February 2011 Issue of SCMagazine

February 2011 Issue of SCMagazine

Feb 2011

Editorial

An accounting of the insiders

No matter your view of Julian Assange, his WikiLeaks controversy is the story that just keeps on giving, says Illena Armstrong, editor-in-chief, SC Magazine.

Update

Hackers compromise Silverpop email database; new Android trojan

A summary of what made news in January.

Debate: The model of 'trust but verify' is effective at mitigating the insider threat.

Debate: The model of 'trust but verify' is effective at mitigating the insider threat.

Company news: Verizon names Marcus Sachs as VP for national security policy

Company news: Verizon names Marcus Sachs as VP for national security policy, and other announcements

Threat of the month

THREAT OF THE MONTH

IE zero-day

2 minutes on

The evolution of the DDoS

The temporary takedown in December of a handful of websites that cut ties with controversial website WikiLeaks, including Visa and MasterCard, made national news.

Skills in Demand

Skills in demand

Companies are becoming increasingly concerned about the security of smartphones and tablets.

Me and my job

Me and my job

There are so many threats to deal with, says Michael Singer, executive director of security technology for AT&T Services.

Opinion

Privacy laws must change

Consumers have adopted personalized applications of all varieties, yet the way things stand, they must be prepared to sacrifice something at least as valuable: their ...

The great malware cover-up

What does the $4 billion network security industry do when a new attack is exposed? It plays "the great malware cover-up."

CSO's desk

Think like a chess player

The security chief of Zynga offers tips for deterring today's sophisticated attacks. They include understanding attack vectors, quantifying risk, controlling damage and being a trusted ...

Features

Internal review: The insider threat risk

Thanks to WikiLeaks and a struggling economy, the internal threat has risen to a new level of prominence. Dawn Cappelli of Carnegie Mellon describes the ...

Cybercrime: Narrowing the gap

The $1 trillion cybercrime industry is expertly - and competitively - run. Take a peek into the inner workings of these syndicates and how the ...

Ensuring efficiency: Budget issues

Still facing budgetary pressures, security execs must apply unique thinking to security spend, which might mean studying metrics, making friends and passing compliance on the ...

Last Word

Smart mobile app development

Mobile threats will soon be used to gain access to personal and business devices, says Sean Martin.

Product opener

Keeping the bad guys out

The idea of managing intrusions is a complicated one that it would be good to simplify if we can.

Group Test 1

Core Security Technologies Core Impact Professional

Core Impact Professional is, at first blush, an extremely capable pen testing tool. But it really is a lot more.

Critical Watch FusionVM Virtual All-in-One Appliance

FusionVM from Critical Watch provides a full-featured vulnerably management and configuration auditing platform that can be customized to manage vulnerabilities throughout the enterprise.

Cyberim Limited DragonSoft Vulnerability Management

The DragonSoft Vulnerability Manager provides network scanning, vulnerability evaluation, centralized risk assessment, reports and remediation in one easy-to-use tool.

eEye Digital Security Retina CS

This scanner takes the combination of the Retina Network Security Scanner and the Retina Insight reporting module and puts them together in a full Compliance ...

GFI LANguard

With this product, administrators can quickly launch scans, analyze the results and deploy suggested remediation to vulnerable machines throughout the enterprise – all from one ...

Lumension Scan

With Lumension Scan, administrators can easily run comprehensive vulnerability and configuration assessment scans across the entire network environment.

ManageEngine Security Manager Plus

This application can run vulnerability scans, detect open ports, run patch management and manage changes to Windows files, folders and registries.

McAfee Vulnerability Manager

The McAfee Vulnerability Manager provides a full vulnerability management tool for the large enterprise.

netVigilance Internal Scan – Cloud Edition

The Internal Scan – Cloud Edition from netVigilance provides vulnerability assessment from the outside looking in.

SAINT integrated vulnerability assessment

This appliance brings all the features of SAINTscanner, SAINTexploit and SAINTmanager into one box that is ready to go right off the shelf.

SecPoint ApS The Penetrator

This product has been designed to scan for vulnerabilities and to try to penetrate them.

Tenable Network Security Nessus ProfessionalFeed

A lightweight, no-frills network vulnerability scanner.

Group Test 2

CounterSnipe APS v4.0.3

The APS from CounterSnipe is a combination of intrusion prevention software, host/application discovery, vulnerability detection and intelligent alert management.

McAfee Network Security Platform v6.0

This network intrusion prevention system delivers inline threat prevention and detection capabilities through a combination of protocol discovery and analysis, heuristics, behavior analysis and cloud-based ...

NitroSecurity NitroGuard IPS 4245 v8.4.2

An intelligent packet-filtering system that detects sophisticated network intrusion attempts and actively records and/or stops such attempts.

Sourcefire Next-Generation IPS v4.9

A distributed appliance-based offering modeled on the Snort detection engine.

Top Layer Security IPS 5500 Model 75EC v6.12

A standalone, purpose-built IPS.

First Look

Moving authentication to the infrastructure

ActivIdentity 4TRESS Authentication Appliance for Banking v 7.0

Sign up to our newsletters

POLL