April 2014 Issue of SCMagazine
This month's issue includes our cover story on the next steps in authentication, plus features on botnets, a mobile case study and our annual "Global Data Breach" survey to give insight on the state of information security.
Despite the bullishness around information security planning and budgeting seen in the results of our survey, we're still seeing breaches like those experienced by Target
This month's news briefs includ revelations at the RSA Conference 2014 in San Francisco, new malware, zero-day fixes and more security news.
In this month's debate, experts discuss whether whistleblower Edward Snowden should be granted amnesty.
This month's company news features a new CTO at McAfee, Bit9 merging with Carbon Black, and a partnership between Qualys and AlgoSec.
Threat of the month
This month's vulnerability is currently being exploited by a worm known as "TheMoon."
2 minutes on
Following the recent headline-making breaches at Target and Neiman Marcus, as well as the secrets exposed by Edward Snowden, the question is: Who cares?
Skills in Demand
Organizations are in search of qualified cloud security architects to assist with migrating the business to the cloud.
Me and my job
James Hill senior security architect, Consolidated Data Services (CDS), discusses his role at his organization.
Many CIOs are still unsure what role governance should play in their data archiving strategy.
Growth businesses are always looking for flexible ways of working that reduce capital and running costs, while securely delivering the data users need, when and ...
SIEMs today are powerful beasts and they are necessary - if not always sufficient - for the protection of your enterprise.
Watching highly publicized supply-chain disasters unfold, we shake our heads in disbelief - but what supply chain risks are you taking today that would be ...
Some advice from pros for keeping your infrastructure out of the snares of a botnet. Alan Earls reports.
"Smart identification" is just one strategy seeking to replace passwords, says Google's Eric Sachs. Karen Epper Hoffman reports.
With the addition of 15,000 mobile devices accessing its network, a medical center found assurance - and met compliance mandates, reports Greg Masters.
Will recent high-profile cyber attacks spur stronger security and improved risk management? The consensus from our data breach survey indicates: Yes, reports Teri Robinson.
Choosing the right allies to ensure security requirements is a challenge for businesses both large and small, reports James Hale.
Group Test 1
AlienVault’s Unified Security Management product is an excellent introductory SIEM appliance.
LOG Storm from BlackStratus combines log management and correlation systems with real-time monitoring and an integrated incident response system all on one easy-to-deploy and use ...
System administrators looking to extend their logging capabilities, or security professionals needing to gain deeper insights into their computing environments, might start their search with ...
SecureVue from EiQ Networks provides log gathering, correlation and analysis services for numerous operating systems, network and security devices, combining these services into a solid ...
This feature-rich tool is designed to meet the needs of organizations of all sizes. It hits all the marks for an enterprise SIEM.
HP’s ArcSight ESM is a mature product that collects events from virtually any source.
Combining SIEM, log management, file integrity monitoring and analytics with powerful forensic tools, LogRhythm v6.2 offers security professionals a powerful monitoring and auditing platform to ...
Enterprise Security Manager from McAfee is a truly enterprise-grade SIEM. Able to process thousands of events per second and store billions of events and flows, ...
NetIQ’s SIEM helps to quickly identify and respond to threats and to simplify management and compliance reporting. It delivers scalable log collection, aggregation, correlation, and ...
The SolarWinds Log & Event Manager (LEM) offers a quality set of log management, event correlation, search and reporting facilities.
X1 is an agentless SAP auditing tool that is able to map out entire SAP landscapes and display any insecure configurations on the individual elements ...
Recent breaches prompt a new emphasis on education and corporate culture, says Allegis Capital's Bob Ackerman.
Sign up to our newsletters
SC Magazine Articles
- Long list of devices believed to be affected by NetUSB vulnerability
- Website observed serving 83 executable files, more than 50 percent malware
- Scammers target oil companies with sneaky attack
- CareFirst BlueCross BlueShield breached, more than one million individuals notified
- TeslaCrypt used to extort over $76K in recent months
- Hackers exploit Starbucks auto-reload feature to steal from customers
- Study: Nearly all SAP systems remain unpatched and vulnerable to attacks
- Former Nuclear Regulatory Commission employee arrested for alleged spear phishing campaign
- Millions of WordPress websites vulnerable to XSS bug
- FireEye first cybersecurity firm awarded DHS SAFETY Act certification
- Thousands of Bellevue Hospital Center patients notified of data breach
- Study: 86 percent of websites contain at least one 'serious' vulnerability
- Investigation ongoing in reported multimillion member Adult FriendFinder breach
- Report: $19M breach settlement between MasterCard, Target terminated
- FTC gives thumbs up to companies that cooperate during breach probes