Moving Beyond User Names and Passwords: An Overview of Okta's Multifactor Authentication Capability [ Source: Okta ]

February 2013- Typical web applications are protected with single-factor authentication: a user name and password. These credentials, in addition to being difficult to manage, leave sensitive data and applications vulnerable to a variety of common attacks. As enterprises adopt more cloud applications, addressing this threat will become critical. Unlike older on-premises applications, cloud applications are accessible to anyone on the public Internet. Multifactor authentication (MFA) is designed to protect against the range of attacks that rely on ...

ESG Technology Brief: Real-Time Risk Management [ Source: McAfee ]

February 2013- Information security based on regulatory compliance stipulations cannot keep up with today's sophisticated and rapidly changing threat landscape. CISOs need to implement a new discipline that ESG calls, "Real-time Risk Management."

Gartner MarketScope for Vulnerability Assessment Report [ Source: McAfee ]

February 2013- Vulnerability assessment vendors compete on management features, configuration assessment, price, reporting and integratin with other security products. Buyers must consider how VA will fit into their overal vulnerability management process when evaluatiing VA products and services.

Protect Critical Assets with Virtual Patching White Paper [ Source: McAfee ]

February 2013- As long as there is software, there will be software vulnerabilities. And wherever there are vulnerabilities, you will find malware and cybercriminals. This paper will examine that risk and provide a step by step process to protect your companies critical assets.

Solving Substantiation with SAML [ Source: F5 ]

February 2013- Gone are the days when majority of corporate employees worked in the office and were statistically mapped to their applications and resources which all ran behind the firewall. Today, not only are applications running on the LAN/corporate data center and being delivered from cloud-based networks. These cloud resources might not have access to a corporate directory for employee validation. In addition, today's workforce is highly distributed; using a multitude of different access devices, yet ...

The New Application Delivery Firewall Paradigm [ Source: F5 ]

February 2013- The firewall is, and has been, the primary foundation around which conventional network security architectures are built. But the conventional firewall is beginning to show its limitations in detecting and repelling modern attacks. Diverse attacks involving multiple layers of the network stack are causing firewall failures with alarming frequency. As a result, traditional firewall services alone are insufficient for detecting attacks and subsequently preventing business disruption. The new application delivery firewall technology provides enforcement of ...

The New Phishing Threat: Phishing Attacks [ Source: Proofpoint ]

February 2013- The threat of email borne attacks is greater than ever with malware volumes increasing drastically. One of the most common, and difficult to detect, email threats comes in the form of phishing and spear-phishing emails.

Historically, phishing attacks targeted end-users with attackers going after credentials to financial accounts. But modern phishing attacks have evolved toward targeting sensitive corporate data as evidenced by the high profile data breaches targeted at diverse organizations including RSA ...

Financial Services, Regulation and the Achilles Heel of Email [ Source: Proofpoint ]

February 2013- Ensuring data privacy in compliance with government regulations and consumer protection laws presents a complex set of challenges for financial firms. Coupled with the rising sophistication in security threats, many industries are under regulatory fire in demonstrating accountability and addressing compliance requirements in accordance with federal and state laws. How an organization is able to store and manage their data, including email, has a high impact on regulatory compliance.

Read this white paper ...

Implementing A Security Analytics Architecture [ Source: EMC ]

February 2013- New security threats demand a new approach to security management. Security teams need a security analytics architecture that can handle a much greater volume and wider scope of data than at present. They need threat intelligence about the latest tools, techniques, and procedures in use by the attacker community, and the ability to track and manage the responses initiated as a result of the issues they identify.

Detecção e investigação de ameaças avançadas. Infraestrutura [ Source: EMC ]

February 2013- A infraestrutura do RSA Security Analytics: oferece arquitetura modular para coleta distribuída, é baseada em metadados para fornecer indexação, armazenamento e capacidade de pesquisa eficientes. Utiliza a infraestrutura do RSA NetWitness para análise lógica e investigações, inclui o warehouse que fornece análise intensiva e arquivamento de longo prazo.

Remote Management and Control for Disaster Recovery [ Source: Raritan ]

February 2013- While IT managers can’t predict when disaster will strike, they can take steps to ensure that service will be restored as quickly as possible when it does. Raritan’s Business Continuity and Disaster Recovery Solutions helps IT staff to quickly, efficiently and accurately troubleshoot, diagnose and repair post-disaster system failures.

Remote Access & Control SIPRNet Solution [ Source: Raritan ]

February 2013- To ensure the secure transmission of classified and secret information, the U.S. Government has mandated that beginning April, 2013 all access to military, intelligence, and other classified systems will require the use of a limited-access computer network Secret Internet Provider Network (SIPRNet) token.

Even after organizations upgrade their systems for SIPRNet token access and issue hardware tokens, complying with the DoD mandate still poses significant challenges: How can authorized users quickly and securely ...

SANS ForeScout BYOD Mobile Security [ Source: ForeScout ]

January 2013- With the introduction of BYOD and its associated threats, Network Access Control has emerged as a compliance-critical solution. Discover how NAC policies and approaches can secure guest devices and mitigate the risk of BYOD access to the enterprise.