October 2012 Issue of SCMagazine
Isn't Wyndham Hotels and Resorts culpable for failing to enlist industry standards and implement security practices and tools to protect customer accounts?
Last month's featured news from Shamoon attacking oil companies to Wyndham Hotels challenging the FTC.
Personnel announcements and M&A activity from Sophos, PwC US, NetSecurity, and others.
Threat of the month
This month's threat of the month is anti-virtualization malware which automatically activates on a system boot-up.
2 minutes on
With billions of devices worldwide running Java, Oracle faced a debacle in August as the details for two zero-day exploits in its popular software were ...
Skills in Demand
As the threat landscape evolves, more organizations are finding themselves responding to security incidents.
Me and my job
David Balcar, security adviser practice manager at Novacoast discusses various aspects of his job.
Debate: Flame, Stuxnet and other APTs are hype, but you should still be extremely worried.
Most BYOD discussions focus on technical issues, such as how to identify offending devices, how to keep them off the network, or how to limit ...
In the age of mobile, social and cloud, the so-called perimeter that businesses have been protecting for years is now dead.
The Payment Card Industry Security Council is working to foster greater PCI expertise across the industry.
Web browsers have become today's de facto operating system -- the single place where end-users spend most of their time. As such, they're ground zero ...
Sanjeev Sah has been CISO of UNC-Charlotte for just over a year, and he's already well versed on the unique circumstances that make securing colleges ...
With users flocking toward mobile platforms, fraudsters will join as well. But businesses have a bigger problem: What to do about employees wanting to use ...
We must resolve issues around data sovereignty, says Capgemini's Joe Coyle.
This month, we are tackling identity management, network access control (NAC) and data leak prevention (DLP).
Group Test 1
Avatier’s Identity and Access Risk Management Suite provides user creation, authentication, provisioning, and deprovisioning of user IDs.
Network Sentry provides centrally managed access to the network, integrates with user management applications, such as Microsoft Active Directory, and may use agents or remain ...
Centrify Suite 2012 provides user provisioning and access control across the enterprise.
The CI-750 provides real-time content inspection allowing customers to protect against data loss across the network.
The Fischer solution is postured to help organizations drive (not react to) their identity management solutions.
ForeScout CounterACT offers an enterprise-class NAC, assuring network access based on real-time endpoint classification configuration assessment, user and endpoint compliance policy and automated response.
The Hitachi ID Management Suite is primarily made up of three modules: Hitachi ID Identity Manager, which helps manage identities and provisioning across multiple systems ...
Lieberman Software really delivered on this. Its Enterprise Random Password Manager (ERPM) addresses the management of privileged access across enterprise resources.
The Cloud Identity Manager from McAfee helps administrators provide single sign-on and account provisioning for cloud-based applications.
Identity Manager from NetIQ is a full identity and user management platform that allows administrators to manage users across physical, virtual and cloud-based environments.
The NetWrix Identity Management Suite is actually a combination of several NetWrix products that are bundled together and can be installed individually or together as ...
Quest One Identity Manager with ActiveRoles Server provides a wide array of identity management features and functions.
Adaxes from Softerra enables the ability to automate user provisioning and deprovisioning by interfacing directly with Microsoft Active Directory.
Safe Access from StillSecure offers a full network access control system that includes functionality for ensuring endpoints on the network meet policy and compliance standards ...
Here we have three products from Thycotic Software that when combined provide a reasonably comprehensive identity management suite.
Seeker from Quotium takes a somewhat different approach to application security from most similar products.
Because people have behavioral characteristics, the Silver Tail Forensics 3.0 - latest incarnation of this fine tool - can catch and stop them while providing ...
SC Magazine Articles
- Was Spotify breached? Account info shows up on Pastebin
- Report: Ransomware feeds off poor endpoint security
- Researcher finds backdoor that accessed Facebook employee passwords
- Over 7M Minecraft mobile credentials exposed after Lifeboat data breach
- DōTERRA breach exposes customer info; including SS, DOB, and addresses
- UPDATE: Petya ransomware leverages Dropbox and overwrites hard drives
- Federal court bucks trend, rules general liability insurance covers data breach
- The anatomy of a spearphishing scam, or how to steal $100M with a fake email
- FBI investigating attack against computer networks at U.S. law firms
- Ransomware rampant, but chinks found in its armor
- Mining company's data is more valuable than gold
- PCI DSS version 3.2 release extends multifactor authentication requirement
- RSA EMEA Summit: Writing a security strategy that will make Vivaldi proud
- U.S. CIO hints federal adoption of 'bimodal IT' to balance old and new tech