Intrusion Detection is the act of detecting actions that attempt to compromise the confidentiality, integrity or availability of a resource. Intrusion Detection can be performed manually or automatically. Manual intrusion detection might take place by examining log files or other evidence for signs of intrusions, including network traffic. A system that performs automated intrusion detection is called an Intrusion Detection System (IDS). An IDS can be either host-based, if it monitors system calls or logs, or network-based if it monitors the flow of network packets.
Cybercriminals today are launching attacks against businesses by copying sophisticated malware and techniques used to target governments and high-profile organizations. Don’t get caught in the crossfire. Read our special report "Who's spying on you?"
The Digital Security and Surveillance eZine is about channel partners extending their expertise in Internet Protocol to a whole new arena. For these partners, security goes well beyond software, firewalls, VPNs and other security offerings commonly discussed in the industry. These partners are combining networks, storage, cameras and similar technologies into full solutions designed to help protect the customer.
SANS Institute looks at how network attacks can be avoided by utilizing a SIEM platform that combines historical data with real-time data from network sources and security policies for better, more accurate reporting.
Advanced evasions will break the security protection model that most organizations are using today. Given this changing threat landscape we need to rethink traditional security models. Here’s advice on how to evade AETs.
The SANS 20 Critical Security Controls are known for driving effective security programs across government agencies, establishing guidelines for security professionals to ensure the confidentiality, integrity and availability of information technology assets. This paper describes how automating these controls using QualysGuard can protect your organization with continuous security while drastically lowering costs.
Automated Vulnerability Management (VM) solutions help you discover devices running in your network, determine whether they are vulnerable to attack, find fixes to the underlying problems, and protect yourself while those fixes are being implemented. This checklist of best practices will save you time and help you understand what to look for when selecting a VM, whether you have a dozen systems or a million.
Automated Web Application Scanning (WAS) solutions help you discover web apps running in your network, determine whether they are vulnerable to attack, understand how to fix them, and protect your business. This checklist of best practices will save you time and help you understand what to look for when selecting a WAS solution, whether you have a handful of apps or thousands.
A zero-day threat is a vulnerability that becomes known to the vendor on the same day it becomes known to the public, meaning IT assets targeted by a zero-day threat won't have a patch available when it's needed. However, zero-day attacks operate in a realm of the probable - they work only because there are exploitable vulnerabilities within IT systems. Many of these can, and should be prevented.
This guide describes why organizations are vulnerable to zero-day attacks, and what you can do to add a zero-day offense to your existing vulnerability management processes to protect your organization's assets and data.
There is a security risk in your organization that can render all of your security controls worthless with a single click. It is dynamic and changes in real-time. It is the weakest link in your infrastructure, and no singular security appliance or software exists that can lock it down. What's more, you have not one but hundreds-perhaps thousands-of these risks, each sitting behind a desk in your organization. While users represent the single largest security risk to organizations, there are measures you can put in place to mitigate the risk they can introduce to your organization. This eBook explores the different kinds of user-based risks in today's corporate environment, including mobile devices and cloud services, and gives actionable guidance on how to mitigate these risks.
After a string of high-profile attacks against financial services companies and online retailers, Internet data centers are increasingly the targets of hackers and cybercriminals who view them as vulnerable to new and different kinds of attacks. Read how your can protect your company's valuable data.
This buyers guide is designed to help you choose the right solution for your organization. It looks at the factors you should consider when evaluating solutions to ensure you have the protection and functionality you need, both now and as your business evolves.
Read the Forrester Report: The Total Economic Impact of RSA Archer IT GRC and you'll be eligible to receive a free consultation from an RSA GRC expert who will calculate the projected ROI for your organization.
See how RSA Archer Risk Management enables you to proactively address risks to your organization with a central GRC management system for identifying risks, evaluating their impact, relating them to mitigating controls, and tracking their resolution.