Infosecurity White Papers
Aberdeen: Choosing and Consuming Managed Security Services
Learn the strategies, actions, and capabilities that Best-in-Class organizations employ and technologies they choose to obtain superior performance against various security performance metrics.
The Essential Series - Security Information Management
Maintaining information security is a multi-faceted operation that is best managed with a single comprehensive strategy rather than mix of tactics based on whatever point solutions are already deployed. Learn about the processes and technologies that support security information management (SIM) operations, as well as the business case for SIM.
Database Security and Compliance - Preparing for 2010 (Annual Study)
This study reveals some eye-opening database security and compliance trends based on research from 175 enterprise organizations.
The Challenges of Automated Application Assessments in a Web 2.0 World
This white paper, written by two security experts from Stach & Liu, Rob Ragan and Vincent Liu, describes the challenges of automated penetration testing or application scanning of Web 2.0 applications.
Cloud Application Security
Cloud computing promises to deliver IT infrastructure services via the Internet on an “as-needed, pay-per-use” basis. Cloud resources can be provisioned on-the-fly to support specific project needs, or they can be leveraged on a longer-term basis to add capability to an existing IT infrastructure. For some companies, cloud resources even serve as the entire IT infrastructure because of the ease and speed of deployment and cost-effectiveness compared to deploying an in-house infrastructure.
Protecting Your Network Against Web Attacks
The problem of Web-borne threats is not theoretical: millions of users have been impacted and the threat is getting worse. Today, Web threats are more numerous and virulent than those delivered in email, and it is easier to be infected by them.
The Latest ‘Blended Threats’
Blended threats are spam stealth attacks - moving undetected through your mail servers and blending in with all the other email - until they strike. They can compromise personal or corporate data, "recruit" computers into a network of bots, or initiate keystroke recording that collects passwords and other information.
10-step Guide to Easy Data Loss Prevention
You know your organisation's data is its lifeblood, yet the protection of IP and sensitive information is all too often inadequate in today's networked world.
Top 10 Global Threat Trends
This report, provided by Eset, offers an in-depth look at the top 10 malware threats through Sept.
Oct. U.K. Threat Report
A new report based, provided by Eset, provides details on the changing threat landscape in the United Kingdom.
Combat Cybercrime, Demonstrate Compliance and Streamline IT Operations
As the first decade of the new century draws to a close, organisations are increasingly being asked to prove that they have achieved compliance - as well as actually complying with - a raft of relevant data and privacy protection.
FTP: Enemy Within
Industry standards and government regulations such as Sarbanes-Oxley, PCI-DSS, HIPAA, Gramm-Leach-Bliley Act, and FISMA require organizations to constantly strengthen the protection of mission-critical information. With billions of dollars of annual losses attributed to security breaches, corporations are under pressure to eliminate non-secure legacy systems.
Validating the Business Benefits of Integrated Systems
IT organisations want to provide high-quality, low-cost technology services to business units as part of their basic mission. However, software complexity, manpower changes, mergers and acquisitions, and changing business requirements have complicated that mission. Trends such as managing mobility, virtualisation adoption, new and increasing compliance and governance requirements, and the need to modernise existing infrastructure add further complication to managing the IT environment.
Managing the Process of PCI Compliance
Security threats are real-time and continual and changes occur overnight..
Configuration Control Proven Solution with Auditors and IT
More than 250 online sites entrust MarketLive to deliver stellar shopping experiences to their customers, necessitating both safeguards to protect cardholder information and compliance with industry regulations such as the Payment Card Industry’s Data Security Standard (PCI). With an increasing number of retailers facing PCI requirements, MarketLive decided to cre¬ate a strategic market advantage and become PCI compliant themselves.
Case Study: Continuous Compliance Across IT Systems
Capital Card Services provides credit card service management to financial and non-financial companies that desire to offer credit products and wish to outsource the necessary back office services.
Comparison Guide: IP Phones
Compare side-by-side functionalities of seven leading IP phones.
Buyer's Guide: Enterprise PBX
Premise-based IP PBXes (Internet Protocol Private Branch eXchanges) are changing how businesses implement and use their voice communications.
PCi Compliance for Dummies
Compliance with the Payment Card Industry (PCI) Data Security Standard (DSS) is mandatory if your company stores, processes, or transmits payment cardholder data. This reference source, provided by Qualys, is all about understanding PCI and how merchants can comply with its requirements.
Avoiding 7 Common Mistakes of IT Security Compliance
Compliance is a key driver for deployment of IT security controls, and many organisations are pursuing automation to improve accuracy and lower costs of fulfilling requirements. Automating controls is not just laudable – it’s essential for finding and fixing a myriad of vulnerabilities that enable criminals to breach enterprise IT, disrupt electronic business processes, and steal confidential business and customer data.