A pragmatic approach to Advanced Persistent Threat (APT) Protection

Targeted attacks, or APTs, can be complex and affect organizations of all sizes, across all industries. But that doesn't mean their detection and prevention has to be complex too. With constant confusion around ATAs and APTs, a staggering 68% of IT Managers admit they don't know what an APT is.

Addressing Identity and Access Management with a Unified Open source Identity and Access Management Suite

Many IT organizations today are tasked to manage a complex landscape that includes a mix of SaaS applications and on-premise applications being accessed by various user populations; employees, customers, mobile workers, etc.

Retail Cyber Threats: How to Detect Them Early and Limit the Damage

Let's face it, it's no longer a matter of 'If' your organization will be breached, but 'When' (if it hasn't already happened and you just don't know it). The key question is 'How can you gain better visibility sooner to the signs that you've been breached?'

An Enterprise Security Platform Approach to Advanced Persistent Threats

Today's advanced persistent threats (APTs) evade traditional security controls with techniques such as SSL encryption and require an integrated, simple and automated approach that can detect and defend at each stage of an attack.

Next Generation NAC: Advancing Control Intelligence and Security Management

Today's Network Access Control (NAC) technology has evolved well beyond that of allowing or denying network admission. The latest generation of NAC solutions addresses numerous security and compliance applications, but more so, help organizations enhance operational awareness, efficiency and use of their existing network and security infrastructure.

A Conversation with CSOs: Strategies to Integrate Endpoint Security into the SOC

Join Dave Shackleford, founder of Voodoo Security and former CSO of Configuresoft, and Nick Levay, CSO of Bit9, to discuss why endpoint visibility and control is crucial to the security operations center. In this webcast you will learn how security teams can more readily define and identify meaningful indicators of compromise.

What's really on your network?

Face it, your users want to use any application while at work, yet they may not be aware of the associated business and security risks. Filesharing, remote access, video and social networking applications are all rampant on most every network we analyze. Commonly found among those applications are very sophisticated threats hiding in plain sight, acting like normal traffic, using SSL, FTP, and RDP to steal data.

Regain Control of Your SaaS and Cloud Investments

To meet strategic objectives for growth and business transformation initiatives, more and more enterprises are externalizing key business functions to the Cloud, and to SaaS in particular. But how effectively are enterprises and securing and managing these deployments? How are your peers doing in managing actual usage and user management, providing end-user support, and extending identity management of external service providers?

Latest threats on iOS and Android and what you can do about it

Discover the latest mobile threat trends on iOS and Android platforms and the key to mobile application security.

Solving for Evasion: The Cyber Kill-chain and the Enterprise Security Platform

The first step to defeating advanced threats is understanding the sophisticated techniques malware and exploits are using to evade detection and slip past traditional security controls. We will share a detailed review of the cyber kill-chain, including each step used to compromise hosts, with data from real attacks and specific anecdotes.

Perception vs. Reality: What You Know About Database Encryption

Devastating—that's the best way to describe the impact of not having a strong database security initiative. Did you know that 35% of all cyber attacks today occur without enterprises ever knowing that such an attack took place? It only takes 30 seconds to steal your data - making it humanely next to impossible to stop these sophisticated attacks. Your company's most sensitive financial and customer information is stored in databases, Hadoop and NoSQL platforms that are vulnerable. It's time to increase protection and defend your sensitive data

Wireless Security: Beyond the Basics

It isn't difficult to set up security for the wireless router in your basement: Change the SSID, pick a strong password and perhaps install VPN software for remote access. But, securing wireless networks in a business environment is much more demanding.

New Requirements for Endpoint Security

For a decade or more, large organizations anchored their endpoint security defenses with traditional AV software. Unfortunately, this is no longer an appropriate strategy - endpoint security now depends upon layered defenses, continuous monitoring, and security analysis. This webinar will outline the current state of endpoint security and offer product and strategy recommendations to help CISOs reinforce their endpoint security defenses and intelligence in response to modern threats.

Future Proof Your InfoSecurity Program with Identity and Access Management (IAM)

Is your IT security program keeping pace with the rate of change in today's complex world of hybrid IT, BYOD, BYOA? With the rapid adoption of SaaS applications, the movement to a fully mobile workforce, and the cosumerization of IT, a security manager's job has never been more challenging. End users and the business are placing more sophisticated demands on IT. Compliance and security threats persist. Legacy IAM technologies are not able to scale to meet the dynamic user populations and their access needs. And, security teams must continue to ensure all the right controls are in place to meet governance, security and compliance requirements.

The Threat of Unsecured Mobile Devices

Criminal organizations and hostile governments increasingly target the unsecured mobile devices of mobile workers. Enterprises need to defend against today's complex and evolving cyberthreats and go beyond simple mobile device management.

Think Outside the Box - What's not being said about Secure File Sharing.

When it comes to file sharing, understanding what vendors are really offering when they mention terms such as security, policy, cloud, and encryption is critical to your business. Employees are self-provisioning a variety of free or very low cost tools designed for consumer file sharing in order to get their jobs done. However, most of these tools do not have the safeguards such as strong encryption, active policy and data segregation to protect your corporate data and ensure compliance. Join our team of industry experts, as they discuss secure enterprise file sharing, and discover:

Defense-in-Depth 2.0: Improving IT Agility and Optimizing Resources

Companies have amassed an arsenal of security tools to enable a defense-in-depth strategy. Best practices dictate the use of SIEM, VA, encryption, patching, DLP, MDM and other security tools - but this can create silos of controls and data. Given network, device, access and threat dynamics, how can IT be more efficient and effective to identify and resolve exposures and attacks? This webinar brings together a panel of experts to discuss use cases and techniques to enable continuous monitoring and mitigation, as well as examine how the ForeScout ControlFabric™ Platform allows for an exchange of information and automated controls to better leverage information security investments and resources.

Protecting Critical Infrastructure Against Advanced Cyber Threats

The national and economic security of a nation depends on the reliable functioning of critical infrastructure. The physical and electronic elements comprising critical infrastructure are increasingly and inextricably interwoven. Enemies of the state and others who would benefit from the disruption of critical infrastructure realize this and can turn to advanced cyber-attacks as means to achieve their end. On Oct 10th, in support of President Obama's Executive Order 13636, the National Institute of Standards and Technology (NIST) will publish the final Preliminary Cybersecurity Framework in the Federal Register for public debate.

The State of Cybercrime Today — Threats and Solutions

Cybercrime continues to grow in scope and scale, with losses to consumers and businesses across numerous sectors in many countries.

APTs: The State of Server Side Risks in 2013 and Steps to Minimize Risk

In previous surveys this year, we've examined various aspects of one of the most pressing issues facing the IT security industry today: Advanced Persistent Threat (APTs). This webcast, sponsored by Lumension, presents findings from the newest research uncovered by our readers on server security. Find out what the research has uncovered about the state of server side security in 2013, how we can analyze these risks, and the protocols that can be taken during potential compromises.

Turning the Mobile Device Evolution in Your Favor

Today's digital identities are at the heart of the most insidious online attacks. And as the mobile evolution expands at an amazingly swift rate, the collision of sensitive digital identities and mobile computing introduces new security challenges and opportunities.

Rethink Data Classification: Identify Your Data, Know Your Data

Understanding and knowing your data is the foundation for information protection. Defining your data — is the first part of a three-part framework called the Data Security And Control Framework that Forrester created to help Security & Risk (S&R) professionals adapt to the new data economy. Data discovery and classification are two essential, yet often overlooked, initiatives that lay the foundation for protecting data.

Security Monitoring and Alerting: MSSP vs. SIEM

Security Monitoring and Alerting: MSSP vs. SIEM

The question of whether to have a Managed Security Service Provider (MSSP) manage your security infrastructure or purchase a Security Information and Event Management (SIEM) product and manage it yourself, can be difficult to determine on your own. This webcast will identify the pros and cons of an on-premise SIEM and an MSSP approach, as well as provide an overview of financial, operational and organizational considerations that purchasers of security solutions may wish to consider.

Cloudy with a Chance of Breaches

It's Not a Question of IF, It's a Question of WHEN For decades, we have played the game; staying ahead of the hacker trying to get their hands on our most valuable asset - our data. We invested in firewalls, anti-virus, VPN, IPS all to build an impenetrable wall to safeguard that very same data. Our drive to the cloud has made us more vulnerable to the release of confidential data because it is impossible to protect a perimeter that no longer exists. Join us for this informative webcast that will introduce a new way of looking at security which advocates protecting the target rather than the vector. We call this "Secure the Breach."

How can you continue to use Windows XP computers securely after April 2014?

How can you continue to use Windows XP computers securely after April 2014?

Windows XP is scheduled for "End of Life" in April 2014 yet XP is still the 2nd most widely used PC operating system in the world—estimates suggest that nearly 40% of PCs are still running XP. Many organizations cannot move from XP by April 2014 due to application compatibility issues, cost, staffing resources and other issues. The most significant issue facing organizations with XP PCs is operating securely when there are no more security patches from Microsoft.There is now an alternative that allows organizations to move from XP on their own timeline, while staying secure using XP on into the future: ExtendedXP from Arkoon.

How Healthcare IT Is Securing Innovative Patient Care

How Healthcare IT Is Securing Innovative Patient Care

Healthcare IT must satisfy a myriad of compliance mandates, enable employee and non-employee caregiver use of latest personal mobile and medical devices, and protect network operations and sensitive information - all while optimizing resources and costs? How are innovative security professionals supporting patient care priorities while mitigating access, privacy and endpoint compliance threats? Join Larry Whiteside Jr., former CISO of Spectrum Health and ForeScout as this expert/practitioner panel examines unique IT challenges and trends, visibility and control gaps, and innovative security technologies to deliver efficient services and reduce risks.

Protecting your intellectual property starts with a single click

Protecting your intellectual property starts with a single click

When it comes to protecting your organization's confidential information, including intellectual property (IP), a single click by just one end-user can lead to a disastrous result: a data breach, or a great result: data protection.

Understanding and defending your organization against advanced threats

Understanding and defending your organization against advanced threats

Cybercrime continues to grow at a furious rate with new attack techniques becoming even more sophisticated. With limited budgets, resources and experience it can be extremely challenging to stay on top of the evolving threat landscape.

The State of DDoS: Observations from Recent Targeted Attacks and Best Practices for DDoS Mitigation

The State of DDoS: Observations from Recent Targeted Attacks and Best Practices for DDoS Mitigation

As organizations continue to move critical operations online, distributed denial of service (DDoS) attacks are increasing in frequency, sophistication and range of targets. This presentation will cover examples of recent high-profile, multi-layered DDoS attacks to illustrate how new attack vectors, such as the Domain Name System (DNS), are now commonly being targeted by cyber criminals and hacktivists. Attendees will learn about the growing complexity of DDoS attacks and recommendations for mitigation before they damage a company's infrastructure, revenue and reputation. Additionally, best practices for DDoS mitigation will be covered along with general tips for DDoS preparedness.

Threat Defenses: Before, During and After the Point of Click

Threat Defenses: Before, During and After the Point of Click

Protection from malware, advanced threats and data theft requires continuous threat defenses before, during and after the point of click. At each stage of the advanced threat life cycle, important defense architectures and processes must be deployed for maximum detection, protection and forensic analysis.

Security Intelligence: Can "Big Data" Analytics Overcome Our Blind Spots?

Security Intelligence: Can "Big Data" Analytics Overcome Our Blind Spots?

In 2013, information security is still rapidly changing and evolving at a pace few can keep up with. Organizations have significantly more complex infrastructures, while still supporting legacy applications and systems. We have staggering quantities of data (security included) to sort through and retain. Major data breaches and sophisticated compromise scenarios dominate the news and security blogs alike.

Unknown Targeted Attacks - Stopping malware at the endpoint

Unknown Targeted Attacks - Stopping malware at the endpoint

The threat of Targeted Persistent Attacks (TPAs) continues to grow and nearly every day there is another headline about an organization being breached and critical data stolen. Organizations must ask themselves "Can endpoint security products that are based on a signature/reputation based approach identify and stop targeted attacks launched by well-funded, motivated, sophisticated attackers?" If your organization was targeted and penetrated by an APT attack, would you know?

Why NAC? Why now?

Why are so many enterprises rushing to implement network access control (NAC) now? Watch this webcast to learn about the many uses of NAC.

Security Based on Trust, Not Fear

Security Based on Trust, Not Fear

Trust is essential for building a sustainable business. Security is essential for building trust. To build that trust in electronic networks, security needs to be built into a suitable framework, rather than being bolted on in a piecemeal fashion. As those networks become ever more open with the take up of innovative new technologies, it makes sense to move security up into the network.

Detecting the Enemy Within: Getting More out of DLP

Detecting the Enemy Within: Getting More out of DLP

Trusted insiders not only have access to sensitive corporate data, they also have unprecedented access to mediums with which to move that data. DLP solutions provide a security barrier keeping sensitive data within the organization. But intent insiders can find a way around, making the ability to watch for, detect and alert on new breaches critical to making your Data Leak Prevention strategy even more effective.

5 Considerations For a Successful BYOD Strategy

5 Considerations For a Successful BYOD Strategy

Bring your own device (BYOD) is becoming the rule rather than the exception which has created a new set of challenges for IT. A BYOD strategy can help you get a grasp on your mobile devices. But with the right security solution, it can also save you time, money, and the sanity of your help desk.

Big Data Security Analytics - Trends, Tactics and Practical Applications for Advanced Threat and Breach Detection

Big Data Security Analytics - Trends, Tactics and Practical Applications for Advanced Threat and Breach Detection

In this webinar, Jon Oltsik, Senior Principal Analyst at ESG, will discuss a recent ESG research report titled "The Emerging Intersection of Big Data and Security Analytics". He will highlight how Big Data and Security Analytics are coming together to address increasingly sophisticated cyber threats and risks, and how large enterprise organizations are anticipating and planning for this convergence. Seth Goldhammer, Director of Product Management at LogRhythm, will share how some organizations are leveraging real-time Big Data security analytics to detect breaches and advanced threats with SIEM 2.0.

Stop Spear-Phishing - Put the User in a Bubble

Stop Spear-Phishing - Put the User in a Bubble

Your employees are the primary target of attack by a variety of adversaries bent on doing your organization harm. This is a fact that simply cannot be challenged based on the last 24-36 months worth of breach disclosures. Spear-phishing has been at the root of virtually every major attack disclosed during this time - whether the RSA breach, the recent campaign disclosed by Kaspersky labeled "Red October," the "Nitro" attacks, attacks against the energy sector, etc, etc. When spear-phishing isn't used, other techniques aimed at the user such as watering hole attacks are employed. We've got a user problem on our hands that we need to rapidly solve.

Cyber Security Disruptors: Verisign iDefense Insight on Current and Emerging Cyber Disrupters for the Enterprise Security Practitioner

Cyber Security Disruptors: Verisign iDefense Insight on Current and Emerging Cyber Disrupters for the Enterprise Security Practitioner

Each year, iDefense covers the subject of cyber security disruptors in preparation for its annual "Cyber Threats and Trends" report. This annual presentation covers the disruptive abilities of new technologies that could fundamentally change the security threat environment for enterprise organizations. The webcast will re-evaluate previously identified disruptors, and will introduce some recent disruptors that iDefense believes have the potential to impact enterprise cyber security practitioners and their networked environments now or in the near future. Topics covered will include:

Improving Paper Based Compliance Practices

Improving Paper Based Compliance Practices

In today's business environment Security and Compliance initiatives are more important than ever -- across virtually all industries. 90% of organizations believe that they have lost confidential documents in the past year. The cost of a corporate data breach can lead to loss of hundreds of millions of dollars, non-compliance with Federal and State laws and loss of credibility and trust from customers, employees and partners. Recently, an Infotrends study found that only 52% of companies have scanning policies and worse, only 34% have document management systems in place.

Building Risk Visibility into Your Firewall Management Process

Building Risk Visibility into Your Firewall Management Process

Firewall deployments in large organizations can easily get out of control - and become rife with unnecessary risk. Inappropriate access is granted readily. Constant change complicates policy implementation. A real-time, enterprise-wide picture of network security posture is a distant dream. Only by automating tedious manual processes at the operations, management and compliance levels of the organization can security teams regain control and better protect their information. This requires consolidated, real-time data of the security infrastructure and a scalable, distributed solution that provides fast, flexible analysis and reporting.

Tapping Big Data Security Analytics to Detect Breaches & Advanced Threats and Gain Actionable INTEL

Tapping Big Data Security Analytics to Detect Breaches & Advanced Threats and Gain Actionable INTEL

Let's face it, it's no longer a matter of 'If' your organization will be breached, but 'When' (if it hasn't already happened and you just don't know it). The key question is 'How can you gain better visibility, sooner to the signs that you've been breached or that you're the target of an advanced threat?' In this webinar, John Kindervag, Forrester principal analyst for security and risk, will discuss how the combination of Big Data security analytics and network analysis and visibility (NAV) capabilities provide the necessary extra ingredients for SIEM to move from merely a compliance reporting platform to delivering situational awareness and "INTEL" to: • Detect breaches and threats in near real-time • Help stop intrusions • Prevent the exfiltration of data

The Top 5 Myths to Protecting Your Data, and What to do About It

The Top 5 Myths to Protecting Your Data, and What to do About It

Customer data. Corporate financials. HR records. Strategic M&A plans. These are all part of the ecosystem of data that you have to protect. How effective are your current processes in delivering this protection? If traditional security technologies actually delivered the promised level of protection, why is there a constant stream of companies still getting breached, losing their customer data, and failing audits?

Why NAC? Why now?

Why NAC? Why now?

Why are so many enterprises rushing to implement network access control (NAC) now? Watch this webcast to learn about the many uses of NAC, including techniques to:

5 Proven Practices to Address Security & Compliance in Cloud Applications Like Salesforce, Google Apps, and Office 365

5 Proven Practices to Address Security & Compliance in Cloud Applications Like Salesforce, Google Apps, and Office 365

Many organizations aren't just moving to the cloud, they're sprinting! But too often, concerns about security and compliance emerge and projects end of being delayed, and in a few cases, even cancelled all together. What are the proven practices that organizations are employing to address security and compliance concerns and keep cloud application projects moving forward?

Securing Big Data: Security recommendations for Hadoop and NoSQL environments

Securing Big Data: Security recommendations for Hadoop and NoSQL environments

This webcast examines security for "Big Data" environments, reviewing built-in protections and weaknesses of these systems. Our goal is to educate Big Data users on security problems they face with pragmatic advice on how to secure these environments.

Smarter Data Loss Prevention: Unleashing DLP's Secret Weapon

Smarter Data Loss Prevention: Unleashing DLP's Secret Weapon

One of the biggest challenges for IT Security departments is the threat of authorized users causing inadvertent data breaches. Confidential data sent to the wrong people can result in embarrassing headlines, lost business, and large financial penalties.

Websense Shares how Development Testing can Reinforce its Secure Software Development Lifecycle

Websense Shares how Development Testing can Reinforce its Secure Software Development Lifecycle

Tens of thousands of organizations from across the globe depend on Websense to secure web, data, and email content. Websense provides a unified content security platform, allowing its customers to take advantage of powerful new communication, collaboration, and Web 2.0 business tools while protecting them from advanced persistent threats. All this helps to prevent the loss of confidential information and enforce Internet use and security policies.

Assessing the Risk of DDOS: A Path to Scaling For Proactive Protection

Assessing the Risk of DDOS: A Path to Scaling For Proactive Protection

Given the alarming growth and unpredictability of distributed denial of service (DDoS) attacks, the availability of an organizations' critical Web systems depends on its ability to adapt and scale across the entire online infrastructure.

Simplifying data security and key management

Simplifying data security and key management

In today's complex business environment, it's becoming harder for information security groups to keep up with demands for securing their data throughout the enterprise. In today's webcast we will discuss the risks to sensitive data and some of the fundamental challenges with securing data efficiently. We will also explore how enterprises are now taking a data-centric view at securing their data, and how they are simplifying their efforts.

Mind The Gap: Making PCI Compliance Reality Through Predictive Network Modeling and Visualization

Mind The Gap: Making PCI Compliance Reality Through Predictive Network Modeling and Visualization

Join Davi Ottenheimer, president of risk mitigation firm flyingpenguin and an assessor with technology consulting firm K3DES, and Andrew Maguire of security management firm RedSeal Networks on Tuesday, Aug. 14, 2012 at 2:00 p.m. EST for a webcast that details how merchants and service providers can more cost effectively achieve PCI compliance with their networks.

The Anatomy of Data Breach

The Anatomy of Data Breach

According to Verizon's 2012 Data Breach report, 71% of breaches involve an employee. From ringleader, to unwitting participant, employees are potentially a company's greatest risk. SpectorSoft's Webinar - 'The Anatomy of a Data Breach' - explores how long breaches take, the methods by which they occur, and how they are discovered. The Webinar will also cover how SPECTOR 360 User Activity Monitoring software protects organizations during each phase of a Data Breach. SPECTOR 360 permits employers to discover, document, and draw attention to the business threats facing their workplace every minute of every business day.

Security Context Delivers Actionable Intelligence

Security Context Delivers Actionable Intelligence

Just as context is key to understanding a concept, security data can also be enriched with contextual data to provide better understanding and actionable intelligence. Learn how a security foundation built on organizational, infrastructure and external context can elevate the information provided by both "Next Generation" and legacy security devices provides actionable intelligence - the ability to quickly and efficiently make fully informed security decisions.

Enterprise Encryption and Key Management Strategy : The Time is Now

Enterprise Encryption and Key Management Strategy : The Time is Now

CISOs and their peers realize that ad hoc encryption is no longer adequate - leading to higher costs and increased risk. So, what's needed? An enterprise encryption and key management strategy that can extend across all sensitive data, in all formats, across the entire organization.

Data Encryption: If they Can't Sell It, They Won't Steal It

Data Encryption: If they Can't Sell It, They Won't Steal It

As cybercriminals have become more skillful and sophisticated, the constantly mutating threat landscape requires new defensive measures. How can companies prevent cybercriminals from monetizing stolen data? Hear a leading Forrester analyst and Vormetric share their latest research and tips for protecting your sensitive data.

Developing Best Practices to Application Whitelisting: An In-Depth Technical Webcast

Developing Best Practices to Application Whitelisting: An In-Depth Technical Webcast

As IT professionals know, endpoint security needs are evolving: new vulnerabilities are disclosed every day, new malware creation is exploding, and traditional AV signatures cannot keep up. You know that patch management and AV are necessary - but not sufficient - layers of endpoint defense. Intelligent application whitelisting is an important addition to your risk mitigation strategy, and taking prudent measures to establish a best practices approach can help reduce costs and risks in the long term.

Defending Against the Rise of Hactivism

Defending Against the Rise of Hactivism

DDoS (Distributed Denial of Service) attacks have evolved from a nuisance perpetrated by pranksters to a sophisticated tool wielded by criminals. DDoS defenses are rising to the challenge, incorporating greater scale and intelligence. DDoS defense is no longer one size fits all.

Disclosures 2012: The Vulnerability of Publicly Traded Companies

Disclosures 2012: The Vulnerability of Publicly Traded Companies

The proliferation of cyber attacks that we have witnessed in the past year has sparked intense interest in the disclosure of cybersecurity risks by public companies. Public companies are subject to greater compliance requirements, generally have more funding, and were recently encouraged by the SEC to disclose material cybersecurity risks in their SEC filings.

Cyber Threat Readiness - The New Reality

Cyber Threat Readiness - The New Reality

Most IT security professionals readily acknowledge that is only a matter of time before their organizations experience a breach, if they haven't already. And, according to the recent Cyber Threat Readiness Survey, few are confident in their ability to detect a breach when it happens.

Moving Securely to Virtual Data Centers

Moving Securely to Virtual Data Centers

Compelling economic and operations benefits puts moving to virtual data centers high on the approved projects list of many organizations. New processing and security infrastructure, including next gen firewalls, promise significant leaps in both performance and security. But what are the key factors to focus on to ensure these are delivered as promised?

Harris Interactive Survey Findings: Securing Enterprise Data & Best Practices for Secure Mobility

Harris Interactive Survey Findings: Securing Enterprise Data & Best Practices for Secure Mobility

A recent survey of 302 IT decision makers in the U.S. and Canada revealed 91% of companies allow removable storage devices on their corporate networks, but only 34% enforce encryption.

Visualizing Risk - Measure Twice, Act Once

Visualizing Risk - Measure Twice, Act Once

The challenge every security pro faces each morning is "what to do first?" Big picture planning, threat detection, refining operations and automating compliance clamor for attention every day. How to be most effective? By consistently making fact-based decisions, based on operations data, that reflect your organization's priorities.

The Politics of Security: Getting What You Want (And Avoiding What You Don't)

The Politics of Security: Getting What You Want (And Avoiding What You Don't)

Real-life discussions of CSO/CISOs on avoiding the pitfalls and problems of enterprise IT Security—negotiating risk between executive suite, business units, and even within their own IT organizations.

Increasing Security while Decreasing Costs when Virtualizing In-Scope Servers: Case Studies for Decision Makers on Maximizing Accountability and Visibility

Increasing Security while Decreasing Costs when Virtualizing In-Scope Servers: Case Studies for Decision Makers on Maximizing Accountability and Visibility

Gain insights into how to virtualize more by building a security fortress around your "in-scope" virtual environment with HyTrust. Join HyTrust experts and specials guests outline the business drivers for this critical security blueprint.

Security Management 2.0: Time to Replace Your SIEM?

Security Management 2.0: Time to Replace Your SIEM?

The reality is that many organizations have spent millions and years trying to get productivity out of their SIEM - with mediocre results. Most security teams need to start asking themselves some key questions: Is it time? Are you waving the white flag? Has your SIEM failed to perform to expectations despite your significant investment? If you are questioning whether your existing product can get the job done, you are not alone.

Unified Security: Respond and Prevent to Manage Risk

Unified Security: Respond and Prevent to Manage Risk

Today, business is conducted over a variety of networks and devices. As a result, traditional data protection is more complex than ever before. It is no longer feasible to protect data by preventing one type of attack at a time with specialized products that work in isolation.

Continuous Monitoring: You Can't Take your Eye Off the Ball - Ever!

Continuous Monitoring: You Can't Take your Eye Off the Ball - Ever!

Attackers don't sleep. Actually, their automated tools for reconnaissance never take a break and due to the power of the Internet, an attack on your organization can originate from literally anywhere. Compound that with the ongoing failures of most preventative security measures (AV, IPS, etc.) and the increasing sophistication of targeted attackers, and you leave organizations with no choice but to focus more on detection than prevention. Join Securosis analyst Mike Rothman and Tenable Network Security's product manager Jack Daniel on this webcast and learn how an approach to continuous monitoring can help any organization "React faster and better" to emerging threats, and the importance of monitoring everything you can.

Top Three Ways to Detect Advanced Malware Infiltrations and APTs

Top Three Ways to Detect Advanced Malware Infiltrations and APTs

In 2011, breaches dominated the security headlines. Whether you call them advanced persistent threats (APTs), targeted attacks, or advanced malware infections, their devastating results are the same. And stopping data theft from these advanced cyber threats has become a high priority project for many companies. What's so different about these stealthy threats that allow them to bypass traditional security layers? How are they successful at infiltrating networks?

Fight Back Against Spear-phishing - Arm the User

Fight Back Against Spear-phishing - Arm the User

Looking at the news in information security across the last 18-24 months, one common denominator emerges - the user has become the unwitting accomplice in the breach of our networks. Invincea offers a solution to this problem - a solution that protects the network from the user and the user from him or herself.

Secure Mobile Computing on USB

Secure Mobile Computing on USB

Secure portable operating environments on USB have evolved to being able to carry an entire operating system on a small flash drive form factor. Boot-from-USB solutions on secure USB devices can instantly turn a non-trusted, unmanaged machine into a fully managed trusted desktop. Teleworkers can use home computers as if it were a corporate laptop. Corporate machines can be re-purposed for multiple uses such as separating environments, or thin client replacements.

Protect the Enterprise in Your Pocket | Managing Mobility with iPhone/ iPad Security

Protect the Enterprise in Your Pocket | Managing Mobility with iPhone/ iPad Security

Your end users are connecting their personal devices, including iPhones & iPads, onto the enterprise network using unsecure networks, from coffee shops to airports, basically everywhere. That's why we consider the enterprise to now be in the pocket of your employees, anywhere they use mobile devices.

Regain Control of Your Firewalls: Tighten Security and Streamline Operations

Regain Control of Your Firewalls: Tighten Security and Streamline Operations

More than two decades into utilizing network firewalls, most organizations are still struggling to properly manage them. Cluttered rulesets, overly permissive policies, and poor change management processes are just some issues plaguing organizations.

Security Management 2.0: Time to Replace Your SIEM?

Security Management 2.0: Time to Replace Your SIEM?

The reality is that many organizations have spent millions and years trying to get productivity out of their SIEM - with mediocre results. Most security teams need to start asking themselves some key questions: Is it time? Are you waving the white flag? Has your SIEM failed to perform to expectations despite your significant investment? If you are questioning whether your existing product can get the job done, you are not alone.

10 minutes on "Rethink Your Endpoint Security Strategy"

10 minutes on "Rethink Your Endpoint Security Strategy"

Today's IT network is more distributed and virtual than ever with the increased use of remote endpoints and cloud-based applications. And increasingly sophisticated malware is targeting the information stored on and accessed by these endpoints and applications. The security status quo has left organizations managing a multitude of products - and has not reduced the IT risk. This series examines the evolving threat landscape, why current defenses are decreasing in effectiveness and what key strategies you can implement to shift from the status quo and improve security from zero-day and targeted attacks, while also simplifying and reducing the costs of managing the endpoint environment.

Database Monitoring & SIEM — Beyond Compliance to Data Breach and Fraud Detection

Database Monitoring & SIEM — Beyond Compliance to Data Breach and Fraud Detection

Database Activity Monitoring is a key requirement of many compliance mandates - monitoring and logging all database activity to ensure that sensitive data is being access appropriately, and by the right people. But when DAM and SIEM are integrated, the combination provides valuable context that can be used to actively protect your network from data loss and fraud. Learn how an integrated, high performance SIEM & DAM solution both addresses compliance needs and helps detect insider threat and external attacks.

Securing, controlling and auditing critical databases

Securing, controlling and auditing critical databases

Implementing compliance and internal audit reporting for databases is a critical IT requirement. Auditors need proof that databases containing sensitive data were not improperly accessed or altered, and database administrator activity must belogged and monitored.

SC Magazine 20/20: Mobile Security and Network Access Control Essentials

SC Magazine 20/20: Mobile Security and Network Access Control Essentials

Smartphones, tablets and personal devices are on your corporate network. Your users want personal connectivity and executives wants added productivity, but security must be maintained. What is the prudent path to satisfy all constituents? Lead by Illena Armstrong and Gil Freidrich VP of Technology at ForeScout, this timely webcast will examine: key mobile security risks, pertinent policies and alternative countermeasures, 5 proven scenarios for effective guest management, and phased steps for effective visibility and seamless enforcement.

The State of Software Security

The State of Software Security

What vulnerabilities threaten the integrity and performance of your software in the software supply chain? Find out In Veracode's presentation The State of Software Security -- a semi-annual report representing the anonymized data from billions of lines of code submitted for analysis by large enterprises, commercial software providers, open source projects, and software outsourcers in Veracode's cloud-based application risk management services platform.

Physical Logical Convergence: Enhanced Security for the Enterprise

Physical Logical Convergence: Enhanced Security for the Enterprise

As approaches for logical and physical access increasingly draw on similar technologies, CIOs seek efficient methods to consolidate these two environments to save money and enhance security. With the evolution of smartcard technology, enterprises can integrate two security environments — physical and logical access — to provide consolidated management, improved ROI and a total security view.

The Dependent Relationship of IT Security and Business Performance

The Dependent Relationship of IT Security and Business Performance

The forceful advancement of Web 2.0 applications and mobile devices have revolutionized how companies operate. They've also radically affected the day-to-day processes of a typical IT department. So the question remains: how can IT create policies that help increase employee productivity and still enforce tight security measures?

Detecting Advanced Threats and Malware with SIEM

Detecting Advanced Threats and Malware with SIEM

While many organizations have deployed security information and event management (SIEM) solution to meet regulatory compliance requirements, high performance SIEM solutions can do much more. By correlating events, logs, and network flows SIEMs can uncover a range of diverse &low and slow" attacks. With threats moving rapidly "up the stack," content aware SIEMs can integrate database session and application layer data to detect dangerous botnets, hidden payloads and covert communications channels.

The True Cost of AV: How to Ensure More Effective and Efficient Endpoint Security

The True Cost of AV: How to Ensure More Effective and Efficient Endpoint Security

Tuesday April 5th 2011 - Today, more than 1.6 million new malware signatures are identified each month. And more organizations are falling prey to "zero-day" attacks - malware for which an anti-virus signature does not exist. It's no surprise that roughly half of the organizations surveyed in a 2010 Ponemon Institute study reported an increase in their IT operating expenses - a main driver of that cost increase was malware. Traditional anti-virus simply can't keep up in the malware arms race and relying on it as your primary defense will prove costly.

Stop Threats and Data Breaches at the Source. New CPE credit opportunity!

Stop Threats and Data Breaches at the Source. New CPE credit opportunity!

Wednesday, Mar. 30th 2011 - Every day information security analysts battle a technically competent and motivated adversary determined to harm their organizations. Join our webcast to understand the tactics used by hackers and malicious insiders as they try to extract confidential data without authorization. You will also learn how to achieve complete visibility across your organization with SIEM, and how a focus on User Monitoring, Database Activity Monitoring and File Monitoring can stop these adversaries in their tracks.

Security in the Social Web: 2010/2011 and Beyond

Security in the Social Web: 2010/2011 and Beyond

Thursday, Mar. 31st. 2011 - It's unavoidable: Your company has to go social to keep up with today's Web culture. But sites like LinkedIn, Twitter, and Facebook are easy targets for spam, malicious code, and poisoned Web links. This puts your organization just one click away from a serious security breach. Find out how to dodge these threats while riding the cutting edge of the social Web.

10 Minutes on Multi-Factor Authentication

10 Minutes on Multi-Factor Authentication

Escalating IT security threats and strengthening regulatory requirements are driving adoption of multi-factor authentication to unprecedented levels.

The True Cost of Compliance - Ponemon Institute Research Study

The True Cost of Compliance - Ponemon Institute Research Study

Ponemon Institute and Tripwire have completed their annual cost of compliance benchmark study of multinational organizations. The study reveals that the costs of non-compliance, which includes disruption of services, fines, legal fees and more, is almost three times the cost associated with compliance. It also provides insight into activities organizations can undertake to reduce the cost of compliance while also improving security.

Visual Privacy: Is it the Weak Link in Your Data Security Strategy?

Visual Privacy: Is it the Weak Link in Your Data Security Strategy?

Did you know two-thirds of working professionals expose sensitive corporate data outside the workplace - some even exposing highly regulated and confidential information like customer credit card and social security numbers? Visual Privacy - the protection of sensitive information as it is displayed on screen - is an emerging issue in information security and an under-addressed area of risk in corporate security policies. Given the rapid digitization of sensitive information and the growing mobility of workers today, the need to protect displayed information has grown substantially.

10 Minutes on Securing Virtualized Data Center Infrastructure

10 Minutes on Securing Virtualized Data Center Infrastructure

Virtualization is the number one technology priority for Enterprise CIO's according to a recent Gartner survey.

Top 5 Security Threats to Watch for in the Coming Year

Top 5 Security Threats to Watch for in the Coming Year

Are you ready for 2011? As we return from the holidays for another year, we should be prepared for the security threats we will face in 2011. In this webcast, ArcSight security expert, Aarij Khan, will highlight what to expect in the upcoming year.

The trusted insider threat - Lessons learned from WikiLeaks

The trusted insider threat - Lessons learned from WikiLeaks

Protecting against and detecting potential data leakage is at the heart of the WikiLeaks controversy. However there is no "one size fits all" solution. It must be addressed at multiple levels with collaborating technologies, including SIEM, database monitoring and application monitoring, to provide the most complete prevention and detection strategy possible.

10 Minutes on Universal Log Management

10 Minutes on Universal Log Management

How many log management solutions does it take to mitigate cybersecurity risks, demonstrate compliance and streamline operations?

Borderless security: confidence in a virtual world

Borderless security: confidence in a virtual world

With the recent surge in workforce mobility, social networking and Web 2.0, organizations today face a new generation of threats that jeopardize the traditional corporate umbrella.While these areas are creating exciting new ways to connect with employees, customers and clients, they are also expanding the borders of the traditional enterprise and therefore introducing new avenues for potential breaches in security.

10 Minutes on Automating Database Vulnerability Assessment to Prevent Data Breaches

10 Minutes on Automating Database Vulnerability Assessment to Prevent Data Breaches

Databases have, by far, become the leading target of hackers and insiders with malicious intentions. According to Verizon's 2010 Data Breach Investigations Report, 92% of breached records originated in database servers. The fact that they contain organizations' most valuable data, such as customer records, financial information, employee PII and credit card data make them an attractive target.

Detecting Advanced Threats and Malware with Content Aware SIEM

Detecting Advanced Threats and Malware with Content Aware SIEM

While many organizations have deployed security information and event management (SIEM) solution to meet regulatory compliance requirements, high performance SIEM solutions can do much more. By correlating events, logs, and network flows SIEMs can uncover a range of diverse "low and slow" attacks. With threats moving rapidly "up the stack," content aware SIEMs can integrate database session and application layer data to detect dangerous botnets, hidden payloads and covert communications channels.

The Compliance Factor: Protecting your Customer Data and Your

The Compliance Factor: Protecting your Customer Data and Your

Government has had an increasingly heavy hand in how U.S. businesses protect their networks and the sensitive data within them by introducing legislation with major IT security implications, such as HIPAA, NERC and SOX. In the case of PCI DSS, the industry is self-regulating to try and stay ahead of government actions. With increasing demand for stronger levels of privacy and protection from malicious threats, companies must meet ever-evolving requirements or risk having both their reputations and revenue streams destroyed by breaches and the bad publicity that ensues.

Cloud Security: The IDentity Factor

Cloud Security: The IDentity Factor

If you're building out your Cloud Security strategy - or already have one in play - you will not want to miss this Webinar. In "Cloud Security - the Identity Factor", Ping Identity's CTO, Patrick Harding, will discuss the critical role of Identity in Cloud Security. The Webinar will address the dangers of synchronizing passwords, and why Internet Single Sign-On is a secure alternative.

A Practical Approach to DLP: Dive in!

A Practical Approach to DLP: Dive in!

DLP projects have tended to founder in complexity - and a lot of that is the discussion of hypothetical cases: what if we find this? How should we escalate or define a process if we find that? But many organizations report that what they find with DLP technology is often very different from what they thought they would.

BeyondTrust 10 minute Webcast Series

Drawbacks of Open Source Privileged Identity Management, Least Privilege Application Compatibility for Windows 7 Migrations, & Top 5 Things You Should Do for Your Virtualized Environments

Blue Coat 10 minute Webcast Series

Blue Coat 10 minute Webcast Series

Compliance without Complexity & 2020 Vision of Web Security

Sign up to our newsletters

POLL