February 2013- Up until now, your view of risk while monitoring your network has been incomplete. This white paper discusses a new, innovative approach to protecting your network through a combination of active and passive network discovery and monitoring, in real-time.
February 2013- Companies are in high alert to fight off Distributed Denial of Services (DDoS) attacks that can halt business and amount to a costly burden on companies and customers. DDoS attacks are increasing in volume, frequency, and sophistication, and they are targeting every level in the data center. Smart organizations are moving to defend not only their network, session, and application layers, but also their business logic and database tiers as well. In defense, today's enterprises ...
Survey reveals pitfalls of traditional vulnerability scanners
Learn what IT professionals had to say about vulnerability management programs at their organizations, including how often and what zones they scan, and the challenges they encounter.
The Skybox Security Vulnerability Management Survey 2012, conducted in conjunction with Osterman Research, polled more than 100 IT decision makers including security managers, and network and systems engineers involved in vulnerability management processes.
Among the findings:
October 2012- Symantec Corp. commissioned Tolly to benchmark the performance of its new Symantec Endpoint Protection (SEP) 12.1 within VMware ESXi 5 virtual environments vs. Trend Micro Deep Security 8. Specifically, this testing focused on the system resource requirements of each solution when performing on-demand and on-access scanning, and during distributed virus definition update
October 2012- This report from Dennis Technology Labs compares the effectiveness of anti-malware products designed to run in virtual desktop environments. This test aims to compare the effectiveness of the most recent releases of anti-malware products designed to run in virtual desktop environments.
4 Days, 465 Systems, 3 continents
The Zeus Trojan virus was destructive enough, but the tech media are constantly alerting us to evolving threats to every industry. The good news is that you can transform the way your organization exposes, analyzes, and respond to advanced endpoint threats and errant sensitive data.
Here are seven quick case studies to prove it. Download these real-world examples of how customers in industries such as financial services, hospitality, ...
80% of organizations suffering payment card breaches had not achieved compliance with PCI DSS at the time of the breach. – Verizon 2011 Data Breach Investigation Report
As regulation and litigation increase, internal investigators must support an alphabet soup of compliance obligations: SOX, GLBA, FISMA, HIPAA, PCI DSS, regional privacy laws, and more. Although each regulation is different, these laws share common investigation requirements in three areas: policy, control infrastructure, and incident response.
“The theft began with an instant message sent to a Google employee in China who was using Microsoft’s Messenger program… Ultimately, the intruders were able to gain control of a software repository used by the development team.” - New York Times - Cyberattack on Google Said to Hit Password System
While we still use many of the same old names - viruses, Trojans, and worms - today’s malware enables potent multistage ...
October 2012- Cloud computing has become another key resource for IT deployments, but there is still fear of securing applications and data in the cloud. These concerns include authentication, authorization, accounting (AAA) services; encryption; storage; security breaches; regulatory compliance; location of data and users; and other risks associated with isolating sensitive corporate data. Add to this array of concerns the potential loss of control over your data, and the cloud model starts to get a little scary. ...
Employees feel more empowered than ever to use any application they believe will help them do their job. And attackers are taking advantage of the sheer volume of applications, the Bring-Your-Own-Device (BYOD) trend, social media and other opportunities to glean information and penetrate networks.
How do you encourage productivity and minimize risks?
Application control is key.
Read "The Five Key Benefits of Application Control and How to Achieve Them," ...
July 2012- SCADA (Supervisory Control and Data Acquisition) describes computerized industrial control systems that monitor and control industrial and infrastructure processes. With recent attacks, manufacturers, utilities and industries must now implement solutions to protect their SCADA systems. See the product sheet to learn how the Norman SCADA Protection system protects against cyber-attacks that target critical SCADA systems.
July 2012- The risks of malware analysis are easily surmountable through the use of an automated dynamic malware analysis platform such as Norman's Malware Analyzer G2 (MAG2). MAG2 provides additional benefits to analysts in their fight against a constantly growing and maturing malware threat landscape. To learn more about Norman?s Malware Analyzer G2 defense-in-depth strategy see the Norman Automated Malware Analysis Whitepaper.
Today's targeted threats are often multi-vectored and exploit unknown vulnerabilities - their sophistication defying typical signature-only based inspection. Whether APTs or client-side threats, they use evasive techniques to penetrate our organizations, often purporting to be or riding on applications and exploiting trust relationships with which we've grown all too comfortable with.
To make matters worse, attackers have realized the inadequacies of traditional signature-based approaches and have accelerated the pace of change and obfuscated ...
A Next-Generation IPS (NGIPS) offers a logical and essential progression of capabilities needed to protect networks from emerging threats. Pioneered by Sourcefire®, and now endorsed by Gartner, the NGIPS builds on typical IPS solutions by providing contextual awareness - about network activity, systems and applications, people, and more - to promptly assess threats, ensure a consistent and appropriate response, and reduce an organization?s security expenditures.
The purpose of this paper is:<...
Controlling access to data and applications is vital considering escalating security and privacy concerns. Organizations must prove they have strong and consistent access controls. They also want to ensure that decisions made about user entitlements are in line with their business goals and policies. IBM identity and access management (IAM) governance provides the resources to manage business-specific user access requirements with greater accountability and transparency.
Learn more about our policy-driven approach and end-to-end ...
Get an Inside View of the Advanced Threat Landscape Through this Report on Advanced Targeted Attacks
This report is unique in that it is not an analysis of well-known malware or billions of spam messages. Instead, we provide insight into the threats that are successful and therefore dangerous - those which got through traditional defenses and into enterprise networks in 2H 2011.
FireEye Malware Intelligence Labs' was able to generate this unique ...
January 2012- The cloud computing model is being adopted by many organizations because of it's efficiency, performance and cost benefits. But some organizations may be shying away from cloud because of security concerns. Read this data sheet from IBM to learn about services from IBM that can help you secure your cloud computing solutions. Discover how IBM experts can guide you through the security and privacy concerns, help identify and prioritize security requirements, and develop a high-level ...
Every security professional knows that syslog is the main protocol for security. And most Security Information and Event Management (SIEM) systems frame this as the singular way of collecting log data. For today?s security professional, syslog protocol dominates, and is almost always synonymous with logging.
However, SIEM is really more about security information of all types. It is also about event detection and management from multiple data sources, not just syslog fi ...
October 2011- Today, collecting email data is a necessity for compliance standards, forensic analysis and managing end-user performance and availability. But making sense of the data is a challenge within itself. Collecting the data is only part of the equation and research and many shops are turning towards correlation which helps bring meaning to the massive amount of data collected. This white paper explains how to establish a systematic approach to identifying relationships (correlating!) between log data ...
October 2011- This white paper provides a detailed discussion of objectives and methodologies for integrating CorreLog software with McAfee ePolicy Orchestrator (ePO) software. This document also describes the features and capabilities of the implementation, intended as a top-level description of how to add CorreLog's Security Information and Event Management (SIEM) functions with the ePO software system, to create a single unified system.
August 2011- NETGEAR delivers simple solutions that help IT organizations create elegant, full-featured data protection without breaking IT budgets.
August 2011- SMBs can achieve the same virtualization results as big companies on a more appropriate scale, using products and services that are available in the right size and price point. While larger firms have traditionally created lower-end products for smaller businesses, there is an inherent conflict of interest that may doom the products to weakness or premature irrelevance.
Back up and store data for less (and in minutes, not hours!)
Disasters, network failures and hackers all present challenges and dangers to the reliability of your network and data infrastructure. Discover how companies like yours are building data storage and recovery solutions at a fraction of the cost and effort. Learn how to:
• Make ReadyNAS and Acronis Backup & Recovery work together
• Validate backup and recovery vaults
Inappropriate usage, including questionable or risky behavior, can be attributed to the nonchalant attitude many employees have toward their employers' equipment. Many employees proceed throughout the Internet with the belief that since it is not their computer they are using, security is not important.
Similarly, many users in small to midsize organizations assume that security is the responsibility of IT, so risky behavior will not have any direct negative impact. Discover how to ...
August 2011- Putting premium malware protection at the network gateway and on every endpoint of your network enables the IT infrastructure to be able to detect when malware is being delivered, and block and neutralize that malware before it can perform malicious activities.
View All Categories
Business Intelligence : Analytics, Business Process Management, Content management, Dashboards, Data Mining, Data Quality, Databases, Datamarts/Data Warehouses, Information Management, Knowledge Management, Performance Management
Hardware : Blades, Data centers, Desktops/PCs, Grid/Cluster Computing, Handhelds/PDAs, Macintosh, Peripherals, Processors, Supercomputers, Unix/Linux servers, Utility/On-demand Computing, Virtualization Hardware, Windows Servers
Infrastructure : ATM, Ethernet/Gigabit Ethernet, Frame relay, IPv6, Traffic Management, Network/Systems Management, PBXs, Printers, Remote Access, Routers, Switches, UPS, VPNs, WAN Optimization/Acceleration, Wide Area File Services
Internet : B2B, B2C, Browsers, E-Business/E-Commerce, E-retail, Google, Internet Policy, Internet Security, Search, Social Networks, Traffic Reporting/Monitoring, Web 2.0, Web Development, Social Business
Management : Career Development, Executive Insights/Interviews, H-1B, Legal, Outsourcing, Personnel Management, Recruiting, Regulation/Compliance, ROI/TCO, Salary/Compensation, Small-Medium Business, Training, Workplace Trends
Personal Tech : Blackberry, Bluetooth, Bluray, Digital Cameras, Digital Music, Digital Rights Management, Global Positioning Systems, iPhone, iPod, Peripherals, Smartphones, TVs/Home Theater, Virtual worlds
Security : Antivirus, Application Security, Attacks/Breaches, Cyberterror, Encryption, End user/Client Security, Intrusion Prevention, NAC, Perimeter Security, Privacy, Security Administration, Storage Security, Vulnerabilities and Threats
Services : Business Process Outsourcing, Business Services, Disaster Recovery, Hosted Applications, Hosted Storage, Internet/Data Services, Outsourcing, Software as a Service, Systems Integration, Telecom/Voice Services
Software : Integration, Application Optimization, Business Systems Management, CRM, Database Applications, Databases, Development Tools, ERP, Hosted Software/Applications, Linux, Open Source, Operating Systems, Productivity Applications, Server Virtualization, Service Oriented Architecture, Web Services