Features

Features

• Role of CISO: FICO enlists CISO in security product management

  As head of FICO's information security program, Vickie Miller's role is wide-ranging.  Continue Reading

• Looming cloud security threats: How attacks will follow your data

  You can move your data to cloud-based systems and web services, but you can't hide it there. Hackers and predators have more ways to find it.  Continue Reading

• How to buy digital certificates for your enterprise

  In the market to buy digital certificates? Learn exactly how digital certificates work, which features are key and how to evaluate the available options on the market.  Continue Reading

• Industrial Network Security

  In this excerpt from chapter 3 of Industrial Network Security, authors Eric D. Knapp and Joel Langill discuss the history and trends of industrial cybersecurity.  Continue Reading

• Hacking Web Intelligence

  In this excerpt from chapter 8 of Hacking Web Intelligence, authors Sudhanshu Chauhan and Nutan Panda discuss how to be anonymous on the internet using proxy.  Continue Reading

• DNS Security: Defending the Domain Name System

  In this excerpt from chapter two of DNS Security: Defending the Domain Name System, authors Allan Liska and Geoffrey Stowe discuss why DNS security is important.  Continue Reading

• Google Earth Forensics: Using Google Earth Geo-Location in Digital Forensic Investigations

  In this excerpt from chapter five of Google Earth Forensics, authors Michael Harrington and Michael Cross discuss the process of digital forensics.  Continue Reading

• Digital Guardian for Data Loss Prevention: Product overview

  Expert Bill Hayes examines Digital Guardian for Data Loss Prevention and more of the vendor's DLP product lineup, which cover data in use, data in transit and data in the cloud.  Continue Reading

• CA Technologies Data Protection: DLP product overview

  Expert Bill Hayes examines CA Technologies Data Protection, a data loss prevention suite designed to protect data at rest, in transit and in use across enterprise devices, networks and cloud services.  Continue Reading

• Tripwire IP360: Vulnerability management product overview

  Expert Ed Tittel examines vulnerability management products from Tripwire, including the rack-mounted IP360 appliance and the cloud- based PureCloud Enterprise service.  Continue Reading

• Tenable Nessus Vulnerability Scanner: Product overview

  Expert Ed Tittel examines the Nessus vulnerability scanner series from Tenable Network Security, which includes client, cloud and on-premises vulnerability management products.  Continue Reading

• Want a board-level cybersecurity expert? They're hard to find

  Members of the board must be ready to defend their fiduciary decisions, corporate policies, compliance actions and, soon, cybersecurity preparedness.  Continue Reading

• Rapid7 Nexpose: Vulnerability management product overview

  Ed Tittel examines Rapid7 Nexpose, a vulnerability management product for physical, virtual, cloud and mobile environments that discovers assets and scans for vulnerabilities.  Continue Reading

• Qualys Vulnerability Management: Product overview

  Expert Ed Tittel examines Qualys Vulnerability Management, a product for organizations of all sizes that is designed to help admins identify, monitor and mitigate vulnerabilities.  Continue Reading

• Splunk Enterprise Security: Product overview

  Expert Dan Sullivan explores how Splunk Enterprise Security uses big data security analytics to incorporate multiple methods of data integration to identify malicious events.  Continue Reading

• Choosing the best web fraud detection system for your company

  This guide explains the technology and the key features an effective system should include to help readers evaluate fraud detection products and choose the best for their company.  Continue Reading

• RSA NetWitness Logs and Packets: Security analytics product overview

  Expert Dan Sullivan examines RSA's NetWitness Logs and Packets, security analytics tools that collect and review logs, packets and behavior to detect enterprise threats.  Continue Reading

• When to take a bug bounty program public -- and how to do it

  Bug-finding programs are valuable to enterprises, but they require a lot of planning and effort to be effective. Sean Martin looks at what goes into taking a bug bounty program public.  Continue Reading

• The security ratings game grades third-party vendors

  Can security ratings services patterned on consumer credit scores offer insight into the security postures of third parties and other business partners?  Continue Reading

• Blue Coat DLP: Data loss prevention product overview

  Expert Bill Hayes takes a look at Blue Coat DLP, a single appliance data loss prevention system that works with the company's web security gateway products.  Continue Reading

• Blue Coat Security Analytics Platform: Product overview

  Expert Dan Sullivan takes a look at the Blue Coat Security Analytics Platform, which is designed to capture comprehensive network information and apply targeted security analytics.  Continue Reading

• WinMagic SecureDoc: Full-disk encryption product overview

  Expert Karen Scarfone examines the features of WinMagic's SecureDoc, a full-disk encryption product for laptops, desktops, mobile devices and servers.  Continue Reading

• Mojo AirTight WIPS overview

  Expert Karen Scarfone looks at the features and functionality of Mojo Networks' AirTight WIPS, a wireless intrusion prevention system designed to detect and block WLAN attacks.  Continue Reading

• Automated Security Analysis of Android and iOS Applications

  In this excerpt of Automated Security Analysis of Android and iOS Applications with Mobile Security Framework, authors Ajin Abraham and Henry Dalziel discuss mobile application penetration testing.  Continue Reading

• How to start building an enterprise application security program

  Building an effective application security program can be daunting. Sean Martin talks with experts about the best first steps enterprises should take.  Continue Reading

• Cybersecurity blind spots: Mitigating risks and vulnerabilities

  Cybersecurity blind spots based in risk and vulnerabilities can be difficult to spot and address. Sean Martin talks with security experts on how to overcome that challenge.  Continue Reading

• CISSP online training: Software Development Security domain

  Spotlight article: Shon Harris explains the core concepts in the CISSP domain on software development security, including models, methods, database systems and security threats.  Continue Reading

• Aruba RFProtect WIPS: Product overview

  Expert Karen Scarfone examines the features of Aruba RFProtect, a wireless intrusion prevention system to detect and block WLAN attacks against enterprise networks.  Continue Reading

• Check Point Next Generation Firewall: Product overview

  Check Point Next Generation Firewall family combines firewalls with unified threat management technology, VPNs and more. Expert Mike O. Villegas takes a closer look.  Continue Reading

• Cisco ASA with FirePOWER: NGFW product overview

  Cisco combined the ASA series firewall with SourceFire's FirePOWER threat and malware detection capabilities. Expert Mike O. Villegas takes a closer look at this NGFW.  Continue Reading

• Strong authentication methods: Are you behind the curve?

  Not sure who's really behind that username and password? Google, Facebook and others may finally give multifactor authentication technology the 'push' it needs.  Continue Reading

• Proper network segments may prevent the next breach

  Companies still fail to implement secure network segmentation and role-based access. Here's how to protect your sensitive data and stay out of the headlines.  Continue Reading

• Voltage SecureMail encryption tool: Product overview

  Expert contributor Karen Scarfone takes a look at Voltage SecureMail for encrypting email messages in the enterprise.  Continue Reading

• Symantec Desktop Email Encryption: Product overview

  Expert contributor Karen Scarfone examines Symantec Desktop Email Encryption, a tool for encrypting email messages for individuals within the enterprise.  Continue Reading

• Information Governance and Security: Protecting and Managing Your Company's Proprietary

  In this excerpt of Information Governance and Security, authors John G. Iannarelli and Michael O'Shaughnessy offer tips for establishing guidelines for all departments or sectors of a business.  Continue Reading

• Integrated Security Systems Design

  In this excerpt of Integrated Security Systems Design, author Thomas L. Norman explains the tools of security system design, the place of electronics in the process, how to establish electronic security program objectives and the types of design ...  Continue Reading

• Securing VoIP: Keeping Your VoIP Networks Safe

  In this excerpt of Securing VoIP: Keeping your VoIP Network Safe, author Regis (Bud) Bates outlines different approaches to VoIP security and offers best practices to ensure infrastructure security is intact.  Continue Reading

• Detecting and Combating Malicious Email

  In this excerpt of Detecting and Combating Malicious Email, authors Julie JCH Ryan and Cade Kamachi discuss the elements of an email structure and touch on how attackers can use these elements to trick unwitting victims.  Continue Reading

• Designing and Building Security Operations center

  In this excerpt of Designing and Building Security Operations Center, author David Nathans reviews the infrastructure needed to support a SOC and maintain SOC security.  Continue Reading

• Comparing the best network access control products

  Expert Rob Shapland takes a look at the best network access control products on the market today and examines the features and capabilities that distinguish the top vendors in this space.  Continue Reading

• Comparing the top big data security analytics tools

  Expert Dan Sullivan compares how the top-rated big data security analytics tools measure up against each other to help you select the right one for your organization.  Continue Reading

• Comparing the top vulnerability management tools

  Expert Ed Tittel compares how the top-rated vulnerability management tools measure up against each other so you can select the right one for your organization.  Continue Reading

• Windows 10 Wi-Fi Sense for hotspot sharing: Is it safe?

  Microsoft's Windows 10 Wi-Fi Sense was designed to make hotspot sharing easy, but experts debate if the security risks are real and whether the new feature offers substantial benefits and relative safety.  Continue Reading

• Fortinet FortiGate UTM: Product overview

  Expert Ed Tittel looks at Fortinet FortiGate UTM appliances, which combine different network infrastructure protection features into a single device.  Continue Reading

• Cisco Meraki MX appliances: UTM product overview

  Expert Ed Tittel examines Cisco's Meraki MX UTM Appliances, a series of UTM products that combines various network security and protection features into a single device.  Continue Reading

• Check Point UTM Threat Prevention Appliances: Product review

  Check Point UTM Threat Prevention Appliances are recognized by our reviewer as consistent software architectures that are easy to configure.  Continue Reading

• Seven criteria for buying vulnerability management tools

  Expert contributor Ed Tittel describes purchasing criteria for full-featured vulnerability management tools for small organizations to large enterprises.  Continue Reading

• The business case for vulnerability management tools

  Expert Ed Tittel describes business use cases for vulnerability management tools and examines how organizations of all sizes benefit from these products.  Continue Reading

• Introduction to vulnerability management tools

  Expert Ed Tittel explores how vulnerability management tools can help organizations of all sizes uncover defense weaknesses and close security gaps before they are exploited by attackers.  Continue Reading

• Symantec Messaging Gateway and Symantec Email Security.cloud: Product overview

  Expert Karen Scarfone examines the Symantec Messaging Gateway and Symantec Email Security.cloud email security gateway products that detects and blocks messages that contain suspicious content and threats.  Continue Reading

• Proofpoint Enterprise Protection: Product overview

  Expert Karen Scarfone examines the Proofpoint Enterprise Protection email security gateway product, which scans inbound and outbound email messages for malware, phishing and spam threats.  Continue Reading

• McAfee Email Protection, Security for Email Servers: Product overview

  Expert Karen Scarfone reviews the McAfee Email Protection and McAfee Security for Email Servers products that are used for monitoring, blocking and quarantining email messages.  Continue Reading

• Clearswift SECURE Email Gateway: Product overview

  Expert Karen Scarfone reviews the Clearswift SECURE Email Gateway product, which monitors incoming and outgoing emails.  Continue Reading

• Fortinet FortiMail: Product overview

  Expert Karen Scarfone reviews the Fortinet FortiMail email security gateway product that is used for monitoring email messages on behalf of an organization.  Continue Reading

• Cisco Email Security Appliance: Product overview

  Expert Karen Scarfone reviews Cisco's Email Security Appliance product that is designed for detecting and blocking email-borne threats.  Continue Reading

• 'Going dark': Weighing the public safety costs of end-to-end encryption

  'Going dark' -- or the FBI's inability to access data because of encryption -- could put public safety at risk, intelligence officials say. But tech companies argue that strong encryption is needed to protect corporate and customer data.  Continue Reading

• Hewlett Packard Enterprise's ArcSight ESM: SIEM product overview

  Expert Karen Scarfone analyzes HPE's ArcSight Enterprise Security Management (ESM), a security information and event management (SIEM) tool used for collecting security log data.  Continue Reading

• EMC RSA Security Analytics: SIEM product overview

  Expert Karen Scarfone examines EMC RSA Security Analytics, a SIEM product for harvesting, analyzing and reporting on security log data across the enterprise.  Continue Reading

• AlienVault OSSIM: SIEM Product overview

  Expert Karen Scarfone checks out AlienVault's Open Source SIEM and Unified Security Management products for collecting event data from various security logs within an organization.  Continue Reading

• Splunk Enterprise: SIEM product overview

  Expert Karen Scarfone examines Splunk Enterprise, a security information and event management (SIEM) product for collecting and analyzing event data to identify malicious activity.  Continue Reading

• SolarWinds Log and Event Manager: SIEM product overview

  Expert Karen Scarfone examines SolarWinds Log and Event Manager, a security information and event management (SIEM) tool for collecting and analyzing event data to identify malicious activity.  Continue Reading

• IBM Security QRadar: SIEM product overview

  Expert Karen Scarfone takes a look at IBM Security QRadar, a security information and event management (SIEM) tool used for collecting and analyzing security log data.  Continue Reading

• LogRhythm's Security Intelligence Platform: SIEM product overview

  Expert Karen Scarfone examines LogRhythm's Security Intelligence Platform, a SIEM tool for analyzing collected data.  Continue Reading

• Introduction to big data security analytics in the enterprise

  Expert Dan Sullivan explains what big data security analytics is and how these tools are applied to security monitoring to enable broader and more in-depth event analysis for better enterprise protection.  Continue Reading

• Comparing the best intrusion prevention systems

  Expert contributor Karen Scarfone examines the best intrusion prevention systems to help you determine which IPS products may be best for your organization.  Continue Reading

• Lessons in mobile data loss protection for enterprise IT pros

  With mobile devices everywhere in the enterprise now, learning tactics for data loss protection must become an IT priority.  Continue Reading

• Comparing the top Web fraud detection systems

  Expert Ed Tittel explores the features of the top Web fraud detection systems and compares critical purchasing criteria.  Continue Reading

• Readers’ top picks for enterprise firewalls

  The companies and key functionality organizations seek out when they upgrade or add firewall technology to their enterprise environments.  Continue Reading

• Three criteria for selecting the right IPS products

  Expert contributor Karen Scarfone examines important criteria for evaluating intrusion prevention system (IPS) products for use by an organization.  Continue Reading

• Vormetric Transparent Encryption: Product overview

  Expert Ed Tittel takes a look at Vormetric Transparent Encryption, a component of Vormetric's Data Security Platform that encrypts data and does access control for that data.  Continue Reading

• HP Security Voltage's SecureData Enterprise: Product overview

  Expert Ed Tittel examines SecureData Enterprise, which is a part of the HP Security Voltage platform, a scalable database security product that encrypts both structured and unstructured data, tokenizing data to prevent viewing and more.  Continue Reading

• Protegrity Database Protector: Database security tool overview

  Expert Ed Tittel examines Protegrity Database Protector, a database security add-on product that provides column- and field-level protection of confidential and sensitive data stored in nearly any type of relational database.  Continue Reading

• Oracle Advanced Security: Database security tool overview

  Expert Ed Tittel examines Oracle Advanced Security, a database security add-on product with transparent data encryption (TDE) and data redaction features.  Continue Reading

• McAfee Database Activity Monitoring: Database security tool overview

  Expert Ed Tittel takes a look at McAfee Database Activity Monitoring and McAfee Vulnerability Manager for Databases to see how they protect enterprises' databases and corporate data.  Continue Reading

• Imperva SecureSphere: Database security tool overview

  Expert Ed Tittel examines Imperva SecureSphere Database Activity Monitoring and Database Assessment, products that are deployed as an inline bridge or as a lightweight agent to assess and monitor local database access.  Continue Reading

• IBM Guardium: Database security tool overview

  Expert Ed Tittel examines IBM Guardium, a security product that offers continuous, real-time, policy-based monitoring of database activities.  Continue Reading

• Enterprise benefits of network intrusion prevention systems

  Expert Karen Scarfone explains how most organizations can benefit from intrusion prevention systems (IPSes), specifically dedicated hardware and software IPS technologies.  Continue Reading

• The basics of network intrusion prevention systems

  Expert Karen Scarfone explores intrusion prevention systems and their acquisition, deployment and management within the enterprise.  Continue Reading

• Emerging security threats you're up against now

  Learn about the 'hacking as a service' and other emerging security threats.  Continue Reading

• Comparing the best data loss prevention products

  Expert Bill Hayes examines the strengths and weaknesses of top-rated data loss prevention (DLP) products to help enterprises make the right purchasing decision.  Continue Reading

• Cyber Reconnaissance, Surveillance and Defense

  In this excerpt of Cyber Reconnaissance, Surveillance and Defense, author Robert Shimonski describes commonly used mobile technology and how phone tracking works.  Continue Reading

• Choose the best vulnerability assessment tools

  This Buyer's Essentials guide helps InfoSec pros assess vulnerability management products by explaining how they work and by highlighting key features corporate buyers should look for so they can evaluate vendor offerings.  Continue Reading

• The best SSL VPN products in the market

  SSL VPNs are essential for securing network connections and communications. Here's a look at the best SSL VPN products in the industry.  Continue Reading

• Comparing the best Web application firewalls in the industry

  Expert Brad Causey compares the best Web application firewalls on the market across three types of product types: cloud, integrated and appliance.  Continue Reading

• Introduction to Web fraud detection systems

  Expert Ed Tittel explores the purpose of Web fraud detection systems and services, which are designed to reduce the risks inherent in electronic payments and e-commerce.  Continue Reading

• Comparing the top database security tools

  Expert Ed Tittel examines the strengths and weaknesses of top-rated database security tools -- from database activity monitoring to transparent database encryption -- to help enterprises make the right purchasing decision.  Continue Reading

• Comparing the top wireless intrusion prevention systems

  Expert Karen Scarfone examines the top wireless intrusion prevention systems (WIPS) to help readers determine which may be best for them.  Continue Reading

• Is third-party access the next IAM frontier?

  Identity and access management of employees is so complex that many companies have faltered when it comes to securing programs for trusted partners.  Continue Reading

• Comparing the best UTM products in the industry

  Expert Ed Tittel examines the top unified threat management appliances to determine which one could be the best for your organization.  Continue Reading

• Six criteria for purchasing unified threat management appliances

  Expert Ed Tittel explores key criteria for evaluating unified threat management (UTM) appliances to determine the best choice for your organization.  Continue Reading

• How UTM products can benefit your enterprise network environment

  Expert Ed Tittel explains why unified threat management is the right holistic IT security approach for SMBs and how it can fit into the enterprise, as well.  Continue Reading

• Tips for creating a data classification policy

  Before deploying and implementing a data loss prevention product, enterprises should have an effective data classification policy in place. Expert Bill Hayes explains how that can be done.  Continue Reading

• How to keep track of sensitive data with a data flow map

  Expert Bill Hayes describes how to create a data flow map to visualize where sensitive data is processed, how it transits the network and where it's stored.  Continue Reading

• Introduction to database security tools for the enterprise

  Expert Adrian Lane explains why database security tools play a significant, if not the majority, role in protecting data in the enterprise data center.  Continue Reading

• Six criteria for procuring security analytics software

  Security analytics software can be beneficial to enterprises. Expert Dan Sullivan explains how to select the right product to fit your organization's needs.  Continue Reading

• Introduction to unified threat management appliances

  Expert Ed Tittel describes unified threat management (UTM) appliances and features, and explains its advantages to organizations of all sizes.  Continue Reading

• Comparing the top SSL VPN products

  Expert Karen Scarfone examines the top SSL VPN products available today to help enterprises determine which option is the best fit for them.  Continue Reading

• The three enterprise benefits of SSL VPN products

  Expert Karen Scarfone outlines the ways SSL VPN products can secure network connections and communications for organizations.  Continue Reading

• Symantec Endpoint Encryption: Full disk encryption product overview

  Expert Karen Scarfone examines the features of Symantec Endpoint Encryption, a full disk encryption product for Windows laptops, desktops and servers.  Continue Reading

• Sophos SafeGuard: Full disk encryption product overview

  Expert Karen Scarfone examines the features of Sophos SafeGuard, a full disk encryption product for laptops, desktops and servers.  Continue Reading