Mission critical defense
Attackers don't work in silos. To defend against them, your defenses can't be siloed either. The teams, tools, and solutions you use in the response ......
May 2013- The IBM X-Force Trend and Risk Report is produced twice per year: once at mid-year and once at year-end. This report provides statistical information about all aspects of threats that affect Internet security, including software vulnerabilities and public exploitation, malware, spam, phishing, web-based threats, and general cyber criminal activity. They are intended to help customers, fellow researchers, and the public at large understand the changing nature of the threat landscape and what might be done ...
May 2013- The most menacing type of cyberattack is invisible. Using sophisticated techniques to hide its presence, a stealth attack may operate outside of the OS or move dynamically across endpoints to conceal the attackers' actions. The risk to enterprises is real, with high-profile attacks such as Operation High Roller impacting companies around the globe. Traditional antivirus or intrusion prevention systems are no match for this new breed of attack; instead, enterprises need layered security controls that ...
May 2013- In a hyper-connected era, a proactive integrated and strategic approach to security can empower businesses to do more than just cope with current threats - it can actually help reduce future risks. Read the IBM study, "Finding a strategic voice," and discover more insights from the 2012 IBM Chief Information Security Officer Assessment.
April 2013- Organizations are discovering that effective Advanced Persistent Threats (APTs) protection is a critical priority. Without APT protection, organizations are vulnerable to potentially devastating malware attacks that could last for months or years before they're identified.
In the wake of the numerous server data breaches reported this year, it is clear that traditional signature-based blacklisting security strategies are inadequate in addressing today's sophisticated cyber threats. Advanced threats are targeting servers to steal valuable corporate intellectual property. These attacks happen fast - in less than 15-20 minutes - and are bypassing traditional security tools.
In this whitepaper, Industry Analyst Frost and Sullivan examines today's advanced threat landscape and recommends that ...
Historically, IT defense has focused largely on the threat. So-called "blacklist" technologies maintain an inventory of specific attack types, and provide defense against each. Today, the volume, variety and sophistication of attacks highlights the limitations of such approaches, as signature databases approach their upper limits and leave exploitable gaps in defense.
These changes in the threat landscape have led many organizations to consider the alternative to a blacklist approach. In contrast to blacklisting ...
Every enterprise has high-value information that is vital to its success. As cyber-attack techniques become more sophisticated your "digital gold" is increasingly vulnerable. Today's cyber threats have changed in sophistication, in focus, and in their potential impact on your business.
Download this eBook to learn:
•??What cybercriminals are doing to target you and your business
•??Why today's advanced attacks require real-time detection
•??The steps you can take to effectively ...
Download this workbook to create a personalized scorecard that assesses the effectiveness of your current security strategy and shows you why a trust-based security solution is your best defense against advanced malware. This workbook will:
Show you why traditional antivirus solutions are no longer effective against today's advanced threats
Offer tools to measure how your current security posture affects the productivity of your IT and operations staff and end users
March 2013- Many IT security professionals recognize that advanced persistent threats (APTs) pose a growing risk to their organizations. However, recent UBM Tech research discovered that only a few are taking the necessary steps to combat APTs and protect their organizations. In fact, many appear to have a misplaced sense of confidence in their ability to detect these attacks, even though few have developed strategies for dealing with them. This gap is particularly troubling since security experts ...
Big Data repositories enable enterprises to use large volumes of varied data to make more rapid decisions, but repositories frequently include sensitive data that must be secured. Most Hadoop and NoSQL environments that manipulate Big Data have little to no integrated security.
This technical paper provides an overview of NoSQL Big Data security issues and includes security recommendations that enterprises should consider when securing Big Data environments.
March 2013- The Securing and Controlling Data in the Cloud white paper describes the various cloud formations (Private Cloud, Public Cloud, SaaS, PaaS, IaaS), the new security challenges posed by the cloud and solutions that enterprises can bring to bear for securing and controlling sensitive data in cloud environments.
The last few years have seen a dramatic increase in the use of email as a vehicle for cyberattacks on organizations and large corporations.
Such attacks have evolved from the simple inclusion of malware as a non-disguised executable file, to more socially engineered "phishing"style attacks, which attempt to persuade the recipient voluntarily provide valid security credentials-often simply by clicking a link that leads to a malicious or fraudulent website. But how can ...
February 2013- Law enforcement and domain registrars will continue to curb cybercrime efforts. This will likely be coordinated through CERT groups and relations with security firms. However, a more comprehensive, multi-layered approach to security will be key in bolstering that effort.
Distributed denial-of-service (DDoS) attacks continue to grow in size, complexity and danger. Witness the recent wave of attacks on major U.S. banks, which knocked websites offline, angered customers and took a grave toll on brand reputations. The lessons of those attacks echo the findings of this report: Previously successful DDoS mitigation solutions no longer work.
UBM Tech conducted research with IT professionals who have suffered DDoS attacks. The drastic changes in attack ...
October 2012- This document reviews new malware analysis technology, Cerberus, which determines the behavior and intent of suspect binaries without the need for signatures, white lists or a sandbox environment. Using this “triage” approach, organizations are able to detect unknown threats that signature-based technologies will miss. In addition, they are able to gain critical information immediately, allowing them to take decisive action prior to engaging a malware team. There are tens of thousands of static executables on ...
80% of organizations suffering payment card breaches had not achieved compliance with PCI DSS at the time of the breach. – Verizon 2011 Data Breach Investigation Report
As regulation and litigation increase, internal investigators must support an alphabet soup of compliance obligations: SOX, GLBA, FISMA, HIPAA, PCI DSS, regional privacy laws, and more. Although each regulation is different, these laws share common investigation requirements in three areas: policy, control infrastructure, and incident response.
“The theft began with an instant message sent to a Google employee in China who was using Microsoft’s Messenger program… Ultimately, the intruders were able to gain control of a software repository used by the development team.” - New York Times - Cyberattack on Google Said to Hit Password System
While we still use many of the same old names - viruses, Trojans, and worms - today’s malware enables potent multistage ...
October 2012- Cyber-attacks are now about making money. ACAD/Medre.A is a terrifying worm that stole AutoCAD files. This whitepaper shows how industrial espionage is a new threat.
A Distributed Denial of Service (DDoS) attack against your organization’s network and systems can bring your online business to a grinding halt, costing you hundreds of thousands – even millions – of dollars, ruining your brand, and driving away your customers.
Far too many organizations are ill-prepared to deal with the effects of DDoS attacks and other Internet security threats. They rely on traditional security devices including firewalls, intrusion prevention systems (IPS) and other ...
Advanced malware targeting employee endpoints is a major threat to corporate intellectual property, regulated data and financial assets. Perimeter and traditional endpoint defenses are struggling to meet this emerging threat in the face of a changing IT landscape: desktop virtualization, remote access, BYOD and Cloud migration.
This whitepaper explains how advanced malware challenges traditional defenses to take advantage of the increased exposure of employee endpoints. It review's the evolution of advanced targeted attacks, ...
Today's evolving threat landscape requires a new approach to endpoint security. With the exponential growth in malware and the targeted nature of today's attacks, a reactive approach is just not effective enough.
Download this whitepaper and learn how Bit9 integrates into a SIEM console, provides the holistic view necessary to ensure an open network isn’t a vulnerable one, and provides a defense-in-depth security strategy that spans network sensors and endpoints.
One of the biggest challenges in desktop administration is application control. If administrators are to keep desktops secure, then they must be able to ensure only safe applications are installed on user desktops.
Download this whitepaper to learn how Bit9 has emerged as the most effective application control mechanism.
Today's cyber attacks are more targeted and sophisticated than ever. They require a proactive approach to protecting your enterprise. What is needed is more automated, effective correlation and intelligent analysis of the overwhelming quantity of system data. In other words, today's security professional needs more actionable data for faster insight into system usage and activity.
Download this whitepaper to learn how Bit9 extends threat detection to endpoints and provides the information the Security ...
Anonymous hacktivists, cyber criminals and nation-states are viewed as the top three threats in 2012 in this Bit9 survey of more than 1,800 IT professionals. And more than 60 percent of those surveyed believe that they will be the target of a cyber-attack in the next 6 months.
Download this research report to find out how your security and IT colleagues view the world of advanced cyber threats and find out how you compare.
July 2012- SCADA (Supervisory Control and Data Acquisition) describes computerized industrial control systems that monitor and control industrial and infrastructure processes. With recent attacks, manufacturers, utilities and industries must now implement solutions to protect their SCADA systems. See the product sheet to learn how the Norman SCADA Protection system protects against cyber-attacks that target critical SCADA systems.
View All Categories
Business Intelligence : Analytics, Business Process Management, Content management, Dashboards, Data Mining, Performance Management, Databases, Datamarts/Data Warehouses, Information Management, Knowledge Management, Data Quality
Hardware : Virtualization Hardware, Windows Servers, Utility/On-demand Computing, Unix/Linux servers, Supercomputers, Peripherals, Macintosh, Handhelds/PDAs, Grid/Cluster Computing, Desktops/PCs, Data centers, Blades, Processors
Infrastructure : ATM, Ethernet/Gigabit Ethernet, Frame relay, IPv6, Traffic Management, Network/Systems Management, PBXs, Printers, Remote Access, Routers, Switches, UPS, VPNs, WAN Optimization/Acceleration, Wide Area File Services
Internet : B2B, B2C, Browsers, E-Business/E-Commerce, E-retail, Google, Social Business, Internet Security, Search, Social Networks, Traffic Reporting/Monitoring, Web 2.0, Web Development, Internet Policy
Management : Career Development, Training, Small-Medium Business, Salary/Compensation, ROI/TCO, Regulation/Compliance, Recruiting, Personnel Management, Outsourcing, Legal, H-1B, Executive Insights/Interviews, Workplace Trends
Personal Tech : Blackberry, Bluetooth, Bluray, Digital Cameras, Digital Music, Digital Rights Management, Virtual worlds, iPhone, iPod, Peripherals, Smartphones, TVs/Home Theater, Global Positioning Systems
Security : Security Administration, End user/Client Security, Encryption, Cyberterror, Attacks/Breaches, Application Security, Antivirus, NAC, Perimeter Security, Privacy, Vulnerabilities and Threats, Storage Security, Intrusion Prevention
Services : Telecom/Voice Services, Business Process Outsourcing, Business Services, Disaster Recovery, Systems Integration, Hosted Storage, Internet/Data Services, Outsourcing, Software as a Service, Hosted Applications
Software : Web Services, Service Oriented Architecture, Server Virtualization, Productivity Applications, Operating Systems, Open Source, Linux, Hosted Software/Applications, ERP, Development Tools, Databases, Database Applications, CRM, Business Systems Management, Integration, Application Optimization
More Security Resources
Mission critical defense