Intrusion Prevention

Best Identity Management & Best Intrusion Detection/Prevention

By

Throughout the day, SC Magazine will be announcing the finalists from each of its 32 award categories, covering the Reader Trust, Professional and Excellence sections.

When no one solution is best, an "ecosystem" emerges

When no one solution is best, an "ecosystem" emerges

To fight today's sophisticated adversaries and protect the nation's digital infrastructure, the cybersecurity industry must unite technologies, develop new ones and cultivate experts.

DHS seeks increased cybersecurity funds for 2012

By

Department of Homeland Security (DHS) Secretary Janet Napolitano this week campaigned before federal lawmakers in support of her agency's portion of President Obama's $3.7-trillion proposed budget.

Report finds US-CERT mishandling cybersecurity role

By

The Department of Homeland Security (DHS) division tasked with coordinating the cyber defense of federal agencies is falling short in several areas, according to an inspector general report released Wednesday.

Firewall revolution or evolution?

Firewalls are again becoming talk of the town. There are an enormous amount of opinions including claims of a recent firewall revolution that have been proposed to completely change the firewall landscape. I will be the first to admit that the features and capabilities offered in today's firewall products are not the same as was offered in their original incarnation. But then again, traffic patterns and applications are not the same as they were when firewalls first hit the market.

Why intrusion prevention systems fail to protect web applications

There is overwhelming evidence in reports such as the SANS Top Cyber Security Risks and the Verizon Data Breach Investigation Report that web applications are the Achilles' heel of most networks and criminals know it. In order to protect web applications, the network security paradigm has to shift from "Keep People Out" to "What Are They Doing?" and the IT infrastructure spending needs to follow suit.

HP buys 3Com in mega $2.7 billion deal

By

Hewlett-Packard announced Wednesday plans to acquire 3Com, whose TippingPoint subsidiary is one of the best-known providers of intrusion prevention systems.

NASA hacker makes extra-judicial appeal

By

Accused NASA hacker is running out options to avoid extradition to the United States.

Forrester: The good and bad of security technologies

By

A new report says web application firewalls and intrusion prevention systems are necessary technologies for many businesses, but intrusion detection systems and network behavior anomaly detection technologies are declining in popularity.

Report: NSA will monitor government networks

By

The National Security Agency will assist in a new program to monitor government traffic on private-sector computer networks, as part of a new program called Einstein 3, according to a published report.

RSA: The fundamental challenge of security versus privacy

By

A fundamental tension exists in balancing individual privacy rights and the collective right to security, Gary McGraw, CTO of application security vendor Cigital said at the RSA Conference Tuesday.

Cyberattack repairs cost Pentagon $100 million in six months

By

The Pentagon has spent more than $100 million in the past six months repairing damage to its networks caused by cyberattacks, according to military officials.

GhostNet spy network phishes international victims

By

The recently uncovered cyberespionage network named GhostNet made use of phishing malware to attack the nearly 1,300 computers that are said to have been compromised by servers traced to China.

Web apps account for 80 percent of internet vulnerabilities

By

Vulnerabilities in web applications made up 80 percent of all web-related flaws in the second half of 2008 and rose in prevalence by about eight percent from the first half of the year.

Conficker worm variant kills security processes

By

Computer systems that are already infected by the Conficker worm are being pushed a new component that kills protective security processes.

Web filtering evolves to meet changing threats

By

Web filtering today goes beyond just blocking access. It now has to be integrating Web 2.0, managing data leakage, and guarding against malware coming in, according to a new study.

Government computers under attack

By

Attacks on government computer networks increased sharply in 2008, but the new administration's focus on cybersecurity may help thwart future attacks.

Trustwave acquires NAC vendor Mirage Networks

By

Managed security vendor Trustwave will add network access control (NAC) technology to its suite of solutions with its acquisition of Mirage Networks, the company announced Tuesday.

StillSecure, ProtectPoint unite

StillSecure has acquired ProtectPoint Security, a managed security services provider. The deal, announced Monday, helps round out StillSecure's line of NAC, IDS/IPS and vulnerability management products, the company said. Teams from both companies will integrate manufacturing and management efforts to build and manage network security. Terms of the deal were not disclosed; both companies are privately held. — CAM

Geeks.com settles with FTC

By

An online computer supplies and electronics retailer settled Federal Trade Commission charges that it violated federal law by not providing adequate security to protect customer data, the agency announced Thursday.

Data Privacy Day celebrates the safeguarding of information

By

Companies around the globe are recognizing the second annual Data Privacy Day on Wednesday with seminars and other events aimed at educating users and generating discussion around the topic.

NIST releases draft guidelines for data protection

By

NIST this month released draft recommendations that federal agencies -- and their contractors -- should follow to protect the confidentially of personally identifiable information.

Accused hacker hopes guilty plea can keep him from U.S.

By

There appears to be one more chance for accused NASA hacker Gary McKinnon to avoid extradition to the United States.

Congressman seeks discussion on House cybersecurity

By

One of the congressmen who admitted last year that his office computers were hacked wants to raise cybersecurity awareness on Capitol Hill.

VeriSign switches to new hash function to secure SSL certs

By

The news comes after a serious weakness was revealed last week in the MD5 cryptographic hash function.

Phishing scam hits Twitter

By

Twitter users had their account credentials stolen in a massive, still ongoing phishing campaign.

MD5 insecurity affects all internet users

By

Certification Authorities that have not moved to a more secure cryptographic hash function than MD5 have come under fire in the security world.

Hackers find hole to create rogue digital certificates

By

Research presented at the 25th Chaos Communication Congress in Berlin demonstrated how an attacker could impersonate any website, including those secured by the HTTPS protocol.

Fending off network attacks: University of Miami and Top Layer

By

With attackers shifting their focus to applications, the IT team at University of Miami, Miller School of Medicine, decided it was time to upgrade the school's intrusion prevention solution, reports Greg Masters.

State Department snoop sentenced

By

A former employee of the U.S. Department of State was sentenced for unauthorized access to a database containing passport applicants' confidential information.

Sign up to our newsletters

POLL