March 2012 Issue of SCMagazine
0312 cover image
U.S. agencies argue that monitoring social media will arm them with "situational awareness" to thwart potential attacks.
News briefs: The latest from the PCI Security Standards Council, Google, Anonymous, Facebook and others...
ThreatMetrix acquired TrustDefender, Voltage Securit partnered with Ingenico, Epsilon appointed Keith Morrow as EVP and CIO, and Chris Ray as CSO, and other news.
Threat of the month
Threat of the month: Compromised embedded systems
2 minutes on
No single reported breach in recent memory better highlighted the risk that vulnerable third-parties present than when hackers last year raided Epsilon.
Me and my job
Seth Bromberger liked the idea of working to keep the bad guys out of things.
The attack du jour, APTs, or advanced persistent threats, are real threats.
The exploding use of smart mobile devices and the business productivity that accompanies this trend has many CIOs and IT administrators reeling.
The massive fallout from the breaches of Gawker, Sony and others involving weak password authentication schemes show that the current password system is dead.
DLP solutions remain fairly immature, but the need to protect and monitor sensitive information is greater than ever.
Web applications remain a primary vector for attack, and the higher education space remains fertile ground for successful breaches. That's why West Virginia University wanted ...
Stephen Scarf was a history major and an English minor in college. He then negotiated a diverse career path to reach his current role as ...
More-than-decade-old bugs still plague web applications, and the challenge is only growing for programs migrating to the cloud. But new frameworks and heightened awareness can ...
The threat posed by politically motivated attackers, known as hacker activists, or hacktivists, is far-reaching, yet authorities are finding it difficult to take down a ...
The big news this month is the addition of a new element: a set of reviews on emerging products that you can find exclusively on ...
Group Test 1
The NetVanta from ADTRAN offers some nice functionality in a small package.
The Astaro Security Gateway is a flexible, full gateway security appliance that can be deployed and configured to fit almost any environment.
The Cyberoam CR1000ia is a full-feature network security gateway that provides solid protection from a multitude of threats.
The eSoft InstaGate provides solid protection designed for the small to midsized business environment.
The FortiWiFi-40c from Fortinet provides features such as a firewall, intrusion prevention system, application control, virtual private network (VPN) and web content filtering all in ...
The gateProtect GPZ 2500 is quite possibly the be all and end all of perimeter network security.
Kerio Control from Kerio Technologies is comprised of software that can be installed on a dual-homed Microsoft Windows machine at the gateway or it is ...
M86 Secure Web Gateway (SWG) proactively safeguards against malware and Web 2.0 threats using patented real-time code analysis (RTCA), dynamic web repair (DWR) technologies, and ...
The NetGear UTM9S is an all-in-one security appliance that is deployed at the internet gateway.
The SmoothWall UTM-1000 appliance combines SmoothWall Guardian Web Security with network security functions.
The NSA 4500 is a purpose-built appliance that can be deployed at the edge of a network, inside a network between various network segments, or ...
The Vasco aXsGUARD Gatekeeper v7.6.4 is an authentication appliance intended for small and midsized enterprises.
The WatchGuard XTM 810 Security Bundle is a full-featured security appliance for midsize businesses.
The Wedge BeSecure Anti-malware Gateway is a family of web security appliances, capable of real-time deep content inspection for thousands of concurrent web, email, and ...
Group Test 2
This looks like a company that applied security solutions to challenges in the virtual world that are virtual versions of physical world problems.
Intigua has fixed it so one agent of a particular type can be used for all of the virtual machines that need it, instead of ...
HyTrust, essentially, manages admins in a virtual world.
Co3 handles the worst nightmare of most executives: the aftermath of a successful security incident that hits personally identifiable information of lots of people.
Basically, Catbird does for the virtual data center what it did “back in the day” for physical data centers.
...nevertheless, companies need to do a better job of protecting IP, says Adam Segal.