The rapid pace of attacks and shortage of expert security talent have driven the security industry to embrace the notion of pooling data resources and orchestrating actions across vendors, open source projects, and internal development efforts.
The OpenDXL initiative puts the power of integration and automation in...
Published: Apr 06, 2017
Security monitoring has been a foundational element of security programs for over a decade. The initial driver for separate security monitoring infrastructure was the overwhelming amount of alerts flooding out of intrusion detection devices, requiring some correlation to determine which mattered.
Security analysts...
Published: Apr 06, 2017
Thanks to a massive paradigm shift in the way business is conducted, companies rely more and more heavily on digital environments every day.
This SANS survey investigates how organizations are handling data breach prevention by asking key questions like:
What measures have respondents implemented that they...
Published: May 03, 2017
With malware attacks growing more sophisticated, swift, and dangerous by the day — and billions of dollars spent to combat them — surprisingly few organizations have a grip on the problem. Only 20 percent of security professionals surveyed by Information Security Media Group (ISMG) rated their incident response...
Published: Mar 05, 2014
In this unprecedented period of advanced persistent threats (APTs), organizations must take advantage of new technologies to protect themselves. Detecting APTs is complex because unlike intensive, overt attacks, APTs tend to follow a “low and slow” attack profile that is very difficult to distinguish from normal,...
Published: Aug 20, 2014
Over the past !ve years, applications—particularly web applications—have been increasingly leveraged as a top vector of attack.
With the trend toward mobile applications and cloud computing, SANS decided to conduct this !rst SANS survey on application security to focus on understanding what works in application...
Published: Apr 24, 2014
Data and applications reside everywhere, on the network, endpoints, and in the constantly evolving cloud ecosystem.
As a result, organizations are now faced with securing a multitude of applications, users, devices and infrastructures – all hosting sensitive data that is critical to business operations, reputation,...
Published: May 25, 2017
Symantec Code Signing creates a digital "shrink-wrap" for secure distribution of code and content over the Internet. Symantec Code Signing adds a level of trust by providing third-party authentication of the code signer, recognized worldwide.
Published: Jun 24, 2014
Today, numerous surveys of IT decision makers cite the issue of security and availability as the major impediment to the adoption of cloud computing. After a string of high-profile attacks against financial services companies and online retailers, Internet data centers are increasingly the targets of hackers and cybercriminals...
Published: Sep 15, 2013
Some applications and data require additional security due to rigorous contractual or regulatory requirements. Until now, companies had to store sensitive data (and/or the encryption keys protecting it) in on-premise data centers.
Unfortunately, this either prevented migration of these applications to the AWS cloud...
Published: Nov 04, 2013
Every year, the public relations specialists from at least one blue-chip company invariably find themselves working around the clock on a crisis communications effort, attempting to explain to an angry and justifiably fearful public what led to their company compromising customer data.
There’s always an immediate...
Published: Sep 29, 2014
Java vulnerabilities have dominated the security headlines. Some observers now say organizations should simply turn off the ubiquitous software platform. But what if there were a better way?
Published: Aug 25, 2014
The 2013 edition of the FireEye Advanced Threat Report analyses more than 40,000 advanced attacks across the globe to map out the latest trends in advanced persistent threat (APT) attacks. Leveraging real-time threat intelligence from millions of security alerts across customer deployments, FireEye tracked more than...
Published: Jun 13, 2014
This paper will explore how TLS works, best practices for its use, and the various applications in which it can secure business computing
Published: Sep 23, 2014