August 11, 2017
Bloggers explore the growing role of cybersecurity machine learning, the capabilities of Microsoft's containers and how well SIEM works for threat detection.
July 21, 2017
This week, bloggers explore SaaS SIEM, applications as drivers of hybrid cloud, and the benefits and drawbacks of integrated systems.
July 14, 2017
Kaseya said its Powered Services offerings can help MSPs quickly expand their portfolios to include security and network management services; other news from the week.
May 17, 2017
This week, bloggers look into the open source networking option SNAS, SIEM for enterprises and automating device configurations.
SIEM Get Started
Bring yourself up to speed with our introductory content
Network access control systems keep rogue or compromised devices off of corporate networks. See how they work and the other security technologies with which they work. Continue Reading
Expert Ed Tittel looks at the features and capabilities of the Infoblox ActiveTrust threat intelligence service for providing data on the top IT threats to organizations. Continue Reading
An intrusion detection and prevention system for cloud services is an important part of an enterprise's security stature. Expert Frank Siemons discusses IDS/IPS in the cloud. Continue Reading
Evaluate SIEM Vendors & Products
Weigh the pros and cons of technologies, products and projects you are considering.
Before purchasing a network security system, consider where your data is located, who has access, where security tools will be deployed and if they're part of a unified strategy. Continue Reading
Organizations with massive volumes of IT operational data need log management tools that can quickly and adeptly process it. AI embedded into tools might be the answer. Continue Reading
Channel partners can make arguments for the integrated security suite and the best-in-class point product method, but the decision ultimately rests on a customer's specific needs. Continue Reading
Learn to apply best practices and optimize your operations.
Skill shortages and budget constraints have lead some companies to adopt a hybrid approach to managed security. Is it time for CISOs to start looking for 'expertise as a service'? Continue Reading
Meeting top security goals is only the first step. Get up to speed on how to avoid common pitfalls in the use of threat intelligence and analytics. Continue Reading
A lot of the cloud adoption in organizations has happened in an organic fashion with little to no IT involvement and even less policy oversight. In most cases, the security, policy and cloud governance model you implement will be somewhat retroactive in nature, says Chris Pogue, CISO at Nuix.
Among the challenges in these environments is a lack of standards for evaluating a vendor's risk management and cloud governance model. This month, Information Security magazine looks at steps to help security professionals gain more insight when employees are migrating critical applications and data to the cloud.
Evaluating the security postures of cloud providers, vendors and business partners is a constant dance with the details. Security professionals need specific information that they may not get. We look at enterprise security ratings services akin to what Equifax, Experian and TransUnion do in the financial sector to provide credit ratings for individual consumers. Although the security ratings services are just starting to emerge, these reporting tools may offer another view into the security postures of third parties, and in the board room.
Farsight Security CEO Paul Vixie joins us to discuss the latest research on threats to domain name systems. As talk of digital transformation continues, internet security and cloud governance models will remain top of mind for executives. "Now, IT is the big risk, and we are not looking at the old risks anymore now that the internet has connected everybody to everybody," Vixie says.Continue Reading
Problem Solve SIEM Issues
We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.
Cyberthreat intelligence is just data if it is not actionable. We offer tips to help your team focus on relevant CTI for faster threat detection and response. Continue Reading
The security incident response process isn't getting any easier, not in an age characterized by mobile workers, cloud computing and faster networks. So much can go wrong: Attacks can come from any source and use every method imaginable -- and some not yet identified. The trick is to get a grasp on what's most likely to breach your system, ensure that you're alerted when it does and know what you're going to do about it when it happens. To achieve this, you need to have a security incident response plan in place. As part of this plan, set up good policies and coordinated responses, making sure your IR tools are the most capable possible, including those that can automate aspects of the security incident response process.
This Insider Edition of Information Security magazine focuses on how to minimize cyber-risk through threat detection and incident response. Security pros will find the latest information on options for IR tools and other ideas on making your incident response process as effective as it can be.Continue Reading
DevOps is a process aimed at creating and updating applications quickly and, traditionally, it has lacked effective security controls. The software that was created too often contained vulnerabilities right from the start. Combining DevOps and security, or what is called DevSecOps, promises to solve this problem, reducing the time and effort required to fix security issues that could have been avoided altogether. An added bonus: DevSecOps promises to overturn longstanding views among some developers that security is an obstacle, not an aid, to good software development.
Beyond embedding security controls in the software development process, DevSecOps also involves using configuration management tools, monitoring logs and events, and performing vulnerability assessments. The end result is more secure applications and infrastructures.
This e-publication offers an in-depth look at what is involved in combining DevOps and security. Readers will come away with a deeper understanding of the promises DevSecOps offers and how it works.Continue Reading