October 2014- When cybercrime happens, it is imperative to discover as much as possible about the scope of activity and the entity behind the crime. The right set of data and tools can help unmask hostname and IP address ownership, can highlight connections between nefarious online resources and accelerate your investigation into malicious activity and criminal attribution. Read our Cybercrime Investigation Guide to learn how DNS Intel can help you in developing a suspect profile, mapping associated ...
December 2014- This Forrester report is a call to action for a more automated threat response process based on developing a set of cyber "rules of engagement" that will empower security teams to act more quickly and aggressively to stop data breaches before they can threaten the business.
April 2015- Did you know that most companies usually find out about the security breach around 200 days after the occurrence (www.securityweek.com)? By that time, their confidential information is all over the web and it takes time and money to bring everything back to normal and regain your customers trust. Read our whitepaper to see why your business needs multiple layers of protection to stay secure.
March 2015- If you aren't already running network IDS, you should be. Whether you need to monitor hosts or the networks connecting them to identify the latest threats, there are some great open source intrusion detection (IDS) tools available to you. This guide provides an overview of some of the most popular Open Source IDS tools, along with pros/cons of each and learn more about implementing intrusion detection tools.
January 2015- Amazon Web Services is one of the most secure public cloud platforms available, with deep datacenter security and many user-accessible security features. But, don't forget that you are still responsible for everything you deploy on top of AWS, and for properly configuring AWS security features. This paper covers AWS security best practices to get you started and focus your efforts as you begin to develop a comprehensive cloud security strategy.
Enterprise users are putting many more demands on IT security than ever before. At the same time, the IT security architecture is being tested by hackers at unprecedented levels.
In the middle of this "perfect storm" of demands and challenges, how is IT security to cope? How do the stakeholders in network, applications and information security departments gain clarity and alignment to ensure gaps are plugged and compliance needs are met? An emerging ...
March 2015- The rules and economics of IT security have changed radically in the past two years. Hacking attacks and data breaches are no longer mere nuisances or relatively trivial cases of "cyber graffiti" like in the past. The costs of breach cleanup in only one of the retail breaches last year could easily top half a billion dollars. In another case, a judge has cleared the way for banks to sue a retailer for negligence for ...
March 2015- The worldwide hacking crisis continues. In case after case, hacked enterprises had firewalls, intrusion detection, incident response and other systems in place. So why did these security measures fail to prevent so many breaches? In every documented case, it was because networked applications were not properly secured. This infographic explores the three primary IT security gaps that enabled hackers to get a foothold in enterprises and exfiltrate sensitive data.
November 2014- Insider threats with potential to steal valuable intellectual property (IP) and data can cause significant damage to any organization. Dan Geer elaborates on how you can mitigate the security risk.
November 2014- The Kill Chain Defense exploits a critical weakness in the outsider attack model; for an attack to be successful, all steps must be completed and the target data exfiltrated from the organization. This white paper explains the Kill Chain Defense model and how it can be used to pragmatically prevent outsider attackers from succeeding.
Vulnerability risk management is a foundational practice in most information security programs today. In fact, nearly half of organizations agree that it is the most accepted method for deterring cybercrime.
Despite its importance, traditional vulnerability risk management programs are failing. The labor-intensive manual task lists, mountains of static scan data, expanding attack surface brought on by new technologies such as mobile, and other inherent challenges are crippling organizations in making the move from ...
In 2014, there were 7,945 security vulnerabilities identified. That is 22 new vulnerabilities a day. Nearly one an hour. While the number does not appear alarming at face value, when you multiply that by the servers, applications and endpoints across the IT environment, the number is staggering.
Making sense out of mountains of threat data is just one of the many challenges organizations face as part of their vulnerability risk management program. So how can organizations ...
March 2015- Advanced Persistent Threats (APTs) in the online realm are a painful reality for companies of all sizes, from the largest enterprises down to small and medium-sized businesses (SMBs). Business leaders might be tempted to think that their own organizations are exempt from APTs, or that the security measures they already have in place are adequate to defend against these persistent, methodical attacks. Yet those temptations must be avoided. If your business has something of value ...
March 2015- Read this case study to learn from a company who suspected that suspicious activity was occurring on their network. After determining they were likely the victim of a network breach, they were not sure how the breach occurred or what, if anything, had been taken. With more than 1600 servers and approximately 6000 user devices, there was a need to prioritize forensic evidence as they worked to determine affected infrastructure. Download this paper to find out how ...
October 2014- CIOs want harmony. Security directors loathe point products. Network operations won't buy into anything new. CIOs can get the harmony they need around DDoS mitigation by extending the F5 Application Delivery Controller into a hybrid solution: on premises with a new cloud component. Read the white paper to learn more.
May 2014- Enterprises require intrusion prevention systems (IPSs) to protect their network against attacks. However, implementing an IPS involves challenges of scale and performance. Leveraging the power of an Application Delivery Controller allows enterprises to efficiently deploy a next-generation IPS infrastructure. Read this white paper to learn how installing the right solution allows the IPS to focus on identifying and mitigating threats to the network, and ensure that no application is left unprotected.
March 2015- SSL is the set of cryptographic protocols that secure data in transit. Today SSL is often the only tool standing between your organization and the bad actors. The stakes around SSL have been upleveled to the limit. Whether or not it's convenient to admit, it's time for organizations to uplevel their overall security posture to protect this last line of defense. Read this white paper to learn how your organization can properly embrace a higher ...
March 2015- Learn exactly where traditional firewalls fall short, and discover how next-generation firewalls produce excellent network performance without compromising security. Read this whitepaper and uncover where next-generation firewalls fill the gaps left by traditional firewalls.
September 2014- Today's cyber attacks have changed in sophistication, in focus, and in their potential impact on your business. This eBook will outline the tactics today's advanced attackers are using to break into your organization and why you require a defense-in-depth cyber-security program that incorporates automatic detection and incident response. The goal of this eBook is to leave you with the knowledge you need to effectively protect your business against today's advanced attacks.
January 2015- You can't open a newspaper or visit an online news site these days without some mention of a cyber-attack or data breach. These activities are becoming more prevalent, and as a result, the reporting of these activities is also on the rise. Bit9 + Carbon Black reached out to a series of experts to collect their thoughts and advice on dealing with data security incidents or breaches, which included:
- What solutions ...
Businesses need to view security as a process and leverage solutions that can proactively collect data, apply aggregated threat intelligence, reduce the cost and complexity of incident response and evolve, adapt and learn from your investigation.
This eGuide will cover how a continuous approach to response can resolve these challenges and put your organization in a better security posture by proactively preparing for a breach.
November 2014- Business-critical platforms such as SAP and Oracle have been in place for more than a decade, however a majority of firms using these applications currently have gaps in their security program. There are many reasons for these security gaps ranging from a reliance on generic security tools, to IT teams lacking complete understanding of how application platforms work.
January 2015- Gaps in security practices of business-critical applications running on SAP are causing organizations to rethink their current approach and embrace a new strategy.
January 2015- As a CISO, learn which questions to ask in order to uncover security challenges facing your SAP systems.
When IT professionals think about information security, they often think about network intrusion detection systems (IDS) and intrusion protection systems (IPS) early in the process. Network IDS/IPS has long been a mainstay for detecting malicious activity and continues to be a very important piece of the security puzzle. Unfortunately for security professionals, that puzzle continues to evolve and becomes increasingly large and complex.
- Review why advanced detection ...
View All Categories
Business Intelligence : Analytics, Business Process Management, Content management, Dashboards, Data Mining, Data Quality, Databases, Datamarts/Data Warehouses, Information Management, Knowledge Management, Performance Management
Hardware : Blades, Data centers, Desktops/PCs, Grid/Cluster Computing, Handhelds/PDAs, Macintosh, Peripherals, Processors, Supercomputers, Unix/Linux servers, Utility/On-demand Computing, Virtualization Hardware, Windows Servers
Infrastructure : ATM, Ethernet/Gigabit Ethernet, Frame relay, IPv6, Traffic Management, Network/Systems Management, PBXs, Printers, Remote Access, Routers, Switches, UPS, VPNs, WAN Optimization/Acceleration, Wide Area File Services
Internet : B2B, B2C, Browsers, E-Business/E-Commerce, E-retail, Google, Internet Policy, Internet Security, Search, Social Networks, Traffic Reporting/Monitoring, Web 2.0, Web Development, Social Business
Management : Career Development, Executive Insights/Interviews, H-1B, Legal, Outsourcing, Personnel Management, Recruiting, Regulation/Compliance, ROI/TCO, Salary/Compensation, Small-Medium Business, Training, Workplace Trends
Personal Tech : Blackberry, Bluetooth, Bluray, Digital Cameras, Digital Music, Digital Rights Management, Global Positioning Systems, iPhone, iPod, Peripherals, Smartphones, TVs/Home Theater, Virtual worlds
Security : Antivirus, Application Security, Attacks/Breaches, Cyberterror, Encryption, End user/Client Security, Intrusion Prevention, NAC, Perimeter Security, Privacy, Security Administration, Storage Security, Vulnerabilities and Threats
Services : Business Process Outsourcing, Business Services, Disaster Recovery, Hosted Applications, Hosted Storage, Internet/Data Services, Outsourcing, Software as a Service, Systems Integration, Telecom/Voice Services
Software : Integration, Application Optimization, Business Systems Management, CRM, Database Applications, Databases, Development Tools, ERP, Hosted Software/Applications, Linux, Open Source, Operating Systems, Productivity Applications, Server Virtualization, Service Oriented Architecture, Web Services