Infosecurity White Papers

  1. Building Your Response Plan: Critical Steps and Best Practices

    These days, businesses of all sizes need to be concerned about cyber attacks. The attack size and frequency have continued to rise. What’s more, the DDoS underground has made it easier for anyone – even without technical skills – to launch a damaging DDoS attack.

  2. SANS 2018 Threat Hunting Survey Results

    Threat hunting is an approach that drives security benefits across the organization. This paper looks at the state of threat hunting and provides approaches organizations can take to amplify their threat hunting programs.

  3. How to Include a Preventative Measure into your Detection & Response

    You’ve fortified your defences. You follow industry best prac¬tices. You’ve purchased the latest and greatest technology. Yet attackers still penetrate your defences. In a world where it’s expected that attackers will successfully breach your perimeter, what chance can you possibly have to protect your business?

  4. 5 Critical Steps to Successful Risk Assessments

    It’s imperative that organisations conduct risk assessments when preparing, maintaining and updating their cyber security policies and programs. Thorough risk assessments help you identify and address any threats that your organisation may face, allowing you to mitigate them before it’s too late. Organisations that are not ready or not looking to implement ISO 27001 should also read this paper to understand what data protection and cyber security risks they might be taking.

  5. NTT Security 2018 Global Threat Intelligence Report Executive Guide

    The relentless evolution of the threat landscape places the onus on businesses to innovate more rapidly than their adversaries. Cyber-awareness from the top down is imperative if the business, clients, and employees are to be protected.

  6. Web Application: A Guide to Security in the Modern Era

    Virtually all enterprise applications and assets have become web-facing whether in the form of a traditional web-application, cloud applications, APIs, microservices, or legacy apps accessed through a web interface. These applications are being continuously developed and delivered at unprecedented speed, and are constantly being probed and attacked by human and automated threats.

  7. Privileged Access Management in the Cloud

    Cloud migration of all critical resources, or even a portion for hybrid environments, presents serious security challenges and risks to the organization.

  8. Why Bots are Security's Blind Spot, and How to Manage Them

    For organizations and their focus on identity, this new wave of bots presents both a security challenge and a powerful opportunity.

  9. How to conquer phishing? Beat the clock.

    This whitepaper explains how the combination of automated, technology-driven pre-incident protection and post-incident protection and incident response is by far the fastest and most effective approach, quantifiably reducing the organisation's risk from phishing attacks by more than 70%, with ongoing upside.

  10. DDoS Case Studies: The British Library, Dutch Retail Bank & DNS Provider

    Access three DDoS case studies that recreate real life attack scenarios to gauge business readiness & understand improvement strategies.

  11. Impact of WAF Technology on Security Systems

    Due to the increased use of web applications as business workhorses and as targets for threat actors, securing web applications is just as essential as the capabilities of the web applications themselves. This paper explores the threats organizations face - from hackers exploiting private data and from their defenses against those attacks falling too far behind.

  12. A Practitioner's Guide to Application Security

    This guide will help to develop and improve your application security program.

  13. ESG:DNS for Cybersecurity Advantage

    What does the threat landscape mean for enterprise organizations and what should they do to close the cybersecurity gap?

    1. Photo of Jon Oltsik

      Jon Oltsik

      Sr Principal Analyst of Information Security, ESG

  14. Identity is Security

    With breaches frequently targeting enterprise users instead of their network and endpoints, it’s more important than ever for IT leaders to recognize that identity is security.

  15. The State of Open Source Vulnerabilities Management

    The rise in open source usage has lead to a dramatic rise in open source vulnerabilities, bringing to the fore interesting developments in open source security. The report drills down into the deeper layers of the open source phenomena and provides the latest insights on how organizations are handling vulnerabilities and what the future holds.

  16. Which Cyber Security Framework is Right for Your Business?

    This report outlines the seven most popular cyber security frameworks being used by businesses around the world.

  17. How to incorporate MDM into your endpoint security strategy

    This paper examines the reasons for incorporating mobile device management (MDM) into endpoint management.

  18. Anti-Phishing Requires A Three-Pronged Strategy

    This whitepaper explores how modern phishing techniques, are meticulously designed to defeat traditional email security approaches.

  19. Do You Need A Better Defense Strategy?

    5 questions to ask before you upgrade to a SIEM solution

  20. How Russian Twitter BOTs Weaponize Social Media to Influence and Disinform

    This study originated with a simple question: What proportion of Twitter’s most influential users have followings comprised of a high number of bots, and how does that composition make these users more vulnerable?

What’s hot on Infosecurity Magazine?