La ligne Maginot de la cybersécurité — La suite : Résultats de nouveaux tests en conditions réelles

Les cyberpirates contournent les défenses informatiques traditionnelles presque à leur guise, compromettant des systèmes partout dans le monde et dans pratiquement tous les secteurs d'activité. Cette étude fait suite à notre rapport La ligne Maginot de la cybersécurité : Un audit grandeur nature du modèle de défense en profondeur, publié en mai 2014, et analyse les nouvelles données récoltées dans les mois qui ont suivi. De fait, les dispositifs de défense actuels sont autant de lignes Maginot : des dispositifs impressionnants qui se révèlent au bout du compte inefficaces.
Get Whitepaper

M-Trends: Les Nouvelles du Front

Plongez-vous dans l'univers bien réel des cybermenaces. « M-Trends 2015 : Les nouvelles du front » vous livre une analyse issue de centaines d'interventions sur incidents réalisées par Mandiant auprès d'entreprises de plus de 30 secteurs d'activité. Analyses, décryptages, statistiques et études de cas : ce rapport revient sur l'évolution des outils et tactiques mis en œuvre par les auteurs de menaces APT au cours de l'année écoulée. Il présente en outre les diverses mesures et solutions que les entreprises peuvent adopter pour détecter, contrer et neutraliser plus efficacement les attaques avancées.
Get Whitepaper

The Business Case for Protecting Against Advanced Attacks

You understand the intricacies of today’s threat landscape, and the difficulties your organization faces when attempting to prevent, investigate and remediate targeted attacks, but how do you explain that difficulty, and subsequent cost, to senior leadership? Often the best tactic is to speak to them in a language that they understand: money.

This paper provides step-by-step instruction on how to craft an effective business case for a proactive, advanced threat solution and describes how to:
  • Properly communicate the challenges you face
  • Assess the business impact
  • Shift the discussion from technically-focused to dollars and cents.
Get Whitepaper

The SIEM Who Cried Wolf: Focusing Your Cybersecurity Efforts on the Alerts that Matter

Users cannot keep up. They cannot tell which alerts are important. Urgent warnings get lost in the noise. When valid warnings do appear, security teams don’t know what to do with them.

For truly effective protection, security leaders must focus on the ability to detect true threats, quality of alerts rather than the quantity. This paper explores the factors behind the deluge of alerts, why they hurt rather than help protect your assets, and how you can better manage them.

Download the report to read more.
Get Whitepaper

CLOSING THE SKILLS GAP: How FireEye as a Service Can Enhance Your Tools, Team, and Security Service Providers

FireEye as a Service helps companies defend against growing threats in an age where top security talent is in short supply. It enhances your existing security infrastructure by engaging FireEye security experts to monitor your network and endpoints around the clock, using FireEye technologies and specialized techniques to hunt for signs of compromise that have gone unnoticed. These experts provide detailed reports of what they find and recommend how you should respond.

Read this Whitepaper to learn more.
Get Whitepaper

Forrester: Define A Road Map To Accelerate Your Security Program

Security leaders are now expected to be experts in the latest technologies, security controls, global regulations, privacy issues, contracting terms, and communications. Few, if any, security programs can live up to these expectations; your road map should explain plans to delegate functions, influence partners, and collaborate with stakeholders.

This report explains the forces that should drive transformation in your program and how to incorporate them into a road map that will make internal stakeholders appreciate how the security programs makes their objectives more attainable.
Get Whitepaper

A New World Of Colocation

Colocation services need to evolve to realign with changing IT strategies and market needs. This independent research by Bell Microsystems commissioned by Infinity SDC examines:

• The challenges facing organisations using colocation services

• The roadmap to flexible data centre contracts

• The benefits of colocation evolution and the impact on costs and power efficiency

Get Whitepaper

Protection from the Inside: Application Security Methodologies Compared

Applications are a primary target for cyber attacks. Historically, Web Application Firewalls (WAFs) have been a popular choice for protecting production applications from attack. But they have their limitations, and advice on how to bypass a WAF is readily available. Learn how context from within the application allows Runtime Application Self-protection (RASP) to provide additional protection using visibility into application configuration, logic and data flows. In this paper, the SANS Institute captures the relative capabilities and efficiencies of RASP and WAF technologies using a representative product in each category. Learn how your defense-in-depth strategy could benefit from the additional visibility of runtime protection.
Get Whitepaper

Hybrid Storage for Backup and Data Protection

Backup and data protection continue to be critical considerations for any enterprise. As an established leader in backup storage, Quantum offers QXS hybrid storage systems as a cost-effective option for block storage that can be used for backup.

Users have many choices for backup and disaster recovery storage, including deduplication appliances, standard block or NAS storage for backup, the cloud for off-site DR protection, and, of course, most users continue to use tape for long termretention, compliance, and archiving.

Get Whitepaper

ESG Brief: The ESG Cybersecurity Maturity Model

How does your cyber security program compare to other companies? Where do your security people, processes, and technology place you among peer organizations? And more important, what should be your next steps to improve your program?

Based on their research, Enterprise Strategy Group has developed a cyber security maturity model that classifies organizations as basic, progressing, or advanced. Read this report to learn:

• The security philosophy exhibited by basic, progressing, and advanced organizations
• How organizations at each level of maturity apply people and technology
• The characteristics of security processes found at each maturity level
• The recommended advancement steps for organizations at each level

Get Whitepaper

State of security operations: 2015 report of capabilities and maturity of cyber defense organizations

Your ability to detect and stop cyber attacks depends on the effectiveness of your security operations team. How does yours stack up to the best? And what should you do to improve?

HPE Security Intelligence and Operations Consulting has assessed the capabilities of 87 security operations centers worldwide. This updated 2015 report bring you the latest information. Read it to learn:

• The latest trends in security defenses and operations
• The attributes of the most effective organizations
• The point at which enhanced process maturity actually degrades effectiveness
• How companies featured in case studies have improved—or degraded—their capabilities

Get Whitepaper

Internet of Things Security Study: Home Security Systems Report

Home security and remote monitoring systems are one of the immediate applications for the Internet of Things (IoT). They can alert you to fires and intrusions, provide a reassuring view inside your home, and let you control your home systems remotely. But could they—and other IoT applications—open your home to hackers?

A new study by Hewlett Packard Enterprise Security, "Internet of Things Security Study: Home Security Systems Report," uses HPE Fortify on Demand to explore the cyber security features of 10 leading systems. You need to understand the results if you are considering a home security system—or any of the IoT applications coming down the pike. Read the report to learn the glaring security problems found in almost all systems tested.

Get Whitepaper

Unlikely Partnerships

Agile development organizations often see application security considerations as impediments to the rapid release cycles they strive for. But releasing software with vulnerabilities opens the door to hackers and puts the entire business at risk. How do you develop an application security program that protects the business without impacting time to market?

This white paper explores the tension between development and security teams and proposes an approach to building security into the software development lifecycle. Read it to learn:

• The five elements needed to build security into the development process
• How to use automated security scanning to make application security more reliable and efficient
• How HP Fortify can help you get started quickly

Get Whitepaper

TP ATA Network World QuickPulse

A new survey from IDG Research Services tells the story: most organizations lack confidence in the ability of their security defenses to keep them safe. In fact, more than half said 100% security is a pipe dream. This summary by Network World lays out the facts but also presents an approach to detect malware and prevent it from spreading throughout the network.

Read the summary to learn:

• How respondents view their security measures
• Why a layered approach to security is now necessary
• How HP TippingPoint Advanced Threat Appliance "detonates" suspicious files or malware in a safe sandbox environment to stop it before it can spread

Get Whitepaper