The Center for Strategic and International Studies (CICS) report recommends broad adoption of penetration testing across the federal space, and greater use of vulnerability and exploit testing to improve the nation’s cybersecurity standing within several different contexts.
This white paper outlines the key CICS recommendations and identifies a commercial software solution and services that address each of these key issues.
The release of the 2009 Consensus Audit Guidelines (CAG) outlines the need for federal cyber-security controls that are tacitly proactive and can “inform defense” of actual attacks that have compromised systems, or those that could transpire to do so.
This white paper explores specific directives of the CAG, and highlights a commercial software application that arms government agencies and their private-sector partners with the tools to perform ongoing penetration testing of web applications, network ...
April 2010- In this white paper, government agencies learn about new provisions added to the Guide for Assessing Controls in Federal Information Systems (NIST SP 800-53A), and how a new commercial software tool addresses these provisions with penetration testing that identifies and assesses critical vulnerabilities existing across networks, endpoints and web applications.
December 2007- This white paper describes Video Synopsis technology, a proprietary, innovative image-processing technology being commercialized by BriefCam. Video synopsis is an approach to create a short video summary of a long video. It tracks and analyzes moving objects (also called events), and converts video streams into a database of objects and activities. The technology has specific applications in the field of video surveillance where, despite technological advancements and increased growth in the deployment of CCTV (closed ...
February 2010- This article explains how compliance, security, and cost efficiency are intertwined, and shows how enterprise content management software enables compliance and security while lowering costs of each, and more. Tips are also provided for evaluating potential software vendors and helping employees to adapt to a digital environment.
November 2009- Human Resources (HR) data is one of the most sensitive forms of information any organization maintains. Ensuring the security of this data is therefore critical not only to preserve the sanctity of employees’ highly personal information, but also to minimize legal risk to the organization as a whole. This issue takes on even more importance as organizations choose to deploy their talent management systems via a software-as-a-service (SaaS) delivery model. With the costs of a ...
December 2005- The degraded service and lost business from a Denial of Service (DoS) attack can lead to staggering costs both during and after an attack. Beyond the immediate costs, the lasting effects of a successful DoS attack include lost customers, loss of faith in the service’s dependability, and damage to the corporate brand. This white paper focuses on how Intrusion Prevention Systems (IPS) can address these challenges.
January 2009- There is some confusion in the marketplace about intrusion-security systems. Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS) have similar names. Download this white paper provided by TippingPoint to learn the difference between the two solutions and the eight questions to ask about Intrusion Prevention Systems (IPS).
December 2009- One of the primary objectives of a recent White House review of Internet security is to promote the user awareness of the information threats to the United States and to individual citizens. This awareness thrust is also important in demonstrating that information security is a top national priority. This, in turn, is intended to influence information systems providers to focus more on security as they develop systems. This white paper responds to that call with ...
December 2009- As the world computing infrastructure becomes likewise complicated, network and system communications have significant problems in identifying who to trust. Corporate and government personnel enter systems through a variety of methods: remote access, wireless PDAs, laptops via VPN from public access points. Establishing trust includes the identity of hardware and processor nodes, the identity and authenticity of software instructions, and the identity and authenticity of system users. Describing and categorizing all of the different types ...
October 2009- Firewall rules that provide access to a wide array of services in a large network, while at the same time securing the critical assets from attacks, tend to become very large in size and redundant in functionality. As rule bases become large, administrators become hesitant to modify existing rules and instead add new rules for fear of causing an adverse impact on existing service availability. Over time, rule bases become very bloated, requiring not only ...
Detect change and make IT actionable.
With pressure on IT departments to remain lean and efficient, comply to policies and regulations, and also provide reliable 24/7 service, it is imperative that companies large and small adopt solutions and processes to ensure a known and trusted state at all times. With the reliance on technology to conduct business, interact with customers, and meet auditing requirements, “store doors” need to remain open at all times.
Public sector IT environments are complex infrastructures that are increasingly more difficult to manage efficiently and effectively.
Nevertheless, government organizations are continually striving to implement an IT infrastructure that provides a high degree of availability, security, and regulatory compliance.
This paper outlines the relationship of security to the nature of infrastructure integrity, change auditing, and compliance solutions. It describes how an investment in configuration assessment and change auditing solutions can provide ...
The number of security breaches of federal information systems and cases of improper access to these systems continues to grow at an alarming rate.
In response to this tremendous increase in detected and reported incidents, the Obama administration has intensified its focus on cyber security across all federal agencies. Clearly, there is concern about and a desire to improve the security of federal information systems. So where and how do we address the ...
October 2009- Federal computer systems have long been a favorite target of hackers. This paper explores why federal efforts to improve security have often fallen short and how IT professionals can address this challenge. Tripwire CTO Gene Kim suggests seven actionable steps to improve cyber security based on a long-term study of information security organizations.
September 2009- This article discusses how enterprise content management software minimizes business expenses for higher-education organizations by capturing, indexing, and storing documents digitally at the point of receipt. Desktop scanning, online forms, bar codes, and other forms of capture end the paper chase, making document contents useful moments after they’re received. The paper discusses how capturing and indexing forms, correspondence, e-mails, faxes, photos, images, and supporting documentation in a central, searchable ECM repository ensures that authorized ...
December 2008- In keeping with the Health Insurance Portability and Accountability Act, Public Law 104-191 (HIPAA), which was adopted in 1996, all American organizations that use the personal medical data of citizens are required to guarantee the confidentiality of that information. HIPAA requirements are mandatory for medical institutions, medical insurance companies, government agencies, and other organizations that have access to private medical records. The privacy and security requirements set out in HIPAA have also been included in two ...
December 2008- Soon after they were introduced years ago, payment cards became one of the most popular means of making payments for goods and services among the public. But while payment cards provide their holders with maximum convenience, using them involves additional risks. If the information that is contained on a plastic card falls into the hands of a malicious user, the owner of that card risks losing money from his personal bank account. It is equally ...
June 2009- This paper covers what PDF security vendors are not telling you about their products and solutions, and what questions you should be asking. Is the PDF security software you are looking to purchase really secure? If the PDF DRM protection software you are evaluating can be simply broken then you might as well save your money.
September 2009- This special report addresses best practices for combating fraud with analytics. The report also includes several case studies showing how leading financial institutions are receiving rapid returns on anti-fraud technology. Topics include: analyzing social networks to identify crime rings; improving customer service with anti-fraud technology; keeping tabs on internal fraud risks; and results from top banks worldwide.
July 2009- Federal computer systems have long been a favorite target of hackers. This paper explores why federal efforts to improve security have often fallen short and how IT professionals can address this challenge. Get 7 actionable steps to improve cyber security based on a long-term study of information security organizations.
July 2009- Video surveillance and security are unlike applications typically found in IT environments. Video surveillance systems are real-time, resource-intensive systems that run 7x24x365 in a streaming mode, where the processing power, network bandwidth, disk throughput, and storage capacity requirements are extreme. A proper design of servers, networks, and storage is the key to successful video surveillance systems. Video Surveillance is often like a 911 system. Architecting a reliable surveillance system without excessive cost is important to ...
October 2008- The use of video surveillance by local, state, and federal governments has increased proportionally with the greater need for public security and a responsibility to protect citizens. This white paper looks at various government applications for IP surveillance systems and introduces the latest solutions from D-Link.
October 2008- The white paper identifies best practices and defines use cases for ERO credentials based on the FIPS 201 standard, and outlines how these credentials can meet identity goals of trust, privacy, interoperability, and usability. It also describes recent demonstrations and pilots of the First Responder Authentication Credential (FRAC) that have involved emergency response officials in the National Capital Region, Virginia, Maryland, Pennsylvania, Texas, Illinois, Florida and Colorado.
January 2009- A leading industry analyst was quoted saying: “Most companies have little idea how pervasive FTP activity is in their organizations because FTP is no longer just a protocol for internal and external file integration mechanism”. Not only has FTP widely spread throughout organizations, but its popularity seems to have no limit and is continually increasing. Unfortunately there has been an increasing number of security incidents where FTP was identified as a critical factor. To put ...
View All Categories
Business Intelligence : Analytics, Business Process Management, Content management, Dashboards, Data Mining, Data Quality, Databases, Datamarts/Data Warehouses, Information Management, Knowledge Management, Performance Management
Hardware : Blades, Data centers, Desktops/PCs, Grid/Cluster Computing, Handhelds/PDAs, Macintosh, Peripherals, Processors, Supercomputers, Unix/Linux servers, Utility/On-demand Computing, Virtualization Hardware, Windows Servers
Infrastructure : ATM, Ethernet/Gigabit Ethernet, Frame relay, IPv6, Traffic Management, Network/Systems Management, PBXs, Printers, Remote Access, Routers, Switches, UPS, VPNs, WAN Optimization/Acceleration, Wide Area File Services
Internet : B2B, B2C, Browsers, E-Business/E-Commerce, E-retail, Google, Internet Policy, Internet Security, Search, Social Networks, Traffic Reporting/Monitoring, Web 2.0, Web Development, Social Business
Management : Career Development, Executive Insights/Interviews, H-1B, Legal, Outsourcing, Personnel Management, Recruiting, Regulation/Compliance, ROI/TCO, Salary/Compensation, Small-Medium Business, Training, Workplace Trends
Personal Tech : Blackberry, Bluetooth, Bluray, Digital Cameras, Digital Music, Digital Rights Management, Global Positioning Systems, iPhone, iPod, Peripherals, Smartphones, TVs/Home Theater, Virtual worlds
Security : Antivirus, Application Security, Attacks/Breaches, Cyberterror, Encryption, End user/Client Security, Intrusion Prevention, NAC, Perimeter Security, Privacy, Security Administration, Storage Security, Vulnerabilities and Threats
Services : Business Process Outsourcing, Business Services, Disaster Recovery, Hosted Applications, Hosted Storage, Internet/Data Services, Outsourcing, Software as a Service, Systems Integration, Telecom/Voice Services
Software : Integration, Application Optimization, Business Systems Management, CRM, Database Applications, Databases, Development Tools, ERP, Hosted Software/Applications, Linux, Open Source, Operating Systems, Productivity Applications, Server Virtualization, Service Oriented Architecture, Web Services