March 2012 Issue of SCMagazine

March 2012 Issue of SCMagazine

0312 cover image


Stern oversight in the United States

U.S. agencies argue that monitoring social media will arm them with "situational awareness" to thwart potential attacks.


News briefs: The latest from the Google, Anonymous and others

News briefs: The latest from the PCI Security Standards Council, Google, Anonymous, Facebook and others...

Company news: Personnel moves and merger and acquisition activity

ThreatMetrix acquired TrustDefender, Voltage Securit partnered with Ingenico, Epsilon appointed Keith Morrow as EVP and CIO, and Chris Ray as CSO, and other news.

Threat of the month

Threat of the month: Compromised embedded systems

Threat of the month: Compromised embedded systems

2 minutes on

An abusive relationship

No single reported breach in recent memory better highlighted the risk that vulnerable third-parties present than when hackers last year raided Epsilon.

Me and my job

Me and My Job

Seth Bromberger liked the idea of working to keep the bad guys out of things.


Debate: The attack du jour, APTs, are real threats.

The attack du jour, APTs, or advanced persistent threats, are real threats.


Opinion: The password is dead

The massive fallout from the breaches of Gawker, Sony and others involving weak password authentication schemes show that the current password system is dead.

Protect data on the go

The exploding use of smart mobile devices and the business productivity that accompanies this trend has many CIOs and IT administrators reeling.

CSO's desk

Defining a DLP strategy

DLP solutions remain fairly immature, but the need to protect and monitor sensitive information is greater than ever.


Case study: An educated decision

Web applications remain a primary vector for attack, and the higher education space remains fertile ground for successful breaches. That's why West Virginia University wanted ...

CSO of the Year: Stephen Scharf

Stephen Scarf was a history major and an English minor in college. He then negotiated a diverse career path to reach his current role as ...

Code surety: Secure by design

More-than-decade-old bugs still plague web applications, and the challenge is only growing for programs migrating to the cloud. But new frameworks and heightened awareness can ...

Hacktivism endures

The threat posed by politically motivated attackers, known as hacker activists, or hacktivists, is far-reaching, yet authorities are finding it difficult to take down a ...

Product opener

Oh boy! A new group.

The big news this month is the addition of a new element: a set of reviews on emerging products that you can find exclusively on ...

Group Test 1

ADTRAN NetVanta 2630W

The NetVanta from ADTRAN offers some nice functionality in a small package.

Astaro Security Gateway

The Astaro Security Gateway is a flexible, full gateway security appliance that can be deployed and configured to fit almost any environment.

Cyberoam CR1000ia

The Cyberoam CR1000ia is a full-feature network security gateway that provides solid protection from a multitude of threats.

eSoft InstaGate 604

The eSoft InstaGate provides solid protection designed for the small to midsized business environment.

Fortinet FortiWiFi-40c

The FortiWiFi-40c from Fortinet provides features such as a firewall, intrusion prevention system, application control, virtual private network (VPN) and web content filtering all in ...

gateProtect GPZ 2500

The gateProtect GPZ 2500 is quite possibly the be all and end all of perimeter network security.

Kerio Technologies Kerio Control

Kerio Control from Kerio Technologies is comprised of software that can be installed on a dual-homed Microsoft Windows machine at the gateway or it is ...

M86 Secure Web Gateway v10.1

M86 Secure Web Gateway (SWG) proactively safeguards against malware and Web 2.0 threats using patented real-time code analysis (RTCA), dynamic web repair (DWR) technologies, and ...

NETGEAR ProSecure UTM9S v2.0.16-0

The NetGear UTM9S is an all-in-one security appliance that is deployed at the internet gateway.

SmoothWall UTM-1000

The SmoothWall UTM-1000 appliance combines SmoothWall Guardian Web Security with network security functions.

SonicWALL NSA 4500 v5.8.1

The NSA 4500 is a purpose-built appliance that can be deployed at the edge of a network, inside a network between various network segments, or ...

VASCO Data Security aXsGUARD Gatekeeper v7.6.4

The Vasco aXsGUARD Gatekeeper v7.6.4 is an authentication appliance intended for small and midsized enterprises.

WatchGuard XTM 810 Security Bundle v11.5.1

The WatchGuard XTM 810 Security Bundle is a full-featured security appliance for midsize businesses.

Wedge Networks BeSecure 1005G Anti-malware Gateway v4.0.1

The Wedge BeSecure Anti-malware Gateway is a family of web security appliances, capable of real-time deep content inspection for thousands of concurrent web, email, and ...

Group Test 2

HighCloud Security

This looks like a company that applied security solutions to challenges in the virtual world that are virtual versions of physical world problems.


Intigua has fixed it so one agent of a particular type can be used for all of the virtual machines that need it, instead of ...

HyTrust Appliance

HyTrust, essentially, manages admins in a virtual world.

Co3 Systems

Co3 handles the worst nightmare of most executives: the aftermath of a successful security incident that hits personally identifiable information of lots of people.

Catbird vSecurity 5.0

Basically, Catbird does for the virtual data center what it did “back in the day” for physical data centers.

Last Word

Chinese hacking may slow, but...

...nevertheless, companies need to do a better job of protecting IP, says Adam Segal.