IT Security is a field of computer science concerned with the control of risks related to computer use. The means traditionally taken to realize this objective is to attempt to create a secure computing platform, designed so that agents (users or programs) can only perform actions that have been allowed. This involves specifying and implementing a security policy. The actions in question can be reduced to operations of access, modification and deletion.
Users today expect to connect from anywhere and giving them high-performance guest access is absolutely essential.Weak security on your guest network can expose your business to external threats and create serious liability issues.
Security is a growing concern in our increasingly connected Internet of Things. Everything that is connected is potentially subject to malicious and criminal attack. Learn how to incorporate security analysis and development techniques to build secure smarter systems.
Read this Forrester whitepaper to learn more about the critical, yet often overlooked, role that data classification and data discovery can play in reducing your organization's risk and enhancing security.
This paper presented by Ponemon Institute provides its research findings into The Identity Imperative for the Open Enterprise: What IT Users and Business Users Think about Bring Your Own Identity (BYOID).
NVIDIA is a US-headquartered global technology company best known as a manufacturer of graphics and is now able to effectively manage threats to its SAP systems, perform pre and post audit scans of its whole application environment, and conduct basic scans on a regular basis with continuous monitoring and detection of vulnerabilities.
Westinghouse Electric Company, Multi-national Nuclear Power Company, was able to put in place a holistic SAP security management process, and to raise their SAP environment security level by automatically and periodically monitoring the platform for new threats.
When dealing with ransomware threats like CryptoWall, which encrypt your data and demand payment to unlock it, spotting infections quickly is critical in order to limit the damage. AlienVault USM uses several built-in security controls working in unison to detect ransomware like CryptoWall, usually as soon as it attempts to connect to the command and control server. Watch this demo on-demand to see how AlienVault USM detects these threats quickly, saving you valuable clean-up time and limiting the damage from the attack.
Attackers are becoming increasingly skilled at planting malicious code on websites frequented by their desired targets, commonly called "watering hole" attacks. These can be very difficult to detect since they happen as users are going about their normal business. Join us for a live demo showing an example of such an attack, and how to detect it immediately using AlienVault USM.
• Common browser vulnerabilities used to execute these attacks
• What attackers do next to take control of the system
• How to catch it before the attacker moves further into your network
Have you ever wondered how the bad guys actually get control of a system? And, how they convert that system into a data-syphoning droid? Join AlienVault security engineer, Tom D'Aquino as he walks you through the steps of a system compromise and how detect these nefarious activities at every stage.
• How attackers exploit vulnerabilities to take control of systems
• What they do next to find & exfiltrate valuable data
• How to catch them before the damage is done with AlienVault USM
Using a real-world example of a common vulnerability, Tom will show you how AlienVault USM gives you the evidence you need to stop an attack in its tracks.
In this webinar, we'll cover the six key steps every IT practitioner should take to go from installation to insight as quickly as possible with a SIEM solution. You'll learn how to leverage SIEM event correlation to aggregate, correlate and analyze all of the security-relevant log data in your environment so you can:
• Detect threats (known and emerging)
• Identify vulnerabilities
• Accelerate incident response
• Identify policy violations
• Simplify compliance management
Join AlienVault to learn tricks for achieving unified security visibility in the shortest amount of time.
The state of threat intelligence in the information security community is still very immature. Many organizations are still combating threats in a reactive manner, only learning what they're dealing with, well...when they're dealing with it. There is a wealth of information in the community, and many organizations have been gathering data about attackers and trends for years. How can we share that information, and what kinds of intelligence are most valuable? In this presentation, we'll start with a brief overview of AlienVault's Open Threat Exchange™ (OTX), and then we'll discuss attack trends and techniques seen in enterprise networks today, with supporting data from AlienVault OTX. We'll also take a look at some new models for collaboration and improving the state of threat intelligence going forward.
If you're like most IT practitioners, you are busy. You have a million things to do and preparing the reports needed to prove PCI DSS compliance requires time you just don't have. It doesn't have to be so hard. Join compliance experts from Terra Verde Services and AlienVault for this practical session on how to take the pain out of PCI DSS reporting.
• The key reporting requirements of the PCI DSS standard
• The security technologies you need to collect the required data
• How AlienVault USM can generate these reports in minutes, not days
• How to use your audit reports to improve security on an on-going basis
As cyber attacks grow more sophisticated, many organizations are investing more into incident detection and response capabilities. Event monitoring and correlation technologies and security operations are often tied to incident handling responsibilities, but the number of attack variations is staggering, and many organizations are struggling to develop incident detection and response processes that work for different situations.
In this webcast, we'll outline the most common types of events and indicators of compromise (IOCs) that naturally feed intelligent correlation rules, and walk through a number of different incident types based on these. We'll also outline the differences in response strategies that make the most sense depending on what types of incidents may be occurring. By building a smarter incident response playbook, you'll be better equipped to detect and respond more effectively in a number of scenarios.
While vulnerability assessments are an essential part of understanding your risk profile, it's simply not realistic to expect to eliminate all vulnerabilities from your environment. So, when your scan produces a long list of vulnerabilities, how do you prioritize which ones to remediate first? By data criticality? CVSS score? Asset value? Patch availability? Without understanding the context of the vulnerable systems on your network, you may waste time checking things off the list without really improving security.
Join AlienVault for this session to learn:
• The pros & cons of different types of vulnerability scans - passive, active, authenticated, unauthenticated
• Vulnerability scores and how to interpret them
• Best practices for prioritizing vulnerability remediation
• How threat intelligence can help you pinpoint the vulnerabilities that matter most
AlienVault is on a mission to change how organizations detect & mitigate threats - affordably & simply. Our USM solution delivers complete security visibility in a fraction of the time of traditional SIEM. So, you can go from installation to insight in days, not months. Download the 2014 Gartner MQ for SIEM.
AlienVault's USM is tailor-made for the needs of the security-savvy SMB. It offers affordability, and a comprehensive and ever-increasing feature set powered by the respectable "AV Labs and Open Threat Exchange.” In this analyst report, Javvad Malik of 451 Research, reviews AlienVault's SMB-focused approach to SIEM and discusses the competitive landscape.
The Public Services Network (PSN) is a programme intended to improve communication services across the UK government by reducing the cost and complexity of digital communication across the public sector. The PSN will create one logical network, based on industry standards, thus improving performance and security. The PSN is a replacement to the GSi (Government Secured Intranet), and all Public Sector agencies must migrate to the PSN by 31 October 2014. AlienVault’s Unified Security Management (USM) platform can provide you with the single solution you need to address many of the network- and security-related questions required to complete your PSN IA documentation.
"Just over a decade ago, the outcry over Microsoft’s security problems reached such a deafening level that it finally got the attention of Bill Gates, who wrote the famous Trustworthy Computing memo. Today, many would say that Microsoft leads the industry in security and vulnerability handling.
Now, it’s Java that’s causing the uproar. But has Oracle learned anything from Microsoft in handling these seemingly ceaseless problems? In this webinar, Randy Franklin Smith from Ultimate Windows Security will start by reviewing the wide-ranging Java security changes Oracle is promising to make. They sound so much like the improvements Microsoft made back with Trustworthy Computing that I’m amazed it hasn’t been done before! We’ll move on to discuss what you can do now to address Java security in your environment.
One of the banes of security with Java is the presence of multiple versions of Java, often on the same computer. Sometimes you really need multiple versions of Java to support appli
Web presence is now a required option for customers accessing a business’s products and services. But more than just an option, web pages have become the face of most companies to the public. Learn
how can you take control of the Internet effect on your company’s web presence through Internet monitoring, analysis and planning.