Password Management

The Enterprise Strategy Group has been actively following the information security market since 2003. During this timeframe, ESG has undertaken numerous surveys involving thousands of enterprise security professionals and conducted hundreds of interviews with CISOs and other senior security executives. Over the past few years, ESG has noticed change in the information security air. Since enterprises face a much more dangerous threat landscape, they are actively evolving historical tactical security defenses into a more formal information security management framework. Based upon this evolutionary trend, ESG developed a 4-phased security management maturity model.

Which encryption technology is right for your enterprise? Discover the strengths and limitations of encryption approaches to protect data at rest, which data types to secure, whether to encrypt structured database data and unstructured information, audit and compliance requirements, how to manage policies and keys and minimize operating costs.

Cyber threats are one of the greatest risks faced by IT organizations today. Networks serve as a key control point for cyber security, providing an access path for both inside and outside attacks. Yet networks are not easy to secure. Cyber security cannot be addressed in isolation. It must consider other variables and test them together in order to ensure an optimal solution. This process is called PASS testing since it includes performance, availability, security and scalability testing. This paper describes today's cyber threat, cyber security design challenges and the PASS testing methodology for design validation.

Download this free white paper to learn how platform-as-a-service private cloud offers enterprises one of the best ways to take advantage of cloud computing.

Missing signs that point to a possible advanced malware attack? Malware defense is a large-scale data analytics problem. If your detection technologies aren't designed to work together to rapidly process and correlate large amounts data, you'll never gain the visibility and control you need to eradicate malicious software. Traditional 'stack-based' frameworks don't work. Learn about the four cornerstones of a successful advanced malware defense and FireAMP's unique approach to each, including the: One-to-One Engine Generic Signature Engine Machine Learning Engine Advanced Analytics Engine Understand the power of bringing these engines together to form a "detection lattice" that shares critical contextual information and improves the accuracy of security-related decision making. Download this whitepaper now.

Analyst OVUM provides their insight and perspectives on Thales e-Security keyAuthority. Get the inside scoop and find out how Thales can help you provide a consistent key management and security model across heterogeneous storage environments. Organizations need to manage their keys securely and in compliance with a well understood corporate strategy. Hardware key management appliances offer the most secure key repositories. Download it now!

A Next-Generation IPS (NGIPS) offers a logical and essential progression of capabilities needed to protect networks from emerging threats. Pioneered by SourcefireŽ, and now endorsed by Gartner, the NGIPS builds on typical IPS solutions by providing contextual awareness-about network activity, systems and applications, people, and more-to promptly assess threats, ensure a consistent and appropriate response, and reduce an organization's security expenditures. The purpose of this paper is: . To describe why NGIPS is critical in defending against today's threat landscape . To list the essential ingredients of a NGIPS solution, as defined by Gartner . To map Gartner's requirements against Sourcefire's NGIPS offering . To contrast Sourcefire's NGIPS against a typical, first-generation IPS

This whitepaper discusses how IBM Security Services offer methodologies to help organizations achieve HIPAA compliance.

Theo Pozzy of Portland General Electric speaks about how his company is responding to government regulations and the importance of identity management. Using service management, Theo is able to satisfy increasing security regulations and stay compliant.

Read how Splunk enabled WhitePages, the largest on-line directory of people and businesses, to protect the site's content and the brand by monitoring abusive site traffic and learn how Splunk's in-house search eliminated a data warehouse investment.

Download this white paper, to learn how you can reduce the risk of hackers finding your site and attacking it by using automated vulnerability assessments to identify exploitable weaknesses and take corrective action.

This white paper explains the licensing and proper use of Symantec SSL Certificates for securing multiple Web servers and/or multiple domains and subdomains in the network configurations.

This paper examines how recent trends in Internet trust marks can help restore confidence in online shopping, and as concluded by at least one recent study, even induce those who do shop to spend more.

Symantec Extended Validation (EV) SSL Certificates can be a key factor in helping increase customer confidence during online business transactions. More confidence can mean more conversions for customers with EV SSL certificates.

Throughout the world, organizations are realizing that advanced intelligence capabilities consistently deliver substantial cost savings - with proactive insights on true threats, the intelligence to avoid false alarms, and the system and application availability required to preserve revenues and customer loyalty. While the benefits are clear, achieving them requires organizations to establish a formal cyber intelligence capability. This paper describes a proven, repeatable process with clearly established steps for setting up an in-house cyber security intelligence operation. It has been written to convey the fundamentals of intelligence operations, and will be most helpful to organizations still in the planning or initial stages of establishing an intelligence capability. Its content should also prove enlightening to organizations that find themselves struggling with the development and evolution of an existing intelligence capability.

Today's current economic situation underscores the importance of scrutinizing all business expenses, particularly within IT. Although point patching products may look more attractive on the surface, closer inspection often reveals hidden costs and missing capabilities. The result: fragmented patch management and weaker security posture while also being a more costly and cumbersome option for organizations to maintain.

There is hope for IT administrators seeking to gain control over the Windows environment while still offering local admin rights to the user base.

These days securing access to cloud applications is critical, yet the current approach relying on single passwords leaves businesses susceptible to compromise. Read this whitepaper to find out more how to secure your cloud based applications using Okta's MFA solution.

Unlock the true business value of IT security, and learn why companies of all sizes are choosing SaaS over on-premise solutions.

This paper explores some of the types of insider threats organizations face today and discusses monitoring and managing privileged user actions.

Learn the 9 most critical factors all small to medium-size businesses should know about data network security.

The WebPulse delivers fast and effective Web 2.0 threat protection for 75 million users worldwide. Find out more about how WebPulse can protect you!

This paper discusses the vulnerable components of SCADA systems based on analysis from Secunia while verifying the reported reported vulnerabilities.

This report presents a comparative analysis on the performance and usability of 7 security solutions from some of the world's largest security vendors

Another look at what our Research team at ESET, LLC came up with at the end of 2008 for a "top 10 things that people can do to protect themselves against malicious activity." Updated with more recent material from other members of ESET's research teams across the globe.