Hacker Detection

This white paper, from cloud computing strategist Steve Staso, describes one key area of Cloud security - the management of privileged accounts. Learn about proven, automated, and scalable solutions available today for public Cloud providers, as well as private Cloud architects.

With the DroidDream malware discovery in March, and then Pandora's vulnerabilities identified in April, the inevitable happened: 2011 become the 'year of mobile malware'. All the pieces of the malware ecosystem puzzle that researchers have been warning about are falling into place. Modern mobile applications run on devices that have the functionality of a desktop or laptop running a general-purpose operating system. While many of the risks are similar to those of traditional spyware, Trojan software, and insecurely designed apps, mobile devices aren't just small computers. They're designed around personal and communication functionality which makes the top mobile application risks different from the top traditional computing risks. In this presentation, Veracode's Vice President of Security Research, Chris Eng, will outline the Top 10 Mobile Application Risks, designed to educate developers and security professionals about the mobile application behavior - both maliciously- designed or inadvertent - putting users at risk.

Enterprise key management is a critical issue for IT organizations that is compounded by the proliferation of encryption keys from discrete encryption point solutions and transparent database encryption (TDE) technologies. Learn how to control encryption keys and policies on an enterprise scale while reducing administration costs and security risks.

Mobile clients are an increasingly important channel for consumers accessing Web 2.0 and enterprise employees accessing on-premise and cloud-hosted services. This white paper explains how an identity management architecture, with the help of both SAML and OAuth, can support the two broad categories-web applications delivered through the browser and native applications installed onto the device-by providing a single consistent and cohesive identity infrastructure for both.

Many organizations lack a well-implemented classification program designed to identify, monitor, and apply effective controls to their sensitive information. Whereas some companies may have defined basic classification schemas on paper to organize their data, they lack the technical and business support to enforce data classification programs. Organizational obstacles, combined with the technical challenges of accurately identifying data make enterprise classification initiatives a non-starter for most organizations. In this white paper you will learn how to build a phased data classification program that maximizes the security and productivity of data as an enterprise asset that can be organized and utilized to support business objectives.

The infamy of WikiLeaks and the press' focus on the potential damage it has caused worldwide tends to overshadow some important questions like: Who and where does leaked data come from? How is it compromised? Is there any way an organization can prevent this from happening? The information supplied to WikiLeaks comes from trusted insiders; privileged users who have been trusted with access to very sensitive information to accomplish their jobs. In this whitepaper go beyond the WikiLeaks story to learn why insider threats are so difficult to detect with normal IT security, and how you can prevent them from damaging your organization.

Companies must allow privileged users to freely handle Intellectual Property, and trust they will use it securely at all times. But how does a company detect, deter, and prevent insider threats to their critical IP without impacting the business process? In this datasheet, you'll learn about a real-life crisis a Fortune 100 company faced when one of their senior researchers was caught stealing trade secrets worth over $400 million, and how they used Digital Guardian to successfully implement an enterprise information protection program that could discover, measure, and manage the risk to its IP across 50,000 users without impeding their ability to innovate and collaborate productively.

This document is aimed at those looking at data center builds, upgrades, or consolidation. It provides an introduction to some of the new security challenges of such environments and provides recommendations for implementing security in next-generation data centers.

This editorial brief addresses the disconnect between security and operations teams and the need for IT operations teams to address security and risk management.

How best practices in Cryptography and Key Management will Create Competitive Advantage when Securing the Cloud. The questions reverberate throughout the business community and the security industry: How do you secure the Cloud? What digital assets or business processes can be safely moved to the Cloud? What's the appropriate threshold of security for payment information, for example? How about medical records? What will it take to protect corporate brands and even national security? And who's going to accept the liability for failure? Enterprise customers and service providers alike are strategizing to see how they can move beyond commodity services to drive profit from the Cloud and use it for competitive advantage - increasing the value of the services on offer, making them an indispensable part of IT landscape.

As the size, frequency and complexity of distributed denial of service (DDoS) attacks increases, data center security and availability are quickly becoming top business concerns. Yet, traditional security products, such as firewalls and intrusion prevention systems (IPS), don't adequately stop today's complex, multi-faceted DDoS attacks. Arbor Networks, a leading network security company, recently introduced the PravailT Availability Protection System (APS), focused specifically on securing enterprise data centers from threats against availability caused by DDoS attacks. This paper, produced by independent research firm Ovum, objectively assesses the Pravail APS solution and its capabilities for defending the data center from DDoS attacks.

CSA has earned a reputation of providing the best behavioral based security on the market - but now it is going away, support is ending and organizations must find an alternative. CSA users know that they cannot be adequately protected without strong behavioral protection yet they are frustrated because the major endpoint security vendors seem to be committed to only offering signature/reputation based protections. This on demand webinar will focus on the strengths of CSA, including a listing of core requirements for any replacement option and migration issues to be considered as organizations plan their move to alternatives. There will be a discussion with a leading Cisco CSA technical consultant who has implemented and supported some of the largest CSA installations in the world and the introduction of StormShield including why it is a strong CSA replacement option.

News headlines are a constant reminder that malware attacks and data loss are on the rise. This paper outlines eight common threats that traditional antivirus alone won't stop, and explains how to protect your organization using endpoint security.

With IBM, the Ministry of Foreign Affairs was able to launch its ePassport system in just six months-enabling it to obey a new country law as it went into effect. This comprehensive system used IBM Business Partner document readers, fingerprint and photo systems, and IBM TivoliŽ and WebSphereŽ software.

The ease of accessing data electronically introduces new complexities and security challenges - including cyber threats - that companies must address if they want to remain competitive, profitable, and keep their customers and employees safe. Steve Robinson, GM IBM Security Solutions, talks about Cybersecurity.

Businesses face an increasingly complex set of threats to their Web applications-from malware and advanced persistent threats (APTs) to disgruntled employees and unintentional data leaks. Although there is no single security measure than can prevent all threats, the use of SSL encryption and digital certificate-based authentication is one of them.

Organizations of all sizes need to be aware of the risks posed by Advanced Persistent Threats (APTs) and take appropriate steps to protect sensitive data. This white paper provides an overview of APTs, examples and steps for defending against them as well as case studies that detail actual attacks.

This white paper explains the licensing and proper use of Symantec SSL Certificates for securing multiple Web servers and/or multiple domains and subdomains in the network configurations.

This paper examines how recent trends in Internet trust marks can help restore confidence in online shopping, and as concluded by at least one recent study, even induce those who do shop to spend more.

This whitepaper gives a broad overview of the ways in which Akamai can help organizations bolster the security of their Web-based assets, with capabilities ranging across the application, network, and DNS layers, as well as solutions focused on Distributed Denial of Service (DDoS) mitigation and business continuity.

This white paper assesses the current cyber-threat environment and discusses the use of distributed cloud services as an effective means to protect against evolving, modern-day IT threats.

There are hundreds of rogue anti-malware products on the Internet that infect PCs rather than detect malware. Learn how these scams look and work and how to prevent your computer from becoming infected.

Regardless of whether your organization uses Windows-based PCs or Macs or a mix of both, you need a solution that provides protection for all operating systems. Read to learn more.

This paper explains why customers are moving beyond traditional tools and processes when it comes to how they manage their virtual environments. ESG global field survey provides proof points, while analysts provide recommendations for next steps in the virtualization journey.

In the inaugural 2011 Magic Quadrant report, Gartner Inc. provides insights into the Identity and Access Governance (IAG) market.