April 2015 Issue of SCMagazine

April 2015 Issue of SCMagazine

Editorial

Giving sidelined IT security pros some love

Threats loom heavily on the minds of those charged with keeping critical data safe from bad actors, says Illena Armstrong, VP editorial, SC Magazine.

Update

News briefs: Kaspersky Lab discusses APT group, Axiom linked cyberattack against Anthem

Threat intelligence firm ThreatConnect uncovered connections between a Chinese cyberespionage group, called Axiom, and the cyber attack against health insurer Anthem.

Company news: New hires at CipherCloud and Emailage receives more funding

This month's company moves features new hires at Absolute Software, CipherCloud, Tenable Network Security and more.

Threat of the month

Threat of the Month: Komodia libraries

For this month's "Threat of the Month" series, we take a look at Komodia Redirector and SSL Digestor libraries.

2 minutes on

An answer to ransomware?

In recent years we've seen increasing numbers of companies fall victim to ransomware that encrypts a compromised computer's files.

Skills in Demand

Skills in demand: Web application security

With so many of us visiting the web for social-networking, shopping, banking, paying bills and general surfing, it's imperative that companies ensure their web facing ...

Me and my job

Me and my job: Johannes Ullrich, SANS Technology Institute

In this month's "Me and my job" feature, we get to know Johannes Ullrich of the SANS Technology Institute.

Debate

Debate: Your money is safe online.

Given the recent headline-grabbing breaches, in this month's debate information security professionals discuss whether or not money is safe online.

Opinion

Bad guys are inside

It is an assumption for many enterprises operating today that they may already have been compromised.

Mobile interfacing with IoT

The security community is abuzz about the risks of reverse engineering code.

Strike back on payment security

Passing the annual compliance assessment is just the start of a vigilant security program, says Stephen Orfei of the PCI SSC.

CSO's desk

The failure of the security industry

A CSO with a budget must be in want of a thousand dedicated point solutions, says Alex Stamos, CISO, Yahoo.

Features

Taming the third-party threat: Application security

The challenge for security practitioners is to make the mobile ecosystem more trustable, reports Alan Earls.

Make it stop!: Data breaches

Sharing lessons learned with managers and staff is key to halting breaches, says Lena Smart, CIO, New York Power Authority. Steve Zurier reports.

Case study: Fit for a queen

Queens College found a solution to monitor activity and manage devices on its network, reports Greg Masters.

Zone of protection: Hacker havens

To what extent is state-sponsored cybercrime extending the protection for hackers who operate outside U.S. borders? Karen Epper Hoffman investigates.

Product opener

Let's get authentic

Reviews this month address authentication, perhaps one of the biggest challenges information security pros face.

Group Test 1

Deepnet Security DualShield v5.8.1

DualShield is an enterprise-grade, unified, multifactor authentication platform that protects all commonly used business applications with a large selection of multifactor authentication methods.

VASCO DIGIPASS 760 and DIGIPASS for Mobile

DIGIPASS 760 is a trusted hardware device for visual transaction-signing that creates a secure optical communication channel between the end-user (client) and the organization (server).

Entrust IdentityGuard

Entrust IdentityGuard is a dual-factor authentication server, app, smart card manager, biometrics server and general jack-of-all-trades when it comes to dual-factor authentication.

Gemalto SafeNet Authentication Service

SafeNet Authentication Service is a cloud-based authentication service that uses a wide range of tokens and custom agents to support multifactor authentication to include one-time ...

Imation IronKey F200 Flash Drive

The Imation IronKey F200 Flash Drive is a simple, easy to set up and extremely secure device for users who need to transport confidential data ...

Cyphercor LoginTC

LoginTC from Cyphercor is a cloud-based solution that uses a mobile device or a desktop for authentication. It has easy-to-use iOS, Android and Chrome desktop ...

PistolStar PortalGuard

PortalGuard is a multifactor authentication, web-based single sign-on (SSO) through internet information services (IIS) and self-service password reset server and application rolled into one.

RSA Authentication Manager

The RSA Authentication Manager is a dual-factor authentication system designed from the ground up for enterprise deployment.

SecureAuth IdP

SecureAuth IdP is an identity provider – with a unique approach to securing user access control.

Swivel Secure Swivel Appliance

The Swivel Appliance is a competitive solution for two-factor authentication methods for clients searching for a secure product.

First Look

Bromium vSentry

This tool may have solved the problem of defending against sophisticated malware.

Last Word

Avoid a network stampede

The rise of IoT will require a completely new approach to network security, says vArmour CEO Timothy Eades.