attack process

Results 1 - 25 of 47Sort Results By: Published Date | Title | Company Name
Published By: CheckMarx     Published Date: Sep 12, 2019
Financial services organizations operate under a host of regulatory standards. This makes sense, as the assets and information managed by these firms are valuable, sensitive, and targeted by sophisticated cyber attackers daily. Compounding these challenges is the large volume of personally identifiable information (PII) that financial organizations handle regularly. PII is subject to many compliance regulations, notably the General Data Protection Regulation (GDPR), which regulates not only the processing of personal data, including PII, relating to individuals in the EU, for also any organization that processes personal data of EU residents. For US banking consumers, Section 5 (Unfair or Deceptive Acts or Practices) of the Federal Trade Commission Act and numerous state regulations enforce basic consumer protections, which financial organizations must also uphold.
Tags : 
    
CheckMarx
Published By: Akamai Technologies     Published Date: Dec 11, 2018
Existing security controls are outmatched — at best static and reactive. Current layers likely aren’t protecting you against all attack vectors, like the vulnerable back door that is recursive DNS. And security mechanisms that frustrate, impede, or disallow legitimate users, devices, or applications will have low adoption rates and/or will curtail productivity. Benign users may even circumvent these processes, further undermining your corporate security posture and creating more gaps in your defense-in- depth strategy. One of the many use cases associated with a zero trust security strategy is protecting your network — and most importantly, your data — from malware.
Tags : 
    
Akamai Technologies
Published By: Akamai Technologies     Published Date: Jun 14, 2018
"Existing security controls are outmatched — at best static and reactive. Current layers likely aren’t protecting you against all attack vectors, like the vulnerable back door that is recursive DNS. And security mechanisms that frustrate, impede, or disallow legitimate users, devices, or applications will have low adoption rates and/or will curtail productivity. Benign users may even circumvent these processes, further undermining your corporate security posture and creating more gaps in your defense-in- depth strategy. One of the many use cases associated with a zero trust security strategy is protecting your network — and most importantly, your data — from malware. "
Tags : 
dns, rdns, security, zero trust security, malware, data, network security
    
Akamai Technologies
Published By: Secureworks     Published Date: Nov 11, 2016
To ensure that “quasi-insiders” or third parties do not contribute to your enterprise’s attack vector, it’s imperative to develop a third-party governance process to mitigate risk. Read on to find out how.
Tags : 
managed security services, risk management, security, threat and vulnerability management, attacks, insider attacks, cyber security
    
Secureworks
Published By: Logrhythm     Published Date: Sep 05, 2017
The purpose of this white paper is to show you how you can successfully build a SOC, even with limited resources. The paper first explains the basics of the Cyber Attack Lifecycle and the need to address it through the Threat Lifecycle Management framework. Next, the paper explains the basics of SOCs, providing details of what SOCs mean in terms of people, processes, and technology. Finally, the paper walks you through a methodology for building a SOC with limited resources, focusing on tactics to make your rollout smooth and successful. After reading this paper, you should be ready to start planning your own SOC.
Tags : 
reconnaissance, initial compromise, command control, lateral movement, target attainment, corruption
    
Logrhythm
Published By: Google     Published Date: Apr 26, 2018
No one in today’s highly connected world is exempt from security threats like phishing, ransomware, or denial-of-service (DoS) attacks. Certainly not Google. Google operates seven services with more than one billion active users each (including Google Search, YouTube, Maps, and Gmail). We see every type of attack, bad software, and bad actors—multiple times a day—and we’re proud of what our people, processes, and technology do to stop them. Google has published more than 160 academic research papers on computer security, privacy, and abuse prevention and has privately warned other software companies of weaknesses discovered in their systems. Within Google, we enforce a zero-trust security model, which monitors every device on the internal network.
Tags : 
    
Google
Published By: Oracle PaaS/IaaS/Hardware     Published Date: Jul 25, 2017
"Since a decade the market has seen an outburst of data. With Managing and Securing Data is Crucial. With 3.8 Billion mobile users and 24 Zetta bytes of data created, and 100% attacks that target username and password credentials, managing and securing data has become a crucial and the most critical aspect for almost every Business. Oracle’s SPARC M7 processor, with Oracle’s Software in Silicon technology, is the industry’s most advanced multi thread, multi-core processor with unique capabilities for information security. It sets the foundation for mission-critical cloud based server infrastructure with unprecedented levels of security, efficiency, and performance.
Tags : 
    
Oracle PaaS/IaaS/Hardware
Published By: CrowdStrike     Published Date: Feb 01, 2017
This year’s Cyber Intrusion Services Casebook focuses on in-depth digital forensics, incident response (IR) and remediation services performed on behalf of actual CrowdStrike clients. Real-life examples drawn from notable CrowdStrike Services IR engagements in 2016 — including the now-infamous hack of the Democratic National Committee (DNC) —are covered with an emphasis on best practices organizations can follow to identify and eject attackers before a devastating breach occurs. Download this report to learn: • How CrowdStrike’s Falcon OverWatch and professional services teams discovered and attributed the DNC intrusion to nation-state threat actors FANCY BEAR and COZY BEAR • The gaps in security processes and planning that your organization can address now to stop the next breach • The specific tactics, techniques and procedures (TTPs) a range of nation-state and eCrime adversaries used to penetrate their victims’ defenses, and how they attempted to cover their tracks
Tags : 
    
CrowdStrike
Published By: Juniper Networks     Published Date: Jul 31, 2019
As the number and severity of cyberattacks continue to grow with no end in sight, cybersecurity teams are implementing new tools and processes to combat these emerging threats. However, the oneoverriding requirement for meeting this challenge is improved speed. Whether it’s speed of detection, speed of remediation or other processes that now need to be completed faster, the ability to do things quickly is key to effective cybersecurity. The reason why speed is essential is simple: As the dwell time for malware increases, the lateral spread of an attack broadens, the number of potentially breached files expands, and the difficulty in remediating the threat increases. And the stealthy nature of many of the newer threats makes finding them faster?before they become harder to detect?a critical focus in reducing the impact of an intrusion. These requirements make it essential that security operations centers (SOCs) can complete their activities far more quickly, both now and moving forwa
Tags : 
application management, application performance, network infrastructure, network management, network security
    
Juniper Networks
Published By: Exabeam     Published Date: Sep 25, 2017
Most enterprises and government organizations that experience data breaches have traditional security point solutions, log management, and security information and event management (SIEM) solutions in place. However, SIEM is not a comprehensive solution on its own. There has been a great deal of focus on the attack-chain – or kill-chain – of steps in the process leading to these breaches.
Tags : 
    
Exabeam
Published By: Splunk     Published Date: Aug 21, 2018
Due to recent cyberattacks, security operations centers (SOCs) have had to focus on a holistic and cohesive security strategy by consolidating the right people, processes and technology to mitigate and remediate attacks. This white paper, “The Five Essential Capabilities of an Analytics-Driven SOC”, dives into the necessity of SOCs to be analytics driven and how it helps IT and business leaders assess their own risk levels. Download this white paper to to learn about: *How advanced analytics and machine learning are now critical hallmarks of the modern security platform *How proactively hunting and investigating threats can shore up defenses *Why adaptive security architectures, like Splunk’s, are needed to prevent, detect and respond to attacks in today’s security landscape
Tags : 
    
Splunk
Published By: McAfee     Published Date: Jan 20, 2015
Network availability and survivability in the face of an attack requires specific tools and processes. Are you using RBAC, hierarchical policy management and individual domain control? Find out which eight features you must deploy now.
Tags : 
network security, network management, firewall management, enterprise firewall, ngfw, next generation firewall, firewall automation
    
McAfee
Published By: Carbon Black     Published Date: Apr 11, 2018
Adversaries, and cybercriminal organizations in particular, are building tools and using techniques that are becoming so difficult to detect that organizations are having a hard time knowing that intrusions are taking place. Passive techniques of watching for signs of intrusion are less and less effective. Environments are complicated, and no technology can find 100 percent of malicious activity, so humans have to “go on the hunt.” Threat hunting is the proactive technique that’s focused on the pursuit of attacks and the evidence that attackers leave behind when they’re conducting reconnaissance, attacking with malware, or exfiltrating sensitive data. Instead of just hoping that technology flags and alerts you to the suspected activity, you apply human analytical capacity and understanding about environment context to more quickly determine when unauthorized activity occurs. This process allows attacks to be discovered earlier with the goal of stopping them before intruders are able t
Tags : 
    
Carbon Black
Published By: Carbon Black     Published Date: Aug 14, 2018
Threat hunting is the proactive technique that’s focused on the pursuit of attacks and the evidence that attackers leave behind when they’re conducting reconnaissance, attacking with malware, or exfiltrating sensitive data. Instead of just hoping that technology flags and alerts you to the suspected activity, you apply human analytical capacity and understanding about environment context to more quickly determine when unauthorized activity occurs. This process allows attacks to be discovered earlier with the goal of stopping them before intruders are able to carry out their attack objectives.
Tags : 
    
Carbon Black
Published By: CrowdStrike     Published Date: Aug 01, 2017
Download this white paper to learn:?The detailed anatomy of a fileless intrusion, including the initial compromise, gaining command and control, escalating privileges and establishing persistence?How fileless attacks exploit trusted systems —the types of processes compromised, the specific exploit tactics used to gain a foothold, and more?Why traditional technologies fail to protect against fileless attacks and what you can do to better defend your organization against them
Tags : 
    
CrowdStrike
Published By: Group M_IBM Q418     Published Date: Nov 01, 2018
Organizations globally realize that working only to prevent and detect cyberattacks will not protect them against cyber security threats. That is why IBM Resilient® was developed: to arm security teams with a platform for managing, coordinating, and streamlining incident response (IR) processes. IBM Security has had the privilege of working with organizations of all sizes and across all industries as they implement Resilient solutions to develop more sophisticated and robust incident response functions. These organizations build IR processes that are consistent, repeatable, and measurable, rather than ad hoc. They make communication, coordination, and collaboration an organization-wide priority. They leverage technology that empowers the response team to do their job faster and more accurately
Tags : 
    
Group M_IBM Q418
Published By: Mimecast     Published Date: Aug 30, 2016
Download Resetting Your Email Security Strategy to learn: - How employees are your first and last line of defense in attacks and why proper education is key. - How you can fix your processes against modern threats like whaling - The critical role of today’s cyber security technologies - Why your security strategy is doomed to failure without strong leadership"
Tags : 
mimecast, email, email security, cyber security, whaling, email security strategy
    
Mimecast
Published By: Mimecast     Published Date: Apr 18, 2017
"It’s no secret that organizations find themselves the target of increasingly sinister and highly sophisticated phishing, spear-phishing, whaling and ransomware attacks. While risks are clearly mounting, many organizations still aren’t keeping up with the challenge. Download Resetting Your Email Security Strategy to learn: - How employees are your first and last line of defense in attacks and why proper education is key. - How you can fix your processes against modern threats like whaling - The critical role of today’s cyber security technologies - Why your security strategy is doomed to failure without strong leadership"
Tags : 
email security, ransomware, phishing, whaling, security strategy
    
Mimecast
Published By: Tenable     Published Date: Jan 25, 2019
"Web application attacks are the top source of data breaches today. The 2018 Cybersecurity Insiders Application Security Report reveals that 62% of cybersecurity professionals are at best moderately confident in their organization’s application security posture. Not surprisingly, about the same number consider their application security strategies immature.Applications play a critical role in supporting key business processes, but organizations are struggling to keep them safe. This eBook examines the 5 best practices for application security. Read this ebook now to understand: -Which types of apps present the highest security risk -Best practices for reducing security risks associates with web applications -Steps you can take now to secure web applications "
Tags : 
    
Tenable
Published By: McAfee     Published Date: Nov 20, 2014
How do we get more visibility into attacks across our environments, improve our response, and reduce response time? SANS Analyst, James Tarala, provides insight on the solution by automating functions that should be automated and connecting the dots between detection systems and response. Connecting these dots and applying intelligence provides responders rich context into the observed behaviors for taking action. Integrating these processes improves accuracy, while reducing time, manpower, and costs involved in detecting and managing events. This white paper explores how to achieve this.
Tags : 
sans, incident response, detection systems, data correlation and aggregration, siem, security analytics tools
    
McAfee
Published By: Juniper Networks     Published Date: Jul 29, 2019
Get the Secrets to Designing a Resilient, Secure Campus Network. Download our 2019 buyer's guide to learn more. It’s challenging to design, deploy, and manage a campus network. Adding to this, aging equipment can slow your network down and hinder your ability to advance IT innovations that help keep your business competitive. What's more, the proliferation of devices and IoT sensors can expose your network to cyberattacks and other security threats. Our 2019 Buyer’s Guide can help you modernize your campus network, reducing OpEx while delivering a richer, more reliable user experience. Learn about the key trends and challenges that shape your campus network design and the essential considerations that should influence your selection process.
Tags : 
multiprotocol label switching (mpls), switching, ethernet network services, data center design, data center management
    
Juniper Networks
Published By: McAfee EMEA     Published Date: Nov 15, 2017
Machine learning offers the depth, creative problem-solving capabilities, and automation to help security organizations gain significant ground against attackers. It’s a powerful tool for processing massive amounts of data for the purpose of malware classification and analysis, especially for unknown threats. Through supervised learning, human researchers can continually develop new training models that expand the understanding and competency of machine learning systems.
Tags : 
analytics, security, problem solving, creative, data, researching, malware
    
McAfee EMEA
Published By: netForensics     Published Date: Jan 04, 2008
As incidents of identity theft and fraud skyrocket, companies are scrambling to keep up with complex attacks and effectively safeguard consumer information. If you store, process, or transmit cardholder data, comprehensive visibility, actionable intelligence and the ability to respond rapidly to threats has become paramount.
Tags : 
pci, pci dss, pci compliance, customer data, data protection, credit card, cardholder, identity theft
    
netForensics
Published By: McAfee     Published Date: Aug 14, 2014
Network availability and survivability in the face of an attack requires specific tools and processes. Are you using RBAC, hierarchical policy management and individual domain control? Find out which eight features you must deploy now.
Tags : 
network security, network management, firewall management, enterprise firewall, ngfw, next generation firewall, firewall automation
    
McAfee
Published By: Dell SecureWorks     Published Date: Sep 09, 2013
Every year some new shiny object seems to be working security marketers into a frenzy. The Advanced Persistent Threat hype continues to run amok 3 years in, and doesn’t seem to be abating at all. Of course there is still lot of confusion about what the APT is, and a Securosis post from early 2010 explains our view pretty well.
Tags : 
dell, dell secureworks, ciso’s, advanced attackers, apt, attack process
    
Dell SecureWorks
Previous   1 2    Next    
Search      

Add Research

Get your company's research in the hands of targeted business professionals.


Featured FREE Resource: