April 2013 Issue of SCMagazine
April 2013 cover
Among the humdrum there are cyber events cropping up here and there that breed excitement.
This month's news briefs includes recent news on Mandiant uncovering China's cyber espionage efforts, security firm Bit9's breach, and the Obama administrations latest efforts on ...
This month's company news features new additions to the dinCloud, Tripwire, and Crocus Technology, as well as Bluebox Security's new research team that will analyze ...
Threat of the month
April's "threat of the month" are Universal Plug and Play (UPnP) vulnerabilities, which allow attackers to execute arbitrary code.
2 minutes on
Prioritization is a key part of the patching strategy of any customer, says SC Magazine's Dan Kaplan.
Skills in Demand
There is a growing demand for IT-GRC-focused data and metrics analysts, says security recruiter Jeff Combs of L.J. Kushner & Associates.
Me and my job
A brief Q&A with Blake Frantz, director of benchmark development, security benchmarks division, Center for Internet Security (CIS).
In this month's debate, two experts discuss whether or not China is the top cyber threat to the United States.
Unfortunately, data security and regulatory compliance requirements do not evaporate in the public cloud, says Vormetric's Ashvin Kamaraju.
Thanks to BYOD, gone are the days of one single mobile device manufacturer or model to support, says Dimension Data Americas' Darryl Wilson.
Cyber espionage is at an all-time high, and businesses across the United States are being targeted and breached, says Phillip Ferraro, CISO, DRS Integrated Defense ...
The ever-increasing use of personal devices has tested enterprise defenses, so plans must be created to meet the challenge, reports James Hale.
There are steps security pros can take to achieve greater peace of mind with cloud implementations, reports Alan Earls.
Health providers have pressing reasons to now embrace security, says INTEGRIS Health's John Delano. Karen Epper Hoffman reports.
Are there ways to catch sophisticated malware that hides in trusted processes and services? Deb Radcliff finds out.
Espionage and fraud in cyber is not an armed conflict, says SystemExpert's Jonathan Gossels.
This month we look at security information and event management (SIEM) tools.
Group Test 1
AlienVault’s Unified Security Management (AV-USM) platform combines open source technologies for asset discovery/inventory, vulnerability assessment, threat detection, behavioral monitoring and security intelligence/event correlation.
LOG Storm combines log management and security information management with correlation technology, real-time monitoring and an integrated incident response system.
CorreLog Enterprise Server combines real-time log management with correlation, auto-learning functions, high-speed search, ticketing and reporting services.
SecureVue provides all of the elements one would expect in a SIEM.
EventTracker Enterprise is comprehensive. It is designed to be scalable to address multiple locations, business units and domains using the EventTracker Stand-Alone, Collection Point and ...
GFI EventsManager collects, centralizes, normalizes, consolidates and analyzes a wide range of log types.
The HP ArcSight Express appliance features a full set of SIEM capabilities.
The LogRhythm appliance goes way beyond traditional security event monitoring and management.
The Enterprise Security Manager is the ultimate high-powered SIEM.
Sentinel from NetIQ offers a lot of robust SIEM features and functions.
The SolarWinds Log & Event Manager is a virtual appliance capable of collecting logs and events from almost any network-connected device and then correlating that ...
The ManageEngine EventLog Analyzer from Zoho is a small application that provides a lot of functionality.
FortiDDoS is an appliance that examines data packets in a variety of ways to separate DDoS packets from legitimate packets.
Sign up to our newsletters
SC Magazine Articles
- Microsoft report explores dangers of running expired security software
- Survey: real-time SIEM solutions help orgs detect attacks within minutes
- Vulnerabilities identified in three Advantech products
- Android malware 'NotCompatible' evolves, spawns resilient botnet
- State Department hack may be tied to White House network breach
- Operators disable firewall features to increase network performance, survey finds
- Waste no time patching Windows Schannel, OLE bugs, experts warn
- Study: 68 percent of healthcare breaches caused by loss or theft of devices, files
- Spin.com redirects to Rig Exploit Kit, infects users with malware, Symantec observes
- Upping the ante: PCI Security Standard
- Study: Third of employees use company devices for social media and online shopping
- 'DoubleDirect' MitM attack affects iOS, Android and OS X users
- Swedish appeals court nixes Assange's plea
- Critical XSS vulnerability addressed in WordPress
- The Internet of Things (IoT) will fail if security has no context