October 2012 Issue of SCMagazine

October 2012 Issue of SCMagazine

October 2012


Wyndham resorts to laughable litigation

Isn't Wyndham Hotels and Resorts culpable for failing to enlist industry standards and implement security practices and tools to protect customer accounts?


News briefs: Latest security news

Last month's featured news from Shamoon attacking oil companies to Wyndham Hotels challenging the FTC.

Company News: Personnel announcements from Sophos, PwC, and others

Personnel announcements and M&A activity from Sophos, PwC US, NetSecurity, and others.

Threat of the month

Threat of the month: Anti-virtualization malware

This month's threat of the month is anti-virtualization malware which automatically activates on a system boot-up.

2 minutes on

Patchy response: Oracle fumbles response to Java flaw

With billions of devices worldwide running Java, Oracle faced a debacle in August as the details for two zero-day exploits in its popular software were ...

Skills in Demand

Skills in demand: Incident response specialists

As the threat landscape evolves, more organizations are finding themselves responding to security incidents.

Me and my job

Me and my job: David Balcar, Novacoast

David Balcar, security adviser practice manager at Novacoast discusses various aspects of his job.


Debate: Flame, Stuxnet and other APTs are hype, but still be wary

Debate: Flame, Stuxnet and other APTs are hype, but you should still be extremely worried.


Plan BYOD with the workers

Most BYOD discussions focus on technical issues, such as how to identify offending devices, how to keep them off the network, or how to limit ...

Authenticating new tech: Safeguarding mobile identities

In the age of mobile, social and cloud, the so-called perimeter that businesses have been protecting for years is now dead.

CSO's desk

Threats can originate close to home

The Payment Card Industry Security Council is working to foster greater PCI expertise across the industry.


Blocking entry: Browsers offer prime attack vector

Web browsers have become today's de facto operating system -- the single place where end-users spend most of their time. As such, they're ground zero ...

School ties: Security challenges at universities

Sanjeev Sah has been CISO of UNC-Charlotte for just over a year, and he's already well versed on the unique circumstances that make securing colleges ...

Is danger looming: Mobile vulnerabilities

With users flocking toward mobile platforms, fraudsters will join as well. But businesses have a bigger problem: What to do about employees wanting to use ...

Product opener

Who are you and what are you doing here?

This month, we are tackling identity management, network access control (NAC) and data leak prevention (DLP).

Group Test 1

Avatier Identity and Access Risk Management Suite v9.0

Avatier’s Identity and Access Risk Management Suite provides user creation, authentication, provisioning, and deprovisioning of user IDs.

Bradford Networks Network Sentry v6.0

Network Sentry provides centrally managed access to the network, integrates with user management applications, such as Microsoft Active Directory, and may use agents or remain ...

Centrify Suite 2012

Centrify Suite 2012 provides user provisioning and access control across the enterprise.

Code Green Networks CI-750 Content Inspection Appliance v8.0

The CI-750 provides real-time content inspection allowing customers to protect against data loss across the network.

Fischer International Fischer Identity v5.0

The Fischer solution is postured to help organizations drive (not react to) their identity management solutions.

ForeScout Technologies ForeScout CounterACT v7.0

ForeScout CounterACT offers an enterprise-class NAC, assuring network access based on real-time endpoint classification configuration assessment, user and endpoint compliance policy and automated response.

Hitachi ID Systems Hitachi ID Management Suite v8.0

The Hitachi ID Management Suite is primarily made up of three modules: Hitachi ID Identity Manager, which helps manage identities and provisioning across multiple systems ...

Lieberman Software Enterprise Random Password Manager

Lieberman Software really delivered on this. Its Enterprise Random Password Manager (ERPM) addresses the management of privileged access across enterprise resources.

McAfee Cloud Identity Manager

The Cloud Identity Manager from McAfee helps administrators provide single sign-on and account provisioning for cloud-based applications.

NetIQ Identity Manager

Identity Manager from NetIQ is a full identity and user management platform that allows administrators to manage users across physical, virtual and cloud-based environments.

NetWrix Identity Management Suite

The NetWrix Identity Management Suite is actually a combination of several NetWrix products that are bundled together and can be installed individually or together as ...

Quest One Identity Manager with ActiveRoles Server

Quest One Identity Manager with ActiveRoles Server provides a wide array of identity management features and functions.

Softerra Adaxes

Adaxes from Softerra enables the ability to automate user provisioning and deprovisioning by interfacing directly with Microsoft Active Directory.

StillSecure Safe Access

Safe Access from StillSecure offers a full network access control system that includes functionality for ensuring endpoints on the network meet policy and compliance standards ...

Thycotic Software Secret Server, Password Reset Server and Group Management Server

Here we have three products from Thycotic Software that when combined provide a reasonably comprehensive identity management suite.

First Look

First Look: Seeking application security

Seeker from Quotium takes a somewhat different approach to application security from most similar products.

First Look: Catching the fraudsters

Because people have behavioral characteristics, the Silver Tail Forensics 3.0 - latest incarnation of this fine tool - can catch and stop them while providing ...

Last Word

A public cloud conundrum

We must resolve issues around data sovereignty, says Capgemini's Joe Coyle.


Sign up to our newsletters