October 2012 Issue of SCMagazine
Isn't Wyndham Hotels and Resorts culpable for failing to enlist industry standards and implement security practices and tools to protect customer accounts?
Last month's featured news from Shamoon attacking oil companies to Wyndham Hotels challenging the FTC.
Personnel announcements and M&A activity from Sophos, PwC US, NetSecurity, and others.
Threat of the month
This month's threat of the month is anti-virtualization malware which automatically activates on a system boot-up.
2 minutes on
With billions of devices worldwide running Java, Oracle faced a debacle in August as the details for two zero-day exploits in its popular software were ...
Skills in Demand
As the threat landscape evolves, more organizations are finding themselves responding to security incidents.
Me and my job
David Balcar, security adviser practice manager at Novacoast discusses various aspects of his job.
Debate: Flame, Stuxnet and other APTs are hype, but you should still be extremely worried.
Most BYOD discussions focus on technical issues, such as how to identify offending devices, how to keep them off the network, or how to limit ...
In the age of mobile, social and cloud, the so-called perimeter that businesses have been protecting for years is now dead.
The Payment Card Industry Security Council is working to foster greater PCI expertise across the industry.
Web browsers have become today's de facto operating system -- the single place where end-users spend most of their time. As such, they're ground zero ...
Sanjeev Sah has been CISO of UNC-Charlotte for just over a year, and he's already well versed on the unique circumstances that make securing colleges ...
With users flocking toward mobile platforms, fraudsters will join as well. But businesses have a bigger problem: What to do about employees wanting to use ...
This month, we are tackling identity management, network access control (NAC) and data leak prevention (DLP).
Group Test 1
Avatier’s Identity and Access Risk Management Suite provides user creation, authentication, provisioning, and deprovisioning of user IDs.
Network Sentry provides centrally managed access to the network, integrates with user management applications, such as Microsoft Active Directory, and may use agents or remain ...
Centrify Suite 2012 provides user provisioning and access control across the enterprise.
The CI-750 provides real-time content inspection allowing customers to protect against data loss across the network.
The Fischer solution is postured to help organizations drive (not react to) their identity management solutions.
ForeScout CounterACT offers an enterprise-class NAC, assuring network access based on real-time endpoint classification configuration assessment, user and endpoint compliance policy and automated response.
The Hitachi ID Management Suite is primarily made up of three modules: Hitachi ID Identity Manager, which helps manage identities and provisioning across multiple systems ...
Lieberman Software really delivered on this. Its Enterprise Random Password Manager (ERPM) addresses the management of privileged access across enterprise resources.
The Cloud Identity Manager from McAfee helps administrators provide single sign-on and account provisioning for cloud-based applications.
Identity Manager from NetIQ is a full identity and user management platform that allows administrators to manage users across physical, virtual and cloud-based environments.
The NetWrix Identity Management Suite is actually a combination of several NetWrix products that are bundled together and can be installed individually or together as ...
Quest One Identity Manager with ActiveRoles Server provides a wide array of identity management features and functions.
Adaxes from Softerra enables the ability to automate user provisioning and deprovisioning by interfacing directly with Microsoft Active Directory.
Safe Access from StillSecure offers a full network access control system that includes functionality for ensuring endpoints on the network meet policy and compliance standards ...
Here we have three products from Thycotic Software that when combined provide a reasonably comprehensive identity management suite.
Seeker from Quotium takes a somewhat different approach to application security from most similar products.
Because people have behavioral characteristics, the Silver Tail Forensics 3.0 - latest incarnation of this fine tool - can catch and stop them while providing ...
We must resolve issues around data sovereignty, says Capgemini's Joe Coyle.
Sign up to our newsletters
SC Magazine Articles
- State breakdowns: Anthem breach by the numbers
- Malware on Lime Crime website, payment cards compromised
- Botnet of Joomla servers furthers DDoS-for-hire scheme
- Bug in popular WordPress plugin opens up websites to SQL injection attacks
- Report: Majority of health-related websites leak data to third parties
- State breakdowns: Anthem breach by the numbers
- Carbanak APT campaign made off with $1B from banks globally
- NIST requests final comments on ICS security guide
- Disconnect yawns between CISOs, exec leadership, study says
- Microsoft phishing emails target corporate users, deliver malware that evades sandboxes
- Angler EK hijacks domain registrant credentials to create malicious pages
- New SSL/TLS vulnerability, FREAK, puts secure communications at risk
- Tsukuba trojan aimed at Japanese banking customers
- GAO releases report on FAA security lapses, experts remain unconcerned
- Infections caused by prevalent financial trojans dropped 53 percent last year