Sponsor: Hewlett Packard – CA

How do you protect your mobile applications? Check out this whitepaper on three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.

Mobile apps may be a threat, but they don't have to be. Download this whitepaper to review the various considerations for defending mobile applications-from the mobile application architecture itself to the myriad testing technologies needed to properly assess mobile applications risk.

Mobile applications represent a growing threat to the enterprise. But how big of a threat? HP Security Research leveraged HP Fortify on Demand Mobile to scan more than 2,000 mobile applications from more than 600 companies to find out. Download this report to see the alarming realities regarding the sheer number of applications vulnerable to attack, as well as the most common and easily addressable vulnerability errors.

With the escalating number and increasing sophistication of cyber attacks, perimeter defenses are no longer enough. Enterprises must ensure application vulnerabilities don’t open doors for hackers. Mainstay surveyed 12 organizations that implemented application vulnerability testing with HP Fortify.

Their findings: HP Fortify customers reduced application vulnerabilities from hundreds to tens, the average time to fix them from weeks to hours, and time-to-market delays due to vulnerabilities from 120 days per year to none. And companies who used HP Fortify on Demand-a cloud-based solution-saw results and achieved time to value faster. Read the report to learn how.

With cyber crime on the rise, many organizations rely on intrusion prevention systems (IPS) to detect and stop attacks. But to counter increasingly sophisticated threats, IPS is evolving into next-generation IPS (NGIPS). What drives the need for these new systems? And how are they different from earlier IPS?

This study details a survey of 439 IT security and network professionals conducted by the SANS Institute. It explores use of IPS within respondents' organizations and their plans for future NGIPS. Read the results to understand how contemporaries are using IPS and how NGIPS is evolving to counter today's cyber threat.

Next-generation (NG) firewalls, with features such as deep packet inspection, intrusion detection, application identification, and granular control, are important weapons in the battle against hacking and malware. Mobile applications have taken the overall scheme of corporate IT, and NG firewalls enable organizations to incorporate full-stack inspection to support intrusion prevention. This white paper explores the reasons for implementing NG firewalls and lays out a path to success for overburdened IT organizations.

Turkey's Finansbank needed a way to spot potential fraud among millions of electronic transactions. But implementing a commercial fraud management application would take 18 months-far too long. Based on their experience using HP ArcSight Enterprise Security Manager (ESM) for IT security operations, they decided to adapt HP ArcSight ESM for fraud management.

Within six months Finansbank was able to use HP ArcSight ESM to authorize transactions in near real time. Using its flexible rules engine and advanced correlation, they reduced false positives by 90% and the time to resolve flagged transactions by 80%. Read the report to learn how.

This technical white paper demonstrates how to use Big Data security analytics techniques to detect advanced persistent threat (APT) cyber attacks, and it shows how HP ArcSight-a Security Information and Event Management (SIEM) solution from HP-applies these techniques to spot and stop attacks.

APTs use a "low and slow" attack profile that is difficult to distinguish from legitimate activity. But by correlating massive amounts of data from multiple sources you can detect and stop them. The paper presents three techniques that you can apply to any IT environment: 1. Detect account abuse by insiders and APTs.; 2. Identify data exfiltration by APTs.; 3. Identify and alert to new program execution.

For each technique, the paper presents an approach to detecting the situation and details the steps to implement the approach. Then it goes further to show how HP ArcSight does it. Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.

As the incidence and cost of cyber crime have escalated, organizations have responded by establishing security operations centers (SOCs) to detect and counter cyber attack and to assure compliance with industry guidelines. But how capable are SOCs, and where is the greatest opportunity for improvement?

HP Security Intelligence and Operations Consulting has performed maturity assessments evaluating people, processes and technology in 69 SOCs. This report presents their findings on the measured maturity level of SOCs by industry. Read it to understand: Areas needing the most improvement; Lessons learned; and Recommendations on target maturity levels for enterprises and managed security service providers.

This white paper explains why integrating your log management solution with IT operations is beneficial to both your network operations center (NOC) and security operations center (SOC). It can help you seamlessly integrate log management into your IT operations strategy, create collaboration between your SOC and NOC that empowers your organization to effectively manage your IT infrastructure while simultaneously ensuring its security.

When it comes to enterprise security, Big Data is part of the problem-and it is part of the solution. Collecting vast amounts of data from disparate sources-including the cloud-exposes the enterprise to new threats and creates vast new stores of data you must protect. But you can apply Big Data techniques for finding insight in mountains of data to find security threats as well.

Next-generation (NG) firewalls, with features such as deep packet inspection, intrusion detection, application identification, and granular control, are important weapons in the battle against hacking and malware. Mobile applications have taken the overall scheme of corporate IT, and NG firewalls enable organizations to incorporate full-stack inspection to support intrusion prevention. This white paper explores the reasons for implementing NG firewalls and lays out a path to success for overburdened IT organizations.

Hackers are quick to exploit newly discovered vulnerabilities in the software enterprises deploy and use. Traditional security defenses rely on known attack signatures, so they often fail to detect attacks that exploit new vulnerabilities. HP TippingPoint Next-Generation Intrusion Prevention System (NGIPS) and Next-Generation Firewall (NGFW) combine technology that focuses on the root problems common to multiple threats with the latest vulnerability intelligence provided by HP Security Research and supported by more than 3,000 external security researchers. This enables them to block new threats that escape detection by traditional threat pattern recognition with minimal impact on network performance.

Some of the most serious threats networks face today are "bots," remotely controlled robotic programs that strike in many different ways and deliver destructive payloads, self-propagating to infect more and more systems and eventually forming a "botnet." Download this whitepaper and learn how bots work and how, by adopting the right strategy, you can use a defense-in-depth strategy to effectively prevent direct attacks against your critical systems.

In today's global, always-on world, network security is crucial. Enterprises need to ensure that employees accessing their networks are secure at all times. A comprehensive network security solution needs to include a number of factors, including network reliability, resources for managing the network, network features and functions, and full integration. This Slashdot Pulse offers insight into IT professionals who currently manage network security, giving readers a glimpse into real-word security plans and tactics.