February 2014 Issue of SCMagazine

February 2014 Issue of SCMagazine

This month's issue includes features on advanced malware and contributed articles that give insight on the state of information security.


All apologies as they drain you again

Following revelations of a massive breach during the holidays, Target announced it will be investing some $5 million in a cyber security coalition, researching cyber ...


News briefs: The NSA/RSA collaboration, Target breach, and more

Reuters reveals that RSA collaborated with the NSA, plus breaches at Target, Affinity Gaming and Snapchat, and other industry news.

Debate: Big Data for security analytics is ready for prime time.

In this month's debate, experts discuss the importance of Big Data analytics in the industry today.

Company news: Schneier joins Co3 Systems and McAfee's name change

Our company news features Co3 Systems' new CTO, McAfee phasing out its brand name, and Blue Coat Systems acquiring Norman Shark.

Threat of the month

Threat of the month: Government agencies

The continued leak of classified government intelligence documents by Edward Snowden draws into question the balance of offensive and defensive capabilities of governments.

2 minutes on

Physical security in the digital realm

IT pros tend not to spend much time pondering whether physical access to a computer system is locked down.

Skills in Demand

Skills in demand: Information assurance professionals

As has been the trend, 2014 will usher in new U.S. government regulations, particularly surrounding compliance.

Me and my job

Me and my job: Mat Gangwer, security architect, Rook Security

We take a look inside the professional world of Mat Gangwer, security architect at Rook Security.

CSO's desk

Surveillance data: All eyes on you

With the advent of nearly omnipotent video surveillance, the age-old saying "a picture is worth a thousand words," scares me more today than it ever ...


Advanced malware: The growing cyber menace

After a quiet year on the advanced malware front, we could soon see more activity, says the Atlantic Council's Jason Healey. Karen Epper Hoffman reports.

A fine mess: Global data breach legislation

Global consensus on data breach legislation is still evolving, but fear of brand damage is pushing reform, reports James Hale.

Getting ahead of new threats

There are six security threats all businesses should be aware of for 2014, says ISF's Steve Durbin.

Case studies

Case study: Wire transfer

Students in Georgia were given iPads, but a firewall was impeding network connections...until a solution was found, reports Greg Masters.

Product opener

Pen testing or hacking?

We are "ethical hackers" or "white hat hackers." We are penetration testers. Never let us be aligned with the mass media's view of hackers.

Group Test 1

BeyondTrust UVM20 Security Management Appliance

The UVM20 Security Management Appliance from BeyondTrust offers a full set of vulnerability scanning and compliance tools that are well integrated into a single easy-to-use ...

Core Security Insight Enterprise

Insight Enterprise offers a full vulnerability and risk management platform that can be used to analyze and prioritize vulnerabilities throughout the enterprise to ensure that ...

GFI LanGuard 2014

LanGuard from GFI Software is back again this year and those who are familiar with the tool will feel right at home with the latest ...

netVigilance Internal Scan - Cloud

Internal Scan - Cloud Edition from netVigilance offers a full vulnerability testing suite that can scan pretty much anything with an IP address and report ...

Qualys – QualysGuard Express

QualysGuard Express from Qualys uses the software-as-a-service (SaaS) model to provide vulnerability and compliance management services to customers.

SecPoint Penetrator

Virtual machine makes deployment easy, high-gain antenna for Wi-Fi cracking.

Secunia Corporate Software Inspector (CSI)

Secunia’s Corporate Software Inspector (CSI) enables users to leverage its signature-based vulnerability scanner via installable software agents and/or a simple-to-use web-based console.

Skybox Security Skybox Risk Control

Focusing more on total risk than individual threats, this product analyzes networks in a holistic manner, enabling security teams to first remediate threats to hosts ...

Strategic Cyber Cobalt Strike

Strategic Cyber’s Cobalt Strike application is a serious penetration testing and educational tool.

Tenable SecurityCenter Continuous View

Combining the gold-standard Nessus vulnerability scanner with the powerful Passive Vulnerability Scanner and Log Correlation Engine, Tenable’s Security Center Continuous View brings some of the ...

Last Word

The need and the challenge

Let's agree on a definition of the term "security" and move forward from there, says AT&T's Chris Mark.


Sign up to our newsletters