Vulnerability Management Research
-
Securing SCADA: Overview, Risks, and Mitigation
Sponsored by: Hewlett-Packard LimitedThis resource explores how SCADA systems have inherent vulnerabilities that can be best resolved by adhering to security best practices, and how network security solutions can be used to mitigate the risk to SCADA systems
-
Top 5 Most Prevalent Web Application Vulnerabilities
Sponsored by: Veracode, Inc.Join Chris Eng, VP of Security Research and one of the 30 contributing authors of the SANS Top 25, as he discusses the Top 5 most prevalent application vulnerabilities, impact of attacks on your application and your customers, methods to identify, track and remediate these vulnerabilities and more.
-
Top 10 Mobile Application Risks
Sponsored by: Veracode, Inc.In this presentation, Veracode’s Vice President of Security Research, Chris Eng, will outline the Top 10 Mobile Application Risks, designed to educate developers and security professionals about the mobile application behavior – both maliciously- designed or inadvertent – putting users at risk.
-
Understanding the risks of mobile apps
Sponsored by: Veracode, Inc.Many of the risks of moble devices are similar to those of traditional spyware, Trojan software, and insecurely designed apps. However, mobile devices are not just small computers. They are designed around personal and communication functionality which makes the top mobile applications risks different from the top traditional computing risks.
-
Five Steps to Managed Third-Party Application Security Risk
Sponsored by: Veracode, Inc.This whitepaper outlines a five step process that enterprises can apply to their third-party application portfolio to gain visibility into their security state and make informed purchase, integration, deployment and maintenance decisions.
-
Mobile Application Security delivered in the cloud
Sponsored by: Hewlett-Packard LimitedApplication security vulnerabilities have become the target of choice for cybercriminals, so it's vital to ensure that weaknesses are discovered and remediated right away. This webcast explores a cloud-based application testing solution that enables organizations to test the security of software quickly, accurately and cost efficiently.
-
What a Vulnerability Assessment Scanner Can't Tell You
Sponsored by: RedSeal NetworksThis white paper explores a vulnerability management solution which enables organizations to protect their most valuable assets with network architecture and access policy analysis.
-
Security Self Assessment
Sponsored by: IBMHow mature are your security processes? Try out this brief assessment tool that explores six categories including threat and vulnerability management, data and information protection, security training and assure awareness and more. Then, view and compare your scores with other organizations and uncover best practices for improvement.
-
Elements of SaaS security
Sponsored by: HP Enterprise SecurityIn this podcast, Diana Kelley examines the feature-set options available from SaaS security service providers today, including Web access management, malware and vulnerability scanning, log management and SIM, storage/backup and payment system security.
-
IBM X-Force 2011 Trend and Risk Report
Sponsored by: IBMKeep up-to-date with the latest trends and risks organizations face today. This comprehensive report offers an in-depth look into common threats, operational security practices, software development practices, and other emerging trends in security to help you build and improve your security strategies.
-
Integrating Security into Development, No Pain Required
Sponsored by: IBMThere are substantial security benefits to developers and security personnel working together, yet they are often viewed as being like oil and water. In this paper, discover how to integrate software development and security effectively and pain-free by using the right tools and techniques.
-
Software Security Analysis: Control Flow Security Analysis with McCabe IQ
Sponsored by: McCabe Software, Inc.Read this white paper to learn how comprehensive security analysis equips you with the proper insight into the structure of your software code to identify and resolve possible security holes
-
5 Steps to Proactive Risk Management: Transitioning Your Security Posture from Reactive to Predictive
Sponsored by: Q1 LabsLearn how to leverage and extend the value of security intelligence to automate risk management functions in mission critical areas including network and security configuration, compliance management and vulnerability assessment. View now to uncover 5 steps to proactive risk management to change your security posture from reactive to predictive.
-
Video: Incorporate SIM tools to stay compliant
Sponsored by: HP Enterprise SecurityThis resource outlines potential benefits of SIM and log analysis such as improvements in access control, data leak prevention and much more.
-
Podcast: Why do so many CCOs miss the boat on SIM?
Sponsored by: HP Enterprise SecurityThis podcast discusses how to successfully integrate SIM tools and log analysis for comprehensive compliance, and discusses the potential improvements in access control, data leak prevention and much more.
-
A Tale of Three Bogeys: Zero-Day Vulnerabilities, Unpatched Client Applications, and Browser Exploits
Sponsored by: McAfee, Inc.The web and email are not IT’s friends. They create risk and increase the workload because they distribute and prolong the payoff of known and unknown threats. Layering new and traditional techniques, including anti-malware, anti-spam, intrusion prevention, and application whitelisting, throughout the enterprise will minimize those risks.
-
Bloor: Taking back control in today's complex threat landscape using application and change control to thwart attackers
Sponsored by: McAfee, Inc.The security threats that we face are getting ever more harmful. They are targeted, use a complex range of techniques, are sophisticated in their ability to defeat reactive security defenses and can cost their victims dearly. In this resource explore how to take back control in today's complex threat lanscape using application change and control.
-
The Good, the Bad, and the Unknown
Sponsored by: McAfee, Inc.McAfee Application Control provides a new, timely, practical layer of systems security by blocking unauthorized applications. While it has some of the advantages of whitelisting, it avoids the operational and security limitations that have held back enterprise adoption of whitelisting technology.
-
Five tips to reduce risk from modern web threats
Sponsored by: Sophos, Inc.To meet the challenges to your security, you need to put in place user education and awareness, preventive measures and a modern web security solution. This guide covers five essential preventive measures you should implement to reduce your risk and keep ahead of the threats.
-
Countdown: Top five ways to prevent a security lapse from becoming a security breach
Sponsored by: Q1 LabsIn this podcast, learn five information security mistakes organizations often make that lead to data breaches, and how to bring resources to bear quickly to mitigate mistakes and avoid a breach.
-
Virtual Patching with Network Security
Sponsored by: McAfee, Inc.The McAfee virtual patching solution provides a layered approach to security risk management, while adding the ability to apply a virtual patching strategy to your existing change-management process.
-
2011 Cyber Risk Report
Sponsored by: HP Enterprise SecurityThis report offers an in-depth analysis into key vulnerabilities that exist in Web applications today and the attacks that are exploiting those weaknesses. In additon, explore effective mitigation and risk management strategies that will also help address key business objectives including customer privacy concerns, compliance, and more.
-
Ten Ways to Dodge CyberBullets: Reloaded
Sponsored by: ESETIn this paper, ESET research teams revisit their top ten list on what people can do to protect themselves against malicious activity, and offers key advice based on today’s changing environments, while still applying the basic principles.
-
E Is for Endpoint: Six Security Strategies for Highly Effective IT Professionals
Sponsored by: LumensionSecurity professionals know that effective endpoint protection calls for a layered, defense-in-depth approach. But endpoint security now requires a new way of thinking that goes beyond just battling threats to actually enable operational improvement. Read this whitepaper to learn the six steps you need to think different about endpoint security.
-
Why Free Patch Management Tools Could Cost You More
Sponsored by: LumensionThis white paper explores why so-called "free" patch management solutions could really end up costing your organization more in the long run.
