Infosecurity White Papers
Your Guide for Migrating from 1024-bit to Stronger SSL Certificate Key Lengths
Managing certificates during a time of key size migration can be difficult. Website or production outages can be costly and have a negative impact to business. This guide aims to help educate and inform users of TLS/SSL certificates about the upcoming change in key lengths and tips on managing their transition to using stronger SSL certificates.
When ‘Secure Enough’ Isn’t Enough
We’ve all seen the reports about what goes wrong when proper controls are not implemented while storing and transferring data. Large enterprises face messy notifications, customer dissatisfaction and, in many cases large fines. In fact, a data breach in the U.S. comes with an average price tag of $5.5 million, according to a 2011 Ponemon Institute study.
SSO and Beyond: Why Single Sign-On Solutions are Absolutely Essential, but Rarely Enough
Why single sign-on solutions are absolutely essential, but rarely enough.
Achieving a Comprehensive Information Security Strategy Using Certificate-based Network Authentication
Certificate-based network authentication can be a powerful first step towards a safer, more agile business. This paper explains how it works and how it compares to other leading identity and access management solutions.
The New Prescription for Privacy: Understanding and Meeting Security Requirements for Electronic Health Records
Technology continues to make information more readily available to a larger group of people than ever before. Yet even as the latest technological advances bring a greater wealth of opportunities for sharing and distributing knowledge, each advance also increases the risk that sensitive data will land in the wrong hands.
Infosecurity US 2013 Summer Virtual Conference Keynote Address: Blueprint for the Perfect Attack
Kevin Bocek’s presentation slides from his keynote address - Blueprint for the Perfect Attack – Open doors in your advanced attack strategy?
Advanced, Targeted Attacks: Close the Open Door on Cryptographic Key and Certificate Threats
Cybercriminals have discovered a new attack vector: Exploiting the trust that keys and certificates establish.
Preventing Data Loss Through Privileged Access Channels
Privileged users and processes have access to the most sensitive data and systems but because their communications are encrypted, they bypass basic security safeguards such as data loss prevention, firewalls and IPS. This latest white paper focuses on how to restore visibility and security to these encrypted pathways in and out of your network.
Data Security in the Cloud - Protecting Business-Critical Information in Public, Private, and Hybrid Cloud Environments
Maintaining control over the data is paramount to cloud success. In this Whitepaper, learn about Cloud Computing Security Challenges, Techniques for Protecting Data in the Cloud and Strategies for Secure Transition to the Cloud.
Gartner Case Study: Securing BYOD with Network Access Control
The new Gartner case study highlights how an organization utilized NAC and mobile device management solutions to establish policies for enabling a BYOD environment with an acceptable level of risk.
Taking the Sting Out of Java Vulnerabilities
Java vulnerabilities have dominated the security headlines. Some observers now say organizations should simply turn off the ubiquitous software platform.
Ponemon Institute 2013 Cost of Failed Trust Report: Threats & Attacks
Every enterprise is potentially risking upwards of $400 million from attacks against cryptographic keys and digital certificates—yet few enterprises are managing these critical resources.
Magic Quadrant for Network Access Control
Read the Gartner report on Network Access Control with ForeScout as a Magic Quadrant Leader. Find out how all the NAC vendors stack up and the importance of Magic Quadrant leadership for your company.
Third-Party Applications in the Enterprise: Management and Risk Mitigation of Third-Party Applications
Third-party applications, browsers and plugins have become the attack vector of choice for the modern cyber criminal. Computing surveyed over 200 UK business decision makers to understand how they perceived the risks that they faced from third-party applications.
Demystifying PCI DSS: Expert Tips and Explanation to Help You Gain DSS Compliance
The Payment Card Industry Data Security Standards (PCI DSS), with its over 200 requirements, can seem like a daunting set of regulations. Nonetheless, if your organization handles any kind of credit card information, you must be PCI DSS compliant.
The Cloud Advantage: Five Ways the Cloud Is Better for Business When Disaster Strikes
After Hurricane Sandy struck, companies with well-architected, thoroughly tested, and fully documented disaster recovery (DR) plans and solutions were able to bounce back quickly.
Aberdeen - The Impact of Managed File Transfer
Why are so many companies uncomfortable with their ability to manage active business data - and where is this data coming from? Companies are experiencing new challenges from the ever-increasing size, speed and variety of data. Social media has exploded in recent years, but other business issues are contributing to the dilemma.
Global Threat Trends – January 2013
The January 2013 report from ESET covering the top threat trends occurring globally in the past month. Plus a feature article from ESET Senior Research Fellow, David Harley, on how viruses are circulated in email hoaxes.
SSH User Keys and Access Control in PCI-DSS Compliance Environments
This white paper analyses how emerging key management and access control technologies will likely impact PCI compliance mandates and presents SSH’s Universal SSH Key Manager as a solution that can be implemented today to both increase security controls and meet the coming, common sense changes to compliance mandates.
Rule-Driven Profiling – A Next-Generation Approach to Vulnerability Discovery
The sheer magnitude of the enterprise vulnerability problem is daunting. In today’s enterprise-scale networks, scanners may identify tens of thousands or hundreds of thousands of vulnerabilities at once. Review and remediation efforts may take weeks. New vulnerabilities and threats are introduced daily.