Intrusion Detection

Organizations across the globe continue to experience compromised data caused by malicious attacks, web application vulnerabilities or unauthorized changes. These organizations are also challenged to remain in compliance by the proliferation of diverse databases and platforms distributed across the enterprise -including cloud, commercial, OLTP and batch environments. IBM® InfoSphere® solutions for data security and privacy are designed to support a holistic approach, helping organizations protect its data against a complex threat landscape while remaining focused on business goals. Because the InfoSphere solutions are scalable and modular, organizations can focus on their most critical data protection concerns first, and then adopt other solutions over time. InfoSphere solutions for data security and privacy help your organization to: understand where the data exists; safeguard sensitive data, both structured and unstructured; protect production and non-production environments; secure and continuously monitor access to data; and demonstrate compliance to pass audits. View this demo and learn how IBM InfoSphere Guardium® database activity monitoring can help protect your sensitive data in distributed DBMS environments with a holistic approach to data security and compliance.

Data security presents a multi-dimensional challenge in today's complex IT environment. Multiple access paths and permission levels have resulted in a broad array of security threats and vulnerabilities. Traditional "fortress approaches" such as firewalls and IDS/IPS systems are no longer sufficient to defend against attackers who can easily bypass perimeter defenses. These security measures can't differentiate or prevent unauthorized traffic that appears to be legitimate. We invite you to read this new eBook: "Protecting against database attacks and insider threats" to learn the top five scenarios and essential best practices for preventing database attacks and insider threats.

As organizations utilize the Internet for almost every aspect of their business operations, a distributed denial of service (DDoS) attack can put the entire enterprise at risk. Explore DDoS trends that took place in 2011 and learn what to expect in 2012.

Discover how DDoS attacks are getting larger, more sophisticated and dangerous. Learn the risks to Internet infrastructure, revenues and brand equity. Get insight about IT environmental changes. Read why a managed solution Like Neustar® SiteProtect offers better protection, for less money, than doing it yourself.

The search for a viable replacement to Cisco's CSA has resulted in frustration for many CSA customers, either taking a backseat to other projects or wasting precious time and resources looking at inadequate solutions. Matrix gets it. Time and again we've seen existing CSA customers seeking the same levels of protection and control provided to them by CSA for years that they have been happy with and depended on. If you have just started your CSA replacement search or if you are frustrated after looking at and rejecting many products that claim that they can replace CSA and feel like giving up and accepting a poor replacement option you have found the right resource to help you. This white paper is intended as a roadmap for CSA users to identify the key features of CSA that they must have in a replacement security product and the best available options including StormShield the new leader in endpoint behavioral protection.

Download this technical overview for a common-sense guide to automate your privileged identity security. You'll learn the fundamentals of what makes a good Privileged Identity Management solution, the steps you can take for a successful deployment, and ways to take advantage of your new software to maximize the return.

Learn about the HIPAA/HITECH regulations affecting electronic protected health information (ePHI) and how to meet regulatory compliance through encryption of data at rest and encryption key management across the heterogeneous enterprise. Strong encryption, policy-based access controls, and secure key management provide a separation of duties and ensure consistency across both structured and unstructured data.

Data security and compliance issues need to be addressed to ensure sensitive data is safe in the cloud. Discover the cloud security challenges posed by Software as a Service (SaaS), Platform as a Service (PaaS) and Infrastructure as a Service (IaaS) environments and explore how encryption, policies, separation of duties and key management successfully protect data at rest.

The business trend towards IT "consumerization" is being driven by cost savings and employee pressure to allow the use of employee-owned mobile devices to access corporate email and attachments. Businesses are scrambling to support greater mobility, but are justifiably concerned about the potential for consumerization to put sensitive data at greater risk. A new type of mobile data protection model is needed to overlay and augment emerging mobile device management (MDM) solutions to ensure sensitive corporate data remains secure and contained on an employee's personal device, without comingling with their private data. In this datasheet you'll learn how Digital Guardian's Enterprise Information Protection (EIP) technology platform extends its data-centric security model for hosts and virtual environments to include monitoring and controlling the movement of sensitive information to employee-owned devices through the Blackberry Enterprise Server (BES) and Exchange ActiveSync (EAS).

Preventing data misuse by trusted users is the hardest information protection challenge to solve. More than ever, the growing need for "anytime, anywhere" data collaboration to support business strategy creates new opportunities for privileged insiders to compromise classified information. Traditional IT security measures which simply control unauthorized network or application access are ineffective, as insiders already have full authorization to the data. A data-centric security approach is required to defend against the Insider Threat. In this datasheet, you'll learn about proven strategies and technologies to detect, deter, and prevent insider threats to sensitive data.

Many organizations lack a well-implemented classification program designed to identify, monitor, and apply effective controls to their sensitive information. Whereas some companies may have defined basic classification schemas on paper to organize their data, they lack the technical and business support to enforce data classification programs. Organizational obstacles, combined with the technical challenges of accurately identifying data make enterprise classification initiatives a non-starter for most organizations. In this white paper you will learn how to build a phased data classification program that maximizes the security and productivity of data as an enterprise asset that can be organized and utilized to support business objectives.

VDI and VM solutions are valued for their cost effectiveness and flexibility, but can create new information risks because infrastructure-dependent security solutions - like DLP, access control, or network security appliances - are unable to identify, monitor, or enforce identity-based data usage policies within virtual environments. In this datasheet learn how Verdasys Digital Guardian enables businesses to maximize the competitive advantage of virtual environments without sacrificing their ability to protect sensitive data.

The infamy of WikiLeaks and the press' focus on the potential damage it has caused worldwide tends to overshadow some important questions like: Who and where does leaked data come from? How is it compromised? Is there any way an organization can prevent this from happening? The information supplied to WikiLeaks comes from trusted insiders; privileged users who have been trusted with access to very sensitive information to accomplish their jobs. In this whitepaper go beyond the WikiLeaks story to learn why insider threats are so difficult to detect with normal IT security, and how you can prevent them from damaging your organization.

A company's Intellectual Property (IP) often represents both a significant portion of its assets, and a critical component of its competitive differentiation. IP comes in many different forms and can include "structured" types like spreadsheets and documents, or "unstructured" types like images, formulae or software code. Whatever form it takes, the potential value of any IP is determined by the risk of its acceptable use. In this whitepaper, learn how Digital Guardian is used to enforce risk-based policies within collaborative environments that increase both the security and productivity of IP without sacrificing one for the other.

Companies must allow privileged users to freely handle Intellectual Property, and trust they will use it securely at all times. But how does a company detect, deter, and prevent insider threats to their critical IP without impacting the business process? In this datasheet, you'll learn about a real-life crisis a Fortune 100 company faced when one of their senior researchers was caught stealing trade secrets worth over $400 million, and how they used Digital Guardian to successfully implement an enterprise information protection program that could discover, measure, and manage the risk to its IP across 50,000 users without impeding their ability to innovate and collaborate productively.

One of the biggest challenges in information security is Identity and Access Management (IdM). How do you control who has access to what systems and technology within your enterprise? This problem becomes even more difficult in the public cloud. The ability to control the technology is limited and it's difficult to leverage tools such as single sign on/federation products. This paper provides best-practices for overcoming the challenges involved with safely and securely managing your users within public as well as private clouds.

Cyber threats are one of the greatest risks faced by IT organizations today. Networks serve as a key control point for cyber security, providing an access path for both inside and outside attacks. Yet networks are not easy to secure. Cyber security cannot be addressed in isolation. It must consider other variables and test them together in order to ensure an optimal solution. This process is called PASS testing since it includes performance, availability, security and scalability testing. This paper describes today's cyber threat, cyber security design challenges and the PASS testing methodology for design validation.

The report explores the correlation between the current use of patch management and the level of endpoint-related risk that companies are effectively accepting.

This white paper examines DDoS attacks in detail. It illustrates the attack vectors being used and describes why the threat to organizations is greater than ever before. It explains why traditional firewall and IPS solutions fall short in protecting organizations against today's sophisticated DDoS attacks. The Arbor Networks solution, profiled within, is described as a complete, purpose-built solution that Frost & Sullivan believes can provide protection against the wide range of DDoS attacks targeting corporate data centers."

SIEMs are today's must-have security product, say a number of industry observers. Modern SIEM technology can deliver real-time analysis of security alerts generated by network hardware and applications, and it is also used to log security data and generate reports for compliance requirements. However, determining what SIEM solution to deploy, and how, isn't a trivial task. In fact, it can often be complex and require considerable research and planning. Still, those who have put the tool to use say the advantages of getting modern SIEM technology in place compensates for the effort.

Employee-owned mobile devices are in the enterprise to stay. But the explosion in the numbers and types of mobile devices spawns questions that organizations must address if they are to gain the most benefits possible from employees, their devices and the business network.

This paper explores how rise of Data-Driven Security is explored, along with the advantages of data-driven tactics that can vastly improve the effectiveness of threat detection and response, and the emergence of data synthesis that delivers strategy-enabling insight from these new approaches.

The McAfee virtual patching solution provides a layered approach to security risk management, while adding the ability to apply a virtual patching strategy to your existing change-management process. It combines proven defenses and security insight with real-time Global Threat Intelligence to close the vulnerability window until patching can occur through your regular change-management processes.

Malware, botnets and other malicious programs threaten your network-at your central offices and your branch offices alike. Yet enforcing consistent network security throughout your enterprise can be challenging-especially for those of you with branch offices with few users and no IT expertise. This paper introduces a new standard - an innovative, unified, cost-effective solution for managing branch office security.

Botnets pose a serious threat to your network and they rival the power of today's most powerful cloud computing platforms. These "dark" clouds, controlled by cybercriminals, are designed to silently infect your network. This paper details how you can protect against the risk of botnet infection using security gateways that offer comprehensive unified threat management (UTM).