Infosecurity White Papers

  1. DDoS Response Playbook

    This handbook provides you with a practical guide for planning and executing a DDoS response plan.

    1. Imperva

  2. Video Download: ESG on Information-driven Security Based on RSA Security Analytics & RSA ECAT

    Watch Enterprise Strategy Group (ESG) Senior Analyst Jon Oltsik discuss why organizations need to develop strong processes and technologies for incident detection and response.

  3. Rethinking Endpoint Security

    Mention endpoint security to an infosec professional and he or she will likely think of antivirus software, vulnerability scanning, and patch management.

  4. Information-driven Security and RSA Security Analytics and RSA ECAT

    Large organizations are under constant cyber-attack and many are breached each day. How many? Aside from the infamous breaches at Neiman-Marcus, the New York Times, and Target in 2013, ESG research indicates that nearly half of all enterprise organizations experienced at least one successful malware-based attack over the past two years.

  5. Tinker Tailor Soldier Cyber

    Cyber! Botnets! Malware! We are all well read into the fifth domain, the cyber sphere, the challenges of the ethernet - aren’t we? Of course not! It is a sad reality that most would doubt that cyber presents one of the most significant security challenges in our history. The digital skills gap coupled with the unending stream of public/private sector network vulnerabilities continues and increasingly puts sovereign security and success at an unacceptable risk.

    1. Photo of Ash J. Hunt

      Ash J. Hunt

      Contributing Writer

  6. Why Mobile Is the Next Digital Identity

    How can this growing acceptance of the mobile platform — across geographies, verticals, cultures and even age groups — be leveraged and extended to secure traditional digital identities in both the physical and online spaces?

    1. Entrust

  7. Compliance Support For ISO 27001

    These published guidelines cover many areas surrounding “access control”, “audit and accountability”, “incident response”, and “system and information integrity”

    1. LogRhythm

  8. 451 Research: Honeypots, Threat Intelligence & SIEM

    Security information and event management (SIEM) products provide a plethora of data that can be enriched to the nth degree. However, this data is of little value unless it can be converted into meaningful information that organizations can use to proactively detect and respond to threats in an acceptable time frame.

    1. LogRhythm

  9. BLOOR: Security Intelligence: Solving the Puzzle for Actionable Insight

    …reducing the time to detect and respond to advanced cyber threats

    1. LogRhythm

  10. Is the Cloud Ready to Manage Security?

    Far from just being a storage space, the cloud is a resource that’s changing the very nature of business. It can be leveraged to broaden the sphere of enterprise operations, as well as bolster the efficacy of business transactions and improve company-client relations. The mobility built into the cloud means that organizations of all sizes can enjoy a business world without limits.

    1. Entrust

  11. Discover How Customer SIEM Requirements Have Evolved

    In this paper, Securosis, details how security needs have evolved for organizations and what to look for when choosing a SIEM.

    1. IBM MaaS360

  12. What Financial Institutions Need to Know About Secure Shell

    Secure Shell is ubiquitous within the financial services industry. However, Secure Shell is often viewed as “part of the plumbing” and typically does not get much attention from Compliance, Audit or Security.

    1. SSH Communications Security

  13. Video Download: An Enterprise Security Platform Approach to Threat Prevention

    Adversaries are becoming more advanced, carrying out high profile attacks against enterprises, government, the defense industrial base, and other key industries.

  14. Video Download: Hiding in Plain Sight - What’s Really Happening on Your Network

    Today’s cyber threats hide in plain sight amidst your network traffic, making them nearly impossible to defend against.

  15. Getting Started With a Zero Trust Approach to Network Security

    Zero Trust is an alternative security model that addresses the shortcomings of failing perimeter-centric strategies by removing the assumption of trust.

  16. Application, Usage and Threat Report

    The Application Usage And Threat Report provides an analysis of applications and their link to cyber threats within the enterprise.

  17. Gartner’s 2014 Magic Quadrant for Secure Email Gateways Report

    Gartner, Inc. positions Proofpoint in the Leaders quadrant in its 2014 Magic Quadrant for Secure Email Gateways report. Read the full report, compliments of Proofpoint.

    1. Proofpoint

  18. Forrester Research: Gaps in SSH Security Create an Open Door for Attackers

    In this Technology Adoption Profile (TAP) by Forrester Research, analyst, John Kindervag, emphasizes, “Two-thirds of IT security professionals do not perform the necessary checks for unauthorized use of SSH keys.”

    1. Venafi

  19. Enterprise Application Security - The 5 Key Benefits of Source Code Analysis

    Static Code Analysis is the technique of automatically analyzing the application’s source and binary code to find security vulnerabilities. Two categories exist in this realm: Binary Code Analysis (BCA) and Source Code Analysis (SCA).

    1. Checkmarx

  20. The Human Factor: How Attacks Exploit People as the Weakest Link in Security

    Get Insight into the ways attackers exploit end-users’ psychology. Learn how attackers exploit end-users have significant security implications for enterprise preparedness and defensive strategies.

    1. Proofpoint

Why not watch?

  1. Auditing AI Risk: Essential Strategies for IT & Compliance Leaders

  2. Dispelling the Myths of Defense-Grade Cybersecurity

  3. Identifying Concentration Risk and Securing the Supply Chain

  4. New Cyber Regulations: What it Means for UK and EU Businesses

What’s hot on Infosecurity Magazine?