security controls

Results 1 - 25 of 124Sort Results By: Published Date | Title | Company Name
Published By: F5 Networks Inc     Published Date: Sep 14, 2018
As the threat landscape evolves, so must our security controls and countermeasures. Recent research from F5 Labs revealed that applications are the initial targets in the majority of breaches, suggesting that any app can be an attack vector. Cybercriminals are moving their tactics further up the stack using sophisticated application-layer exploits, as well as an emerging wave of automated, bot, and IoTbased threats that are quite capable of evading simple signature or reputation-based detection. Yet, the majority of WAFs on the market today have remained largely unchanged, leaving the applayer exposed, unable to proactively monitor and protect against evolving attack vectors.
Tags : 
    
F5 Networks Inc
Published By: F5 Networks Inc     Published Date: Aug 16, 2018
As the threat landscape evolves, so must our security controls and countermeasures. Recent research from F5 Labs revealed that applications are the initial targets in the majority of breaches, suggesting that any app can be an attack vector. Cybercriminals are moving their tactics further up the stack using sophisticated application-layer exploits, as well as an emerging wave of automated, bot, and IoTbased threats that are quite capable of evading simple signature or reputation-based detection. Yet, the majority of WAFs on the market today have remained largely unchanged, leaving the applayer exposed, unable to proactively monitor and protect against evolving attack vectors.
Tags : 
threats, applications, cybercriminals
    
F5 Networks Inc
Published By: Cylance     Published Date: Jul 02, 2018
Matthew Coy, Safelite’s Vice President of Information Technology, is responsible for overseeing all aspects of the company’s IT infrastructure, including selecting, administering, and supporting technology products. The company handles personally identifiable information, including credit card information and insurance data collected from several sources, and must comply with insurance industry regulations and the Payment Card Industry Data Security Standard. Safelite is the target of constant external attacks. The organization experienced ongoing security issues stemming from infected software, drivebys and other malicious downloads. According to Matthew, “A lot of malware and email viruses were making it through the environment, all bypassing our email security and AV.” Not only were the security controls ineffective, the previous AV platform required nearly 150 hours per week to manage. Matthew knew Safelite needed to make a change, and fast. Having worked with Cylance® at two previous companies, he was confident CylancePROTECT® could significantly improve Safelite’s endpoint security. Read the full case study to learn about the results Cylance was able to deliver.
Tags : 
safe, lite, cybersecurity, data
    
Cylance
Published By: LogRhythm     Published Date: Jun 19, 2018
As in years past, 2017 was packed with stories of cyber security failure. Between sophisticated attackers, lack of proper security monitoring and controls implementation, and devastating data breaches that may have arisen from these scenarios, it’s easy to see that we still face serious challenges in the security arena, with potentially serious consequences. Why are we continually seeing these issues? Many security professionals readily admit that we don’t have the staff, training and breadth of coverage in our security controls to adequately combat the attackers today. How is this happening when we’re spending so much money and time on cyber security?
Tags : 
logrhythm, sans, cloudai, ueba
    
LogRhythm
Published By: Akamai Technologies     Published Date: Jun 14, 2018
"Existing security controls are outmatched — at best static and reactive. Current layers likely aren’t protecting you against all attack vectors, like the vulnerable back door that is recursive DNS. And security mechanisms that frustrate, impede, or disallow legitimate users, devices, or applications will have low adoption rates and/or will curtail productivity. Benign users may even circumvent these processes, further undermining your corporate security posture and creating more gaps in your defense-in- depth strategy. One of the many use cases associated with a zero trust security strategy is protecting your network — and most importantly, your data — from malware. "
Tags : 
dns, rdns, security, zero trust security, malware, data, network security
    
Akamai Technologies
Published By: Symantec     Published Date: Jun 13, 2018
Today’s workforce is increasingly nomadic. Employees use personal and company-owned devices desktops, laptops, tablets, and smartphones with various operating systems to access corporate resources over different networks from virtually anywhere. Roaming users and cloud-based applications have eroded the network perimeter where enterprises have traditionally focused their security controls. In the wake of this disruption, vendors offered myriad point products that solve only a portion of the security problem. These products usually require costly custom integrations and high management overhead to boot. Making matters worse, traditional security approaches can’t address an evolving threat landscape that includes ransomware, stealthy attacks that dwell in a customer’s environment for months, and threats targeting iOS and Android devices. In fact, the mobile workforce is more vulnerable than ever before.
Tags : 
    
Symantec
Published By: CA Technologies     Published Date: Jun 01, 2018
Challenge Businesses today must reduce the risk of security breaches to protect the valuable data within their organizations. At the same time, IT auditors are increasingly enforcing ever more stringent requirements on the business. The bottom line is that privileged accounts and privileged access are being targeted by hackers as a new attack surface and focused on by auditors who are insisting on greater controls around privileged accounts. Opportunity The right privileged access management solution provides comprehensive protection for your missioncritical servers with powerful, fine-grained controls over operating system-level access and privileged user actions. Capable of enforcing access controls on powerful native Superuser accounts—like the UNIX® and Linux® root and Microsoft® Windows® administrator—this system-level, host-based privileged access management solution controls, monitors and audits privileged user activity, improving security and simplifying audit and compliance. B
Tags : 
    
CA Technologies
Published By: Dome9     Published Date: Apr 25, 2018
AWS provides powerful controls to manage the security of software-defined infrastructure and cloud workloads, including virtual networks for segmentation, DDoS mitigation, data encryption, and identity and access control. Because AWS enables rapid and elastic scalability, the key to securing cloud environments is using security automation and orchestration to effectively implement consistent protection across your AWS environment. The following eBook will discuss Dome9 best practices for using AWS controls to establish a strict security posture that addresses your unique business needs, and maintaining consistency across regions, accounts, and Virtual Private Clouds (VPCs) as your environment grows.
Tags : 
    
Dome9
Published By: CA Technologies EMEA     Published Date: Apr 10, 2018
Challenge Organizations undergoing digital transformations are dealing with amplified concerns around risk and security, which isn’t surprising. Digital transformation initiatives inevitably result in more points of access to enterprise infrastructure that are outside of existing controls, accessible by a greater number and more diverse set of identities, and proliferated across a distributed and dynamic infrastructure. Opportunity Knowing your privileged users is knowing your risk. Privileged access management tools themselves must be able to support automation in the authorization process and enable scalability through support for both dynamic operations and ephemeral infrastructure. Benefits Better pinpointing attacks exploiting credential theft isn’t simply a question of accumulating more data but involves incorporating better data about privileged user behaviour, which can identify significant changes that represent real risk.
Tags : 
    
CA Technologies EMEA
Published By: Anaplan     Published Date: Mar 29, 2018
To support these principles, Anaplan was deliberately crafted as a highly distributed global company that allows for significant resiliency against threats and disasters. All functions within Anaplan are geographically distributed across the globe, reducing risks associated with regional events. The U.S. offices host most of the sales, marketing, and support activities. Staff in the U.K. and Singapore offices provide regional coverage, in addition to backup support.
Tags : 
anaplan, architecture, security, controls, geographically, regional, global
    
Anaplan
Published By: Lookout     Published Date: Mar 28, 2018
The time has come for enterprise risk management to change. Mobile devices have become core to our personal and professional lives, yet most enterprises remain focused on traditional PC endpoints. Although many of the same elements of risk that affect PCs also apply to mobile endpoints, simply extending current PC security controls to your mobile feet is ineffective. Enterprise risk management needs to evolve to address mobile risks, and security professionals must architect mobile specifc security. To encourage this evolution, Lookout developed the Mobile Risk Matrix. Its purpose is to help security organizations understand the spectrum of risk on mobile devices and to provide data that demonstrates the prevalence of mobile risk.
Tags : 
    
Lookout
Published By: LogRhythm     Published Date: Feb 22, 2018
Some organizations have formal security operations centers (SOCs). Formal 24x7 SOCs are tightly secured areas where teams of dedicated analysts carefully monitor for threats around the clock, every day of the year. The analysts are checking their organization’s enterprise security controls to identify possible signs of intrusion and compromise that may require a response by the organization’s incident responders.
Tags : 
    
LogRhythm
Published By: Akamai Technologies Australia     Published Date: Feb 08, 2018
Credential stuffing is on the rise. Bots are getting smarter and malicious actors are getting more confident. Unfortunately, these advanced cyberattacks are also becoming more difficult to detect with standard security controls. Learn more about credential stuffing and how you can protect your business, your brand, and your customers from bots that commit fraudulent activity.
Tags : 
credential, bots, business, risk, management, security, cyberattacks
    
Akamai Technologies Australia
Published By: Tenable     Published Date: Feb 07, 2018
While multinational companies can likely meet some of the GDPR requirements right now, most will find the path to full compliance requires many changes to business-as-usual security practices. Read this paper to learn how you should be preparing your information security program for compliance with the GDPR. Written for InfoSec leaders, the paper includes: - A glossary outlining key concepts of the Regulation - 13 essential steps you should take to help ensure GDPR compliance - A summary of infosec considerations posed by the EU Data Protection Directive 95/46/EC and GDPRD
Tags : 
security frameworks, compliance, iso 27000, cis controls, nist, pci, security regulation
    
Tenable
Published By: Tenable     Published Date: Feb 07, 2018
"Basing your infosec program on an established security framework gives you the controls, KPIs and vocabulary needed for building – and operating – a structured, scalable, and effective practice. For insights into how this works in the real world, download and read Economic, Operational and Strategic Benefits of Security Framework Adoption, a collection of brief essays from 28 global infosec leaders. Topics covered include: - Meeting customer and partner requirements - Improving security practices - Enabling effective communications with corporate leaders - Addressing global compliance challenges - Adapting the framework to fit your needs"
Tags : 
security frameworks, gdpr, general data protection regulation, compliance, iso 27000, cis controls, nist, cyber, ciso, experts, ebook
    
Tenable
Published By: Tenable     Published Date: Feb 07, 2018
"Securing the modern attack surface is a critical challenge you must effectively address to reduce cyber exposure and protect your enterprise. By reading this ebook you’ll learn what’s working – and what’s not – from 29 global infosec leaders, representing a diverse array of industries and perspectives. Download your copy today for insights and lessons learned about: - Securing a dynamic IT environment - Rethinking security for cloud environments - Moving security to the application layer - Focusing on data security - Automating security testing and controls"
Tags : 
secure devops, web application security, attack surface, cloud, container security, ciso, cyber, experts, ebook
    
Tenable
Published By: Staples Business Advantage     Published Date: Jan 22, 2018
Cybersecurity risks don’t begin and end with your PCs. Watch this webinar to hear HP’s top security expert Ron Chestang detail some surprising security issues lurking in your print network and outline specific controls you can use to minimize the risk.
Tags : 
mps, cybersecurity, print security, managed print, print networks, network security, it security, security, data security
    
Staples Business Advantage
Published By: Google     Published Date: Jan 08, 2018
Google has helped millions of businesses address their content management challenges and transform the way they work by offering G Suite, which provides a set of user-friendly collaboration tools with the security, controls, and compliance every enterprise needs. Google is named a Leader in the Gartner 2017 Magic Quadrant for Content Collaboration Platforms (CCP). We are honored by Gartner's recognition in this report, which evaluates vendors based on their vision and ability to execute. Download the Gartner report and find out more now.
Tags : 
content collaboration, collaboration tools, content management, gartner
    
Google
Published By: Symantec     Published Date: Dec 13, 2017
Today’s workforce is increasingly nomadic. Employees use personal and company-owned devices – desktops, laptops, tablets, and smartphones with various operating systems – to access corporate resources over different networks from virtually anywhere. Roaming users and cloud-based applications have eroded the network perimeter where enterprises have traditionally focused their security controls. SymantecTM provides a complete endpoint solution powered by the world’s largest civilian Global Intelligence Network (GIN) to help organizations secure their enterprise and mobile workforce across traditional and modern OS devices used over any network and from any location. Read this white paper to find out more.
Tags : 
security, defense, cloud, threats, attack, symantec, enterprise, endpoint, solutions, global, intelligence, network, devices, mobile, workforce
    
Symantec
Published By: McAfee EMEA     Published Date: Nov 15, 2017
The top concern of all of respondents with moving to IaaS is having consistent security controls that provide integrated security with central management across all cloud (private and public) and traditional data center infrastructure. The top concern of all of respondents with moving to IaaS is having consistent security controls that provide integrated security with central management across all cloud (private and public) and traditional data center infrastructure.
Tags : 
cloud, usage, data, infrastructure, private, public, security, integration
    
McAfee EMEA
Published By: Cybric     Published Date: Oct 30, 2017
Learn how a security rationalization process helps CISOs optimize your security infrastructure while improving the bottom line. Development velocity is accelerating as enterprises adopt DevOps methodologies, yet security is still not integrated into the coding and deployment processes. Security teams are falling further behind as their manual processes and controls can’t scale at the same rate as development. This paper discusses: The impact the current approach to application security has on business How shifting security left in the application development process, seamlessly integrating it “early and often,” can accelerate innovation Questions the Board and C-suite are now asking about security: are you prepared? Read this paper to learn how, by shifting security left in the development process, it’s now no longer an obstacle to velocity, innovation and competitiveness. Instead, it’s an asset.
Tags : 
application security, (security) automation, (security) orchestration, security visibility, devsecops, devops, security assurance, security resilience, application security tools, cio, ciso, appsec
    
Cybric
Published By: Secureworks ABM UK 2017     Published Date: Oct 23, 2017
Technical Tests are designed to cover specific services. Each security test has its own objectives and acceptable levels of risk. There is not an individual technique that provides a comprehensive picture of an organisation’s security when executed alone. A qualified third party can work with you to determine what combination of techniques you should use to evaluate your security posture and controls to begin to determine where you may be vulnerable.
Tags : 
cyber security, cyber security framework, data security, firewall, general data protection regulation, incident and problem management, information security, intrusion detection, intrusion prevention, log management, malware, vulnerabilities, managed security services, network security, pci compliance, penetration testing, ransomware security consulting, security management, security monitoring, vulnerability assessments
    
Secureworks ABM UK 2017
Published By: AlienVault     Published Date: Oct 20, 2017
Maintaining Payment Card Industry Data Security Standard (PCI DSS) compliance can be both difficult and expensive. For most small to medium sized organizations, it doesn’t have to be as long as you have the right plan and tools in place. In this paper you’ll learn five steps to implement and maintain PCI DSS compliance at your organization by: • Determining your true business requirements • Inventorying locations and assets • Segmenting environments • Operationalizing controls • Automating controls and control reporting Demonstrating compliance with PCI DSS is far from a trivial exercise. This checklist will help you on your quest to achieve and maintain PCI DSS compliance.
Tags : 
    
AlienVault
Published By: AlienVault     Published Date: Oct 20, 2017
The security-oriented rule of the Health Insurance Portability and Accountability Act (HIPAA) is designed to ensure the confidentiality, integrity, and security of ‘electronic protected health information’ (ePHI). However, to comply with the Security Rule and to demonstrate that security controls are in place and working is no easy task, especially for today’s resource-constrained IT security teams. AlienVault® Unified Security Management™ (USM) helps you to accelerate your path to HIPAA compliance and simplifies maintaining your HIPAA certification thereafter. With multiple essential security capabilities together into a single platform, AlienVault USM gives you an affordable and easy-to-use solution to satisfy the HIPAA Security Rule, and provides highly customizable, predefined HIPAA compliance reports out of the box, making it fast and simple to get the visibility you need to maintain your organization’s security posture.
Tags : 
    
AlienVault
Published By: Secureworks     Published Date: Oct 04, 2017
Technical Tests are designed to cover specific services. Each security test has its own objectives and acceptable levels of risk. There is not an individual technique that provides a comprehensive picture of an organization’s security when executed alone. A qualified third party can work with you to determine what combination of techniques you should use to evaluate your security posture and controls to begin to determine where you may be vulnerable.
Tags : 
    
Secureworks
Start   Previous   1 2 3 4 5    Next    End
Search      

Related Topics

Add Your White Papers

Get your white papers featured in the Data Center Frontier Paper Library contact:
Kevin@DataCenterFrontier.com