September 2011 Issue of SCMagazine
Transparency after a breach does more than save face.
FBI nabs PayPal hackers, report from Black Hat, announcements from Facebook and Cloud Security Alliance, plus more
Company news: Malwarebytes acquired hpHosts, Good Technology named Nicko van Someren CTO, and other news
This month's personnel announcements, launches and merger and acquisition activity.
Threat of the month
Perimeter exploit exposure
2 minutes on
Spam levels dropped last year by nearly a third, but owing to new strategies spammers are making more money than ever before.
Skills in Demand
Organizations are building their technical assurance teams.
Me and my job
Advancing companies' awareness of cyber risks and effective, enterprise-wide approaches to managing these risks.
Two security experts duke it out over whether organizations should invest in user awareness training.
Suddenly, corporations can no longer ignore next-generation smartphones and tablets.
Stuxnet demonstrated that even isolated physical networks could be hacked.
We need to do a far better job of demonstrating that the infrastructure and services we are putting into the cloud are superior to what ...
Cybercriminal activity across the globe, plus a roundup of security-related news.
A Maryland real estate company streamlined its operations by moving email and other operations to the cloud, But that wasn't the only benefit: The migration ...
Following a major breach this year, Lockheed Martin CISO Chandra McMahon explains how a quick and calculated reaction helped stave off a disaster. What are ...
Today's flurry of cybercrimes rely on an array of motivations, techniques and technologies, making the job of an investigator to track down the offender that ...
A sound approach to identification and authentication is an elementary building block to security policy within most any organization, but management of these disciplines face ...
The perimeter is a distant memory of what it once was, considering the influx of third-party workers combined with new technologies, such as cloud and ...
This month we explore tools to help us wrangle our users and separate them from the herd of bad guys trying to enter our enterprise ...
Group Test 1
Veri-NAC is a hardware appliance solution that controls access to the network for any device that may be seeking an IP address.
ForeScout CounterACT is a hardware appliance which works out-of-band on the network to control access for endpoint devices.
McAfee’s NAC solution is actually three components that work together: McAfee NAC Appliance, NAC software and NAC module for Network Security Platform.
Sophos NAC Advanced is a software NAC solution typically deployed on dedicated Windows 2003/2008 environments using Microsoft SQL 2005/2008.
Trustwave NAC is a hardware solution comprised of a management console and sensors, which are deployed throughout the network for distributed capabilities.
Group Test 2
The Avatier Identity Management Suite is a solid, full-scale, user lifecycle management tool.
The Centrify Suite provides administrators a way to integrate UNIX, Linux and Mac OS X users into the already existing Active Directory structure for seamless ...
Unify from Ensim provides a full-scale user provisioning and account management platform that can plug into several user platforms throughout the enterprise for easy centralized ...
Access Management is a piece of Evidian’s larger Identity and Access Management Suite.
Fischer Identity is an all-in-one user account provisioning and management tool that can plug into almost any authentication platform throughout the enterprise.
The Identity Manager from Hitachi ID Systems is part of the Hitachi ID Management Suite.
Novell Identity Manager by NetIQ provides comprehensive account management across enterprise systems, including physical, virtual and cloud-based environments.
Quest One Identity provides administrators with a way to manage and unify accounts throughout the enterprise.
Tools designed particularly for network forensics have some important capabilities not shared by tools whose job is solely to alert on a policy violation.
The time is ripe for open dialogue around teaching trust, says RSA Conference's Hugh Thompson.
Sign up to our newsletters
SC Magazine Articles
- 'MEDJACK' tactic allows cyber criminals to enter healthcare networks undetected
- Samsung devices, including Galaxy S6, vulnerable to remote code execution
- Dridex banking malware spreading through new spam campaign
- U.S., China agree to cybersecurity code of conduct
- Suspicious activity on LastPass network, data compromised
- Former Georgia-Pacific sysadmin charged with damaging protected computers
- Harvard University announces network intrusion, possible data exposure
- Saboteurs leverage RIPv1 for DDoS reflection attacks
- More than 440K new Android malware strains found in Q1, study finds
- Apple releases OS X 10.10.4 and iOS 8.4, numerous bugs addressed