These emerging players deserve a hard look. They offer comprehensive, professionally delivered security services. Some are pioneering cloud-based delivery, and others resell their services through a growing MSSP reseller channel. All are growing at rates of 30% to 40% per year and have great technical depth and flexibility....
Published: Jun 12, 2014
Attacks don’t operate in silos, but many security programs do. Fragmented security technologies and inefficient event response leave organizations severely vulnerable to sophisticated threats.
To be successful, organizations need to combine accurate, integrated network security with a consolidated, intelligent...
Published: May 15, 2013
Over the past !ve years, applications—particularly web applications—have been increasingly leveraged as a top vector of attack.
With the trend toward mobile applications and cloud computing, SANS decided to conduct this !rst SANS survey on application security to focus on understanding what works in application...
Published: Apr 24, 2014
The EV certificate standard was developed by the CA/Browser Forum, an independent industry group, which also developed auditing guidelines to define and control the procedures used to validate and issue these certificates.
When an EV certificate is in use, web browsers provide enhanced visual cues, making it clearer...
Published: Oct 14, 2014
Cyber criminals do not just develop one attack and then abandon it after one use. Rather, they seek to make their software usable for as long as possible. Evasion techniques allow known threats to circumvent detection by security products.
Research indicates that cyber criminals perform their own testing and make...
Published: Nov 15, 2013
The Modern Malware Review presents an analysis of 3 months of malware data derived from more than 1,000 live customer networks using WildFire™ (Palo Alto Networks™ feature for detecting and blocking new and unknown malware).
The review focuses on malware samples that were initially undetected by industry-leading...
Published: Jun 12, 2014
This paper highlights the current growth and trends in today’s phishing schemes, the potential impact on companies, and insight into how businesses can apply technology to protect themselves and their customers.
Published: Aug 07, 2014
Java was originally released with the slogan “write once, run anywhere,” which was intended to underscore its cross-platform capabilities.
Over time, Java has become ubiquitous on endpoints, so “run anywhere” can be interpreted as referring to its ubiquity. Even as fewer websites and Web applications...
Published: Apr 23, 2014
Unified threat management (UTM) systems are among the most widely used tools in the information security arsenal. The concept of unified threat management is very appealing: multiple critical security technologies, integrated on a single platform, provided by a single vendor
Published: Mar 31, 2014
This is the first report of its kind to discuss application usage patterns and the specific type of threat they may or may not introduce.
The application and threat patterns observed dispels the position that social networking, filesharing and video applications are the most common threat vectors and it reaffirms...
Published: Jul 02, 2014
The field of cybersecurity is growing quickly; so quickly that there are positions sitting open waiting to be filled by qualified individuals. Are you one of those people ready to make a change in your career towards the future?
As a society, we have all become heavily dependent on computers, network, and data stores....
Published: Mar 31, 2014
If you are responsible for network security, you need to understand how to prevent attacks by eliminating network weaknesses that leave your business exposed and at risk.
Whether your network consists of just a handful of computers or thousands of servers distributed around the world, this newly revised, 6-part...
Published: Aug 08, 2014
Based on interviews with those engaged at the sharp end of public sector IT security, combined with a Kable review and analysis of current security documentation, this guide illustrates how public sector bodies are tackling the issue.
Its chief aim is to provide CIOs and those in charge of data security with current...
Published: Jan 09, 2014
This technical paper is prepared from an interview with Senetas CTO Julian Fay, in which these topics are discussed and practical considerations given for using encryption on VPNs to enhance organizations’ data security.
Published: Jan 14, 2014