September 2011 Issue of SCMagazine

September 2011 Issue of SCMagazine

Sept 2011


A flight or fight response?

Transparency after a breach does more than save face.


News briefs: Industry developments and breaking news

FBI nabs PayPal hackers, report from Black Hat, announcements from Facebook and Cloud Security Alliance, plus more

Company news: Malwarebytes acquired hpHosts, Good Technology named Nicko van Someren CTO, and other news

This month's personnel announcements, launches and merger and acquisition activity.

Threat of the month

Threat of the month

Perimeter exploit exposure

2 minutes on

Spam's new intent: Zombies

Spam levels dropped last year by nearly a third, but owing to new strategies spammers are making more money than ever before.

DataBank: ThreatReport

DataBank: Threat Report

Cybercriminal activity across the globe, plus a roundup of security-related news.

Skills in Demand

Skills in demand

Organizations are building their technical assurance teams.

Me and my job

Me and my job

Advancing companies' awareness of cyber risks and effective, enterprise-wide approaches to managing these risks.


Debate: Security awareness training is a worthwhile investment.

Two security experts duke it out over whether organizations should invest in user awareness training.


Enabling a mobile workforce

Suddenly, corporations can no longer ignore next-generation smartphones and tablets.

SCADA system safeguards

Stuxnet demonstrated that even isolated physical networks could be hacked.

CSO's desk

The cloud can actually make data safer

We need to do a far better job of demonstrating that the infrastructure and services we are putting into the cloud are superior to what ...


Planet cloud: Keys2Day Real Estate Team and InfoStreet

A Maryland real estate company streamlined its operations by moving email and other operations to the cloud, But that wasn't the only benefit: The migration ...

Incident response: Ground control

Following a major breach this year, Lockheed Martin CISO Chandra McMahon explains how a quick and calculated reaction helped stave off a disaster. What are ...

Breaking the next case

Today's flurry of cybercrimes rely on an array of motivations, techniques and technologies, making the job of an investigator to track down the offender that ...

Personnel check-up: Identity management

A sound approach to identification and authentication is an elementary building block to security policy within most any organization, but management of these disciplines face ...

Border patrol: Perimeter defense

The perimeter is a distant memory of what it once was, considering the influx of third-party workers combined with new technologies, such as cloud and ...

Product opener

Do you know who your users are?

This month we explore tools to help us wrangle our users and separate them from the herd of bad guys trying to enter our enterprise ...

Group Test 1

BlackBox Network Services Veri-NAC

Veri-NAC is a hardware appliance solution that controls access to the network for any device that may be seeking an IP address.

ForeScout CounterACT 6.3.4

ForeScout CounterACT is a hardware appliance which works out-of-band on the network to control access for endpoint devices.

McAfee NAC Appliance 5.2

McAfee’s NAC solution is actually three components that work together: McAfee NAC Appliance, NAC software and NAC module for Network Security Platform.

Sophos NAC Advanced 3.2.6

Sophos NAC Advanced is a software NAC solution typically deployed on dedicated Windows 2003/2008 environments using Microsoft SQL 2005/2008.

Trustwave NAC 3.8

Trustwave NAC is a hardware solution comprised of a management console and sensors, which are deployed throughout the network for distributed capabilities.

Group Test 2

Avatier Identity Management Suite

The Avatier Identity Management Suite is a solid, full-scale, user lifecycle management tool.

Centrify Suite 2011

The Centrify Suite provides administrators a way to integrate UNIX, Linux and Mac OS X users into the already existing Active Directory structure for seamless ...

Ensim Unify Enterprise Edition

Unify from Ensim provides a full-scale user provisioning and account management platform that can plug into several user platforms throughout the enterprise for easy centralized ...

Evidian Access Management

Access Management is a piece of Evidian’s larger Identity and Access Management Suite.

Fischer Identity

Fischer Identity is an all-in-one user account provisioning and management tool that can plug into almost any authentication platform throughout the enterprise.

Hitachi ID Systems Identity Manager

The Identity Manager from Hitachi ID Systems is part of the Hitachi ID Management Suite.

Novell Identity Manager by NetIQ

Novell Identity Manager by NetIQ provides comprehensive account management across enterprise systems, including physical, virtual and cloud-based environments.

Quest One Identity Solution

Quest One Identity provides administrators with a way to manage and unify accounts throughout the enterprise.

First Look

Taking a deep dive into network events

Tools designed particularly for network forensics have some important capabilities not shared by tools whose job is solely to alert on a policy violation.

Last Word

The new breed of attackers

The time is ripe for open dialogue around teaching trust, says RSA Conference's Hugh Thompson.


Sign up to our newsletters