that risk and provide a step by step process to protect your companies critical assets.
February 2013- Up until now, your view of risk while monitoring your network has been incomplete. This white paper discusses a new, innovative approach to protecting your network through a combination of active and passive network discovery and monitoring, in real-time.
February 2013- Gone are the days when majority of corporate employees worked in the office and were statistically mapped to their applications and resources which all ran behind the firewall. Today, not only are applications running on the LAN/corporate data center and being delivered from cloud-based networks. These cloud resources might not have access to a corporate directory for employee validation. In addition, today's workforce is highly distributed; using a multitude of different access devices, yet ...
February 2013- Companies are in high alert to fight off Distributed Denial of Services (DDoS) attacks that can halt business and amount to a costly burden on companies and customers. DDoS attacks are increasing in volume, frequency, and sophistication, and they are targeting every level in the data center. Smart organizations are moving to defend not only their network, session, and application layers, but also their business logic and database tiers as well. In defense, today's enterprises ...
February 2013- The firewall is, and has been, the primary foundation around which conventional network security architectures are built. But the conventional firewall is beginning to show its limitations in detecting and repelling modern attacks. Diverse attacks involving multiple layers of the network stack are causing firewall failures with alarming frequency. As a result, traditional firewall services alone are insufficient for detecting attacks and subsequently preventing business disruption. The new application delivery firewall technology provides enforcement of ...
Protecting endpoints from various threats is perhaps the single most critical function for any IT department. Given the still voluminous quantity of spam that hits corporate email servers, the growing threat from phishing and advanced persistent threats, and the increasing number of physical platforms and Web-based applications that have access to corporate data resources, protecting these critical resources and platforms should be at the top of virtually IT decision maker's "must-do" list.
The threat of email borne attacks is greater than ever with malware volumes increasing drastically. One of the most common, and difficult to detect, email threats comes in the form of phishing and spear-phishing emails.
Historically, phishing attacks targeted end-users with attackers going after credentials to financial accounts. But modern phishing attacks have evolved toward targeting sensitive corporate data as evidenced by the high profile data breaches targeted at diverse organizations including RSA ...
Learn how Big Data analysis techniques gives enterprises the data security they need to withstand today's highly customized inbound attacks.
Enterprises today are exposed to a range of IT security threats, from basic annoyances such as auto-emailed viruses, to targeted phishing-style attacks that trick employees into clicking on dangerous links that install malware, steal credentials, or in some other way jeopardize the security of the enterprise. As threats have evolved over time, new ...
Ensuring data privacy in compliance with government regulations and consumer protection laws presents a complex set of challenges for financial firms. Coupled with the rising sophistication in security threats, many industries are under regulatory fire in demonstrating accountability and addressing compliance requirements in accordance with federal and state laws. How an organization is able to store and manage their data, including email, has a high impact on regulatory compliance.
Read this white paper ...
Survey reveals pitfalls of traditional vulnerability scanners
Learn what IT professionals had to say about vulnerability management programs at their organizations, including how often and what zones they scan, and the challenges they encounter.
The Skybox Security Vulnerability Management Survey 2012, conducted in conjunction with Osterman Research, polled more than 100 IT decision makers including security managers, and network and systems engineers involved in vulnerability management processes.
Among the findings:
Distributed denial-of-service (DDoS) attacks continue to grow in size, complexity and danger. Witness the recent wave of attacks on major U.S. banks, which knocked websites offline, angered customers and took a grave toll on brand reputations. The lessons of those attacks echo the findings of this report: Previously successful DDoS mitigation solutions no longer work.
UBM Tech conducted research with IT professionals who have suffered DDoS attacks. The drastic changes in attack ...
Jumping the gun? Maybe. But odds are it will happen.
Be ready with your Advanced Malware Survival Kit.
Download our Incident Response Brief: 4 keys to effective malware response From there, access:
• Videos: See the power of malware visibility and control from the network to end-devices
• Special Offer: 100 Free Seats of advanced malware protection
Download the Advanced Malware Survival Kit Now and be prepared before the next attack!
Smartphones and tablets are everywhere. Most companies allow employees to use personal mobile devices to access corporate data, but they typically have very little visibility into which employees are accessing corporate data and what kinds of devices they're using. As a result, they are blind to the risks these devices present to their corporate data.
This white paper highlights key mobile security risks and describes how pervasive they are based on data from ...
The Payment Card Industry Data Security Standards (PCI DSS), with its over 200 requirements, can seem like a daunting set of regulations. Nonetheless, if your organization handles any kind of credit card information, you must be PCI DSS compliant. As difficult as this can seem, you can get expert help with our new eBook: Demystifying PCI DSS: Expert Tips and Explanations to Help You Gain PCI DSS Compliance.
When you download this free eBook, ...
Access controls that define a specific set of user privileges are well accepted as a security best practice. Why, then, are these same principles so rarely applied to the most sensitive access of all: administrative accounts?
In this ENTERPRISE MANAGEMENT ASSOCIATES® report, you’ll discover common excuses given to justify this oversight. You’ll then see how modern privileged account management solutions provide the control and monitoring capabilities needed to bring privileged access ...
View All Categories
Business Intelligence : Analytics, Business Process Management, Content management, Dashboards, Data Mining, Performance Management, Databases, Datamarts/Data Warehouses, Information Management, Knowledge Management, Data Quality
Hardware : Virtualization Hardware, Windows Servers, Utility/On-demand Computing, Unix/Linux servers, Supercomputers, Peripherals, Macintosh, Handhelds/PDAs, Grid/Cluster Computing, Desktops/PCs, Data centers, Blades, Processors
Infrastructure : ATM, Ethernet/Gigabit Ethernet, Frame relay, IPv6, Traffic Management, Network/Systems Management, PBXs, Printers, Remote Access, Routers, Switches, UPS, VPNs, WAN Optimization/Acceleration, Wide Area File Services
Internet : B2B, B2C, Browsers, E-Business/E-Commerce, E-retail, Google, Social Business, Internet Security, Search, Social Networks, Traffic Reporting/Monitoring, Web 2.0, Web Development, Internet Policy
Management : Career Development, Training, Small-Medium Business, Salary/Compensation, ROI/TCO, Regulation/Compliance, Recruiting, Personnel Management, Outsourcing, Legal, H-1B, Executive Insights/Interviews, Workplace Trends
Personal Tech : Blackberry, Bluetooth, Bluray, Digital Cameras, Digital Music, Digital Rights Management, Virtual worlds, iPhone, iPod, Peripherals, Smartphones, TVs/Home Theater, Global Positioning Systems
Security : Security Administration, End user/Client Security, Encryption, Cyberterror, Attacks/Breaches, Application Security, Antivirus, NAC, Perimeter Security, Privacy, Vulnerabilities and Threats, Storage Security, Intrusion Prevention
Services : Telecom/Voice Services, Business Process Outsourcing, Business Services, Disaster Recovery, Systems Integration, Hosted Storage, Internet/Data Services, Outsourcing, Software as a Service, Hosted Applications
Software : Web Services, Service Oriented Architecture, Server Virtualization, Productivity Applications, Operating Systems, Open Source, Linux, Hosted Software/Applications, ERP, Development Tools, Databases, Database Applications, CRM, Business Systems Management, Integration, Application Optimization
More Security Resources
Mission critical defense