security controls

Results 1 - 25 of 156Sort Results By: Published Date | Title | Company Name
Published By: Akamai Technologies     Published Date: Jun 14, 2018
"Existing security controls are outmatched — at best static and reactive. Current layers likely aren’t protecting you against all attack vectors, like the vulnerable back door that is recursive DNS. And security mechanisms that frustrate, impede, or disallow legitimate users, devices, or applications will have low adoption rates and/or will curtail productivity. Benign users may even circumvent these processes, further undermining your corporate security posture and creating more gaps in your defense-in- depth strategy. One of the many use cases associated with a zero trust security strategy is protecting your network — and most importantly, your data — from malware. "
Tags : 
dns, rdns, security, zero trust security, malware, data, network security
    
Akamai Technologies
Published By: Akamai Technologies     Published Date: Dec 11, 2018
Existing security controls are outmatched — at best static and reactive. Current layers likely aren’t protecting you against all attack vectors, like the vulnerable back door that is recursive DNS. And security mechanisms that frustrate, impede, or disallow legitimate users, devices, or applications will have low adoption rates and/or will curtail productivity. Benign users may even circumvent these processes, further undermining your corporate security posture and creating more gaps in your defense-in- depth strategy. One of the many use cases associated with a zero trust security strategy is protecting your network — and most importantly, your data — from malware.
Tags : 
    
Akamai Technologies
Published By: Akamai Technologies Australia     Published Date: Feb 08, 2018
Credential stuffing is on the rise. Bots are getting smarter and malicious actors are getting more confident. Unfortunately, these advanced cyberattacks are also becoming more difficult to detect with standard security controls. Learn more about credential stuffing and how you can protect your business, your brand, and your customers from bots that commit fraudulent activity.
Tags : 
credential, bots, business, risk, management, security, cyberattacks
    
Akamai Technologies Australia
Published By: Alert Logic     Published Date: May 23, 2019
In our first cyber security checklist, we provided a security overview and best practices to help organizations prevent an initial compromise from occurring. In this guide, we will help you understand practical steps you can take to mitigate techniques attackers use once they have penetrated your defenses. Once attackers have access to a machine, they can evade detection by using fileless techniques and legitimate system administration tools to do their dirty work. With this checklist, you will have a guide to help mitigate the impact of an attacker. Lastly, we will hep you understand how partnering with a company like Alert Logic can provide better defenses to stop attackers in their tracks. This checklist helps to explain how to: • How to manage and limit PowerShell access • Securing and utilizing Windows Management Instrumentation (WMI) • Ways to apply application controls • Following the principle of least privilege and applying access controls • What to monitor for to help uncover
Tags : 
    
Alert Logic
Published By: AlienVault     Published Date: Oct 21, 2014
When dealing with ransomware threats like CryptoWall, which encrypt your data and demand payment to unlock it, spotting infections quickly is critical in order to limit the damage. AlienVault USM uses several built-in security controls working in unison to detect ransomware like CryptoWall, usually as soon as it attempts to connect to the command and control server. Watch this demo on-demand to see how AlienVault USM detects these threats quickly, saving you valuable clean-up time and limiting the damage from the attack.
Tags : 
vulnerability, management, risk, prioritize, profile, environment, data, asset value
    
AlienVault
Published By: AlienVault     Published Date: Jun 05, 2015
Practical security controls that won't break the bank
Tags : 
threat management, security, network, web application, network
    
AlienVault
Published By: AlienVault     Published Date: Mar 30, 2016
Whether you’re part of a security team or a one-man show, this guide will teach you what data your SOC needs to operate effectively and what methods and tools you can use to gather that data.
Tags : 
    
AlienVault
Published By: AlienVault     Published Date: Mar 30, 2016
The CIS Critical Security Controls (CSCs) provide 20 controls that organizations of any size can use to improve their security posture and reduce the risk of cyber threats to critical assets, data, and network infrastructure. The AlienVault USM platform, with its built-in essential security capabilities and integrated threat intelligence, can help organizations implement these controls quickly and effectively. This document describes how the AlienVault USM platform maps to each of the CIS CSCs.
Tags : 
    
AlienVault
Published By: AlienVault     Published Date: Mar 30, 2016
The public demands accountability for data breaches involving systems that include personally identifiable information (PII) and expects that all educational institutions will have the same levels of security that Fortune 500 companies do. However, most educational institutions have fewer IT security resources than their larger enterprise counterparts, yet they face the same threats from attackers. Fortunately, there are solutions. This whitepaper by SANS instructor Jake Williams walks through an example of a typical breach in an education organization, highlighting common ways attackers gain access to a network and practical steps to reduce risk. Download this whitepaper to learn: • Common security gaps that make educational institutions vulnerable to attack • Practical security controls that won't break the bank • Key questions to evaluate security vendors • A checklist summarizing steps you should take now to improve security
Tags : 
    
AlienVault
Published By: AlienVault     Published Date: Oct 20, 2017
Maintaining Payment Card Industry Data Security Standard (PCI DSS) compliance can be both difficult and expensive. For most small to medium sized organizations, it doesn’t have to be as long as you have the right plan and tools in place. In this paper you’ll learn five steps to implement and maintain PCI DSS compliance at your organization by: • Determining your true business requirements • Inventorying locations and assets • Segmenting environments • Operationalizing controls • Automating controls and control reporting Demonstrating compliance with PCI DSS is far from a trivial exercise. This checklist will help you on your quest to achieve and maintain PCI DSS compliance.
Tags : 
    
AlienVault
Published By: AlienVault     Published Date: Oct 20, 2017
The security-oriented rule of the Health Insurance Portability and Accountability Act (HIPAA) is designed to ensure the confidentiality, integrity, and security of ‘electronic protected health information’ (ePHI). However, to comply with the Security Rule and to demonstrate that security controls are in place and working is no easy task, especially for today’s resource-constrained IT security teams. AlienVault® Unified Security Management™ (USM) helps you to accelerate your path to HIPAA compliance and simplifies maintaining your HIPAA certification thereafter. With multiple essential security capabilities together into a single platform, AlienVault USM gives you an affordable and easy-to-use solution to satisfy the HIPAA Security Rule, and provides highly customizable, predefined HIPAA compliance reports out of the box, making it fast and simple to get the visibility you need to maintain your organization’s security posture.
Tags : 
    
AlienVault
Published By: Anaplan     Published Date: Mar 29, 2018
To support these principles, Anaplan was deliberately crafted as a highly distributed global company that allows for significant resiliency against threats and disasters. All functions within Anaplan are geographically distributed across the globe, reducing risks associated with regional events. The U.S. offices host most of the sales, marketing, and support activities. Staff in the U.K. and Singapore offices provide regional coverage, in addition to backup support.
Tags : 
anaplan, architecture, security, controls, geographically, regional, global
    
Anaplan
Published By: ArcSight     Published Date: Mar 04, 2009
Whitepaper highlighting the twelve PCI DSS requirements and the technology necessary to address the PCI DSS 1.2 requirements.
Tags : 
pci dss, pci dss 1.2, log management, arcsight logger, siem, payment card industry, pci, dss
    
ArcSight
Published By: AWS     Published Date: Oct 07, 2019
DigiCert implemented Imperva to protect their hybrid environment. They were already using Imperva’s WAF on-premises to defend against Layer 7 attacks, known threats, and zero-day attacks to rapidly identify the threats that required investigation. By expanding their usage of Imperva, DigiCert was able to extend protection to AWS and maintain their security posture both during and after migration. Imperva’s sophisticated threat detection technology draws upon vast experience in the WAF market. As traffic passes through their network, advanced client classification technology (together with crowdsourcing and IP reputation data) automatically analyzes it to identify and block web application attacks. These include SQL injection, cross-site scripting, illegal resource access, comment spam, site scraping, malicious bots, and other top threats. Granular filters and controls reduce false positives and prevent access from unwanted visitors, while IP address shielding hides the web server’s IP
Tags : 
    
AWS
Published By: BlackBerry Cylance     Published Date: Jul 02, 2018
Matthew Coy, Safelite’s Vice President of Information Technology, is responsible for overseeing all aspects of the company’s IT infrastructure, including selecting, administering, and supporting technology products. The company handles personally identifiable information, including credit card information and insurance data collected from several sources, and must comply with insurance industry regulations and the Payment Card Industry Data Security Standard. Safelite is the target of constant external attacks. The organization experienced ongoing security issues stemming from infected software, drivebys and other malicious downloads. According to Matthew, “A lot of malware and email viruses were making it through the environment, all bypassing our email security and AV.” Not only were the security controls ineffective, the previous AV platform required nearly 150 hours per week to manage. Matthew knew Safelite needed to make a change, and fast. Having worked with Cylance® at two previous companies, he was confident CylancePROTECT® could significantly improve Safelite’s endpoint security. Read the full case study to learn about the results Cylance was able to deliver.
Tags : 
safe, lite, cybersecurity, data
    
BlackBerry Cylance
Published By: CA Mainframe     Published Date: Sep 12, 2008
Compliance requires strong security controls for mainframe environments also. This white paper discusses some major challenges that mainframes bring to compliance, and some key issues that need to be addressed. It also presents some key technologies and approaches that you can use to help you achieve easier compliance for your mainframe systems.
Tags : 
ca mainframe, mainframe, compliance
    
CA Mainframe
Published By: CA Technologies     Published Date: Jan 09, 2015
This paper focuses on the Insider threat to security and the controls available to reduce risk and enable information sharing within an organization.
Tags : 
insider threats to security, reducing risk of insider threats, enabling safe data sharing, ca security
    
CA Technologies
Published By: CA Technologies     Published Date: Aug 22, 2017
The Payment Card Industry Data Security Standard (PCI DSS) was first introduced in 2004 to increase controls over credit card holder data and to reduce the chances of credit card fraud. Validation is required annually and over the years, it has evolved with new revisions periodically. The latest one, version 3.2 came into force in April 2016. Until the end of January 2018, PCI DSS and Payment Application Data Security Standards (PA-DSS) are considered best practice to implement, and starting February 1, 2018, are considered a requirement.
Tags : 
    
CA Technologies
Published By: CA Technologies     Published Date: Aug 22, 2017
Organizations undergoing digital transformations are dealing with amplified concerns around risk and security, which isn’t surprising. Digital transformation initiatives inevitably result in more points of access to enterprise infrastructure that are outside of existing controls, accessible by a greater number and more diverse set of identities, and proliferated across a distributed and dynamic infrastructure.
Tags : 
    
CA Technologies
Published By: CA Technologies     Published Date: Jun 01, 2018
Challenge Businesses today must reduce the risk of security breaches to protect the valuable data within their organizations. At the same time, IT auditors are increasingly enforcing ever more stringent requirements on the business. The bottom line is that privileged accounts and privileged access are being targeted by hackers as a new attack surface and focused on by auditors who are insisting on greater controls around privileged accounts. Opportunity The right privileged access management solution provides comprehensive protection for your missioncritical servers with powerful, fine-grained controls over operating system-level access and privileged user actions. Capable of enforcing access controls on powerful native Superuser accounts—like the UNIX® and Linux® root and Microsoft® Windows® administrator—this system-level, host-based privileged access management solution controls, monitors and audits privileged user activity, improving security and simplifying audit and compliance. B
Tags : 
    
CA Technologies
Published By: CA Technologies EMEA     Published Date: Aug 03, 2017
GDPR compliance can be achieved through a combination of people, processes and technology. This document has described solutions that can help organizations with their GDPR journey. But you can extend that protection and strengthen security controls even further via strong and risk authentication or workload automation for the processing automation of personal data helping you comply with GDPR as well as similar mandates. Regulations tend to set the minimum standards to be required, but in the application economy, open enterprises must ensure due diligence to protect one of the most important and critical assets: private customer information.
Tags : 
identity management, privileged user access, secure privileged credentials, secure hybrid it
    
CA Technologies EMEA
Published By: CA Technologies EMEA     Published Date: Aug 03, 2017
For organizations with additional security requirements for high value servers hosting business-critical assets, CA Privileged Access Manager Server Control provides localized, fine-grained access control and protection over operating system-level access and application-level access. Agent-based, kernel-level protection is available for individual files, folders and specific commands based on policy and/or finedgrained controls on specific hosts.
Tags : 
identity management, privileged user access, secure privileged credentials, secure hybrid it
    
CA Technologies EMEA
Published By: CA Technologies EMEA     Published Date: Apr 10, 2018
Challenge Organizations undergoing digital transformations are dealing with amplified concerns around risk and security, which isn’t surprising. Digital transformation initiatives inevitably result in more points of access to enterprise infrastructure that are outside of existing controls, accessible by a greater number and more diverse set of identities, and proliferated across a distributed and dynamic infrastructure. Opportunity Knowing your privileged users is knowing your risk. Privileged access management tools themselves must be able to support automation in the authorization process and enable scalability through support for both dynamic operations and ephemeral infrastructure. Benefits Better pinpointing attacks exploiting credential theft isn’t simply a question of accumulating more data but involves incorporating better data about privileged user behaviour, which can identify significant changes that represent real risk.
Tags : 
    
CA Technologies EMEA
Published By: CDW-Trend Micro     Published Date: Mar 26, 2015
Organizations around the world are embracing the economic and operational benefits of cloud computing. Whether organizations are extending internal resources or fully deploying on Microsoft Azure, the ability to take advantage of the business benefits of cloud require that organizations continue to meet key security requirements. Azure delivers a trusted cloud infrastructure on which customers can design, build and manage their own cloud applications and infrastructure. While Azure provides security controls for the infrastructure and change to virtualization layers, deploying organizations are responsible for deploying and maintaining security for the guest operating systems, applications, and data in order to protect against malware attacks, zero-day vulnerabilities and data breaches. Read this white paper to lean more about Trend Micro Instant-On Cloud Security for Microsoft Azure.
Tags : 
cloud security, microsoft azure, cloud computing, cloud infrastructure, malware attacks, data breaches, trend micro
    
CDW-Trend Micro
Published By: CEB     Published Date: May 19, 2014
This document helps general counsel identify potential information technology issues that may create legal or regulatory risks. General counsel should use the ten questions and our guidance on what to listen for in the CIO's response to pressure test the company's IT management and security controls.
Tags : 
ceb, cio, information risk, it management, security controls, general counsel, regulatory risks
    
CEB
Start   Previous   1 2 3 4 5 6 7    Next    End
Search Resource Library