Mission critical defense
Attackers don't work in silos. To defend against them, your defenses can't be siloed either. The teams, tools, and solutions you use in the response ......
January 2011- A perfect storm is brewing, with increasingly complex, persistent cyber threats and more numerous and prescriptive compliance mandates to protect against them. In this white paper, learn how to ride out this storm with automated solutions that reduce threats, meet multi-compliance demands, and help pass audits.
September 2010- As cyber threats across the globe continue to increase in number and sophistication, security and networking personnel must not only work harder but also smarter to stay ahead of malicious attacks. Sophisticated scanning, penetrating, and obfuscating tools and techniques are more widely available now more than ever before. Worst of all, hackers are now highly motivated to penetrate networks, applications, and databases to steal information that can quickly be sold for profit using botnets and ...
As enterprises move more of their business transactions online, they face the challenge of defending a perimeter that grows increasingly porous. The network firewalls that once locked down the enterprise perimeter are ineffective against Web-based attacks.
This white paper examines current trends in Web application security, assessing the present threat environment as well as limitations in existing approaches to protection, and then explores how a Web application firewall solution can overcome these challenges.
The complexity and scale of network and information security attacks have exploded in recent years. Traditional perimeter defense solutions have not kept pace with the rapid growth in risk.
This white paper assesses the current cyber-threat environment and discusses the use of distributed cloud services as an effective means to protect against evolving, modern-day IT threats.
September 2010- This white paper raises real challenges for IT managers who have to protect the business against malware, keep internet bandwidth available for legitimate business needs and enforce acceptable use policies for the human resource department. Managers everywhere must also find a balance between allowing reasonable personal internet use at work and maintaining productivity and concentration in the office.
September 2010- This white paper will discuss the history and progression of the modern Trojan attack. It will explore the methodology used by hackers in selecting a target and developing a compelling attack and will cite several examples of some successful targeted Trojans. Finally, this paper will look at the Symantec Hosted Services MessageLabs™ Complete Email Guard solution and how Symantec Hosted Services can help protect an organization against targeted Trojans in the future.
September 2010- This white paper will discuss how the Internet bandwidth is a finite and expensive resource that needs protection from spammers, criminals, hackers, time-wasters and employee misuse. Not only is it expensive and limited, but it is a vital business tool. This paper also explains the true cost of bandwidth bandits on businesses.
May 2010- A toughening regulatory climate has made the process of exporting defense articles more challenging. Earlier this year, Secretary of Defense Robert Gates announced initiatives to overhaul export control laws to more effectively manage technology export, but the initiatives will take time to implement. The simplest approach to enabling your system for foreign military sales is a primary design with an Acalis Secure Processor, and a disciplined approach to isolating CPI algorithms and operations to the ...
July 2010- Whether it’s from treacherous insiders stealing data or malicious cybercriminals hacking into company resources, financial institutions face risk from both inside and outside the organization. While each side of the coin poses unique threats, the financial sector can minimize the double sided risks with very similar tactics. These solutions rest on the security fundamentals of solid vulnerability management, device control, application control, and sound monitoring and reporting practices.
July 2010- Through process automation and security control enforcement, Lumension eases the NERC CIP compliance burden by delivering on the six elements of compliance economy: agility, consistency, efficiency, transparency, accountability, and security.
July 2010- In the first ten months after a new Massachusetts identity theft law took effect in late-2007, the Office of Consumer Affairs and Business Regulation reported that over 625,000 residents of the Commonwealth had been directly impacted by a data breach of their personally identifiable information (PII). Of these, about 60% were the result of criminal / unauthorized acts and the remainder due to employee error or “sloppy internal handling” of PII. To help mitigate the negative impacts of ...
July 2010- Government systems are getting hit on a daily basis by new and ingenious external attacks. Federal, state and municipal agencies, plus government contractors, must find a way to adjust to this evolving threat landscape to prevent these threats from wreaking havoc. It is imperative that government organizations get back to the basics of security and lay a strong security foundation to weather these attacks by proactively addressing their root causes.
March 2010- Web 2.0 technologies have forever changed the nature of the Web and, along with it, the nature of Web security. Web content is now highly dynamic, precipitating the need for security solutions that are capable of real-time assessment, categorization, and threat control. But that’s not all. Web 2.0 has also turned things around, quite literally, by enabling the use of the Web as a channel for outbound communications. Because of its ability to enhance collaboration and ...
The way to address Web 2.0 threats that combines the best aspects of traditional security and control techniques is with new technology designed specifically to address the dynamic, real-time nature of Web 2.0.
This paper describes how the Websense Web Security Gateway enables you to quickly and effectively implement a best practices approach to making Web 2.0 secure and effective.
Do you know just how adept Web adversaries have become in using the Internet to spread malware in their attacks? Understand where the true threats lie with this report which summarizes the significant findings of Websense researchers using the ThreatSeeker™ Network during the six-month period ending December 2009.
Websense® Security Labs™ uses the patent-pending Websense ThreatSeeker™ Network to discover, classify and monitor global Internet threats and trends. Using more than 50 million real-time data collecting ...
Today, successful organizations depend upon their ability to collaborate, communicate, and share information online. Established tools, such as email and the Web, are now more important than ever before, while emerging Web 2.0 applications, blogs, and social networking sites allow organizations to work in new, more efficient, and innovative ways. Yet these technologies also expose businesses and other organizations to a variety of new and emerging information security risks.
This paper explains how Essential ...
February 2010- SophosLabs received 50,000 new malware samples every day in 2009. Malware attacks are broadening and becoming more evasive with social networking sites and new computing platforms becoming primary targets for hackers. Read the 2009 security threats trends and learn how to protect yourself in 2010.
FEDERAL CASE STUDY
U.S. Army Deploys Application Security Regimen for its Munitions System
The Total Ammunition Management Information System (TAMIS) is the U.S. Army application that manages conventional munitions for wartime, training and testing operations across the U.S. Armed Forces.
TAMIS handles approximately 350,000 ammunition transactions per month from units located all around the world, supporting more than 7,000 authorized personnel who request, approve and manage munitions. The web-enabled ...
Today’s cyber-criminals are experts at using anonymity, deceit and subterfuge to victimize companies with a variety of covert malware, spam and scams that hamper employee productivity and cut profits. Attacks using rich media, open-source platforms, web 2.0 collaboration tools and social-networking sites make business networks vulnerable to this new breed of web threats.
On-premise web-security solutions have the disadvantages of high costs for infrastructure, managing the security system and training IT staff. Learn ...
December 2009- One of the primary objectives of a recent White House review of Internet security is to promote the user awareness of the information threats to the United States and to individual citizens. This awareness thrust is also important in demonstrating that information security is a top national priority. This, in turn, is intended to influence information systems providers to focus more on security as they develop systems. This white paper responds to that call with ...
December 2009- This white paper provides a methodology to create a more secure environment against the various forms of malware that can infiltrate computer networks. This type of malware is computer code that has the ability to change itself in order to evade traditional detection methods. Learn about a more accurate and reliable detection method for polymorphic malware.
The Federal Information Security Management Act of 2002 provides a comprehensive framework for ensuring effective information security controls for all federal information and assets. The Act aims to bolster computer and network security within the Federal Government by mandating periodic audits. Based on this framework, FISMA mandates that all government agencies report their overall security posture to the Office of Management and Budget, which in turn reports to Congress annually.
In addition, the National ...
November 2009- A new class of organizational threats and risks are emerging, that include the trusted insider. This threat is magnified by complex applications and a dynamic workforce with privileged access. This whitepaper shows you that connecting the dots can be done through six simple best practices.
November 2009- Online fraud is fueled by data theft and increasingly sophisticated cyber criminals, relying on misdirection and gaps in detection systems. Although fraud may never be eliminated entirely, The ArcSight SIEM Platform offers solutions that can accurately detect fraudulent activity and thus mitigate overall business risk.
November 2009- Governments and businesses are increasingly vulnerable to cyber crime by hackers, malware, and insiders. Log files can be used for forensic analysis of all types of security incidents. The key requirement is collection, centralized storage and fast analysis of events from various devices and applications. These requirements are highlighted in a case study incident on Boeing Corporation.
November 2009- There are multiple useful technologies to monitor specific information risks, however tying these together through a single, comprehensive view will improve your security posture. The ArcSight SIEM platform provides this single “pane of glass” by aggregating, analyzing, and visualizing activity data across the organization.
View All Categories
Business Intelligence : Analytics, Business Process Management, Content management, Dashboards, Data Mining, Performance Management, Databases, Datamarts/Data Warehouses, Information Management, Knowledge Management, Data Quality
Hardware : Virtualization Hardware, Windows Servers, Utility/On-demand Computing, Unix/Linux servers, Supercomputers, Peripherals, Macintosh, Handhelds/PDAs, Grid/Cluster Computing, Desktops/PCs, Data centers, Blades, Processors
Infrastructure : ATM, Ethernet/Gigabit Ethernet, Frame relay, IPv6, Traffic Management, Network/Systems Management, PBXs, Printers, Remote Access, Routers, Switches, UPS, VPNs, WAN Optimization/Acceleration, Wide Area File Services
Internet : B2B, B2C, Browsers, E-Business/E-Commerce, E-retail, Google, Social Business, Internet Security, Search, Social Networks, Traffic Reporting/Monitoring, Web 2.0, Web Development, Internet Policy
Management : Career Development, Training, Small-Medium Business, Salary/Compensation, ROI/TCO, Regulation/Compliance, Recruiting, Personnel Management, Outsourcing, Legal, H-1B, Executive Insights/Interviews, Workplace Trends
Personal Tech : Blackberry, Bluetooth, Bluray, Digital Cameras, Digital Music, Digital Rights Management, Virtual worlds, iPhone, iPod, Peripherals, Smartphones, TVs/Home Theater, Global Positioning Systems
Security : Security Administration, End user/Client Security, Encryption, Cyberterror, Attacks/Breaches, Application Security, Antivirus, NAC, Perimeter Security, Privacy, Vulnerabilities and Threats, Storage Security, Intrusion Prevention
Services : Telecom/Voice Services, Business Process Outsourcing, Business Services, Disaster Recovery, Systems Integration, Hosted Storage, Internet/Data Services, Outsourcing, Software as a Service, Hosted Applications
Software : Web Services, Service Oriented Architecture, Server Virtualization, Productivity Applications, Operating Systems, Open Source, Linux, Hosted Software/Applications, ERP, Development Tools, Databases, Database Applications, CRM, Business Systems Management, Integration, Application Optimization
More Security Resources
Mission critical defense