Top 5 SSL Attack Vectors

It’s often claimed that SSL/TLS vulnerabilities represent the web’s weakest security link. This TechTarget paper examines the highest profile attack vectors, the exposures they cause, and the resulting fallout associated with each. Download now and discover why:
  • SSL/TLS certificates need to be at least 2048-bit RSA or 256-bit ECC
  • The only secure, standard hash algorithm is SHA-2
  • Root certificates must be heavily defended by the CA
  • The security of systems storing and using private SSL/TLS keys must also be tightly guarded
Get Whitepaper

Forrester paper: The Total Economic Impact™ Of IBM DB2 With BLU Acceleration

Learn about the cost savings and business benefits of DB2 with BLU Acceleration. In a commissioned study, Forrester Consulting evaluated the total economic impact of BLU Acceleration in-memory technology at a financial services client. As data volumes and the number of queries increased for this client, BLU Acceleration eliminated the need to manage indexes and improved query response time. This helped to manage IT staff workload and enabled the organization to respond quickly to regulatory requests.

View IBM's privacy policy here

Get Whitepaper

EB Cyber Security Playbook

When it comes to dealing with data breaches, there is no one-size-fits-all guide. Every incident and organization is different. Even so, preparing for the inevitable breach is worth the time, effort, and expense given the millions of dollars a breach could cost an organization in terms of lost data, business, and reputation. This playbook is a starting point to help an organization’s board of directors create an action plan. Download to learn about:
  • Five guiding principles for what a response plan should address
  • Dealing with disclosure–what to tell customers and the media
  • Bolstering your defenses after a breach
Get the playbook now. And be prepared.
Get Whitepaper

WP Biz Case for FaaS

You understand the intricacies of today’s threat landscape, and the difficulties your organization faces when attempting to prevent, investigate and remediate targeted attacks, but how do you explain that difficulty, and subsequent cost, to senior leadership? Often the best tactic is to speak to them in a language that they understand: money. This paper provides step-by-step instruction on how to craft an effective business case for a proactive, advanced threat solution and describes how to:
  • Properly communicate the challenges you face
  • Assess the business impact
  • Shift the discussion from technically-focused to dollars and cents.
Download your copy now.
Get Whitepaper

RPT APT 30

Having some of the world’s most active economies, Asia Pacific countries are more likely to be a target of targeted attacks than the rest of the world. In “Operation Quantum Entanglement”, “Pacific Ring of Fire: PlugX / Kaba” and other FireEye reports, we have highlighted how Northeast Asian countries have been at the centre of advanced attacks. Today, we release a new report “APT 30 and the Mechanics of a Long-Running Cyber Espionage Operation,” which documents about a threat group, APT 30, who has consistently targeted Southeast Asia and India over the past decade.
Get Whitepaper

WP 12 Proven IR Strategies

Advanced targeted cyber attacks are increasing every year; being prepared with an incident response plan can minimize their duration and impact. In this white paper, read about 12 recommended actions that will help you prepare for, respond to and remediate security threats quickly and effectively.

Download now to learn more.
Get Whitepaper

WP How Secure Do You Want to Be

Protecting against advanced cyber-attacks requires, among other things, that you meet the same level of sophistication as your attackers. Unfortunately, most current security technologies fail to meet that bar, resulting in organizations being breached when they thought they were protected.

A resulting breach can be devastating, leading most organizations to re-evaluate their security program. Critically evaluating your security program in its entirety and looking for the areas it can be improved is a daunting task.
Get Whitepaper

WP Are You Ready to Respond

In spite of the best efforts of the cyber security industry to protect computer networks, breaches still happen, causing millions of dollars in damage, tainting the reputation of corporations, and causing end users to lose confidence in the security of their personal information. Given that new reality, it’s not enough for organizations to try to protect their networks from a breach, but to have an effective response plan in place for when a breach occurs anyway.

Today, companies need to conduct a comprehensive response readiness assessment that lays out what steps to take in the event of a breach in order to minimize the damage and recover from the intrusion as quickly as possible.
Get Whitepaper

WP Enemies in Our Midst

It’s not a question of if your organization will be breached. It’s a question of when.

Most attackers remain active in environments for a significant amount of time before being discovered. And only a small percentage of organizations discover the presence of advanced attackers themselves—most need to be informed by law enforcement or a proactive third-party security firm. By then, an attacker could do a great deal of damage.

A compromise assessment answers the all-important question: Have you been breached?
Get Whitepaper

RPT M-Trends 2016

M-Trends 2016 provides trends, statistics and case studies to illustrate how advanced threat actors have evolved over the past year.
The annual report was compiled by consultants at Mandiant, a FireEye company, and is based on hundreds of Mandiant incident response investigations in more than 30 industry sectors. It offers recommendations on how organizations can improve the way they prevent, detect, analyze and respond to cyber attacks.
Get Whitepaper

Mobility vs. Security: Balancing Accessibility and Efficiency against Threats Internal and External

In today’s application economy, IT and business units are focused on increasing employee effectiveness and driving customer loyalty with a broad range of new ‘mobile-first’ applications. Having ‘an app for that’ offers many benefits – consumer-like experiences, increased use of enterprise applications, support for mobile workforce and a global customer base, to name just a few. But with each new mobile app – and mobile user – comes another attack surface and possible source of data loss or regulatory infraction. What now?

Attend this Slashdot webinar to hear our expert panel discuss the challenges facing IT, developers and DevOps teams today, and what enterprises of all sizes should be doing to ensure their applications and users aren’t at risk. Attendees will hear:

  • How MDM is evolving, and what that means to users and IT
  • Methods of controlling devices that access your network and apps – simply
  • Why provisioning matters, and how to accelerate onboarding and retiring of users and devices
  • How to give users secure corporate access while retaining their existing mobile experience
  • Why content is king – and how to collaborate securely no matter how large the group
  • How to give access behind the firewall – without messy configuration settings or VPNs.

Don’t wait – register now for this timely webinar and bring your questions for the experts to address during the Q&A following the presentation.

View Now

WP 12 Proven IR Strategies

Advanced targeted cyber attacks are increasing every year; being prepared with an incident response plan can minimize their duration and impact. In this white paper, read about 12 recommended actions that will help you prepare for, respond to and remediate security threats quickly and effectively.

Download now to learn more.
Get Whitepaper

WP Synful Knock

SYNful Knock is a stealthy modification of the router's firmware image that can be used to maintain persistence within a victim's network. It is customizable and modular in nature and thus can be updated once implanted. Even the presence of the backdoor can be difficult to detect as it uses non-standard packets as a form of pseudo-authentication.

The initial infection vector does not appear to leverage a zero-day vulnerability. It is believed that the credentials are either default or discovered by the attacker in order to install the backdoor. However, the router's position in the network makes it an ideal target for re-entry or further infection. Read this Whitepaper to learn more.
Get Whitepaper

WP How Secure Do You Want to Be

Protecting against advanced cyber-attacks requires, among other things, that you meet the same level of sophistication as your attackers. Unfortunately, most current security technologies fail to meet that bar, resulting in organizations being breached when they thought they were protected.

A resulting breach can be devastating, leading most organizations to re-evaluate their security program. Critically evaluating your security program in its entirety and looking for the areas it can be improved is a daunting task.
Get Whitepaper

WP Enemies in Our Midst

It’s not a question of if your organization will be breached. It’s a question of when.

Most attackers remain active in environments for a significant amount of time before being discovered. And only a small percentage of organizations discover the presence of advanced attackers themselves—most need to be informed by law enforcement or a proactive third-party security firm. By then, an attacker could do a great deal of damage.

A compromise assessment answers the all-important question: Have you been breached?
Get Whitepaper