SlashdotMedia AdOps Asset Management

Dispelling the Myths Around DDoS

In 2014 Ovum looked at the evolution of the distributed denial-of-service (DDoS) attack landscape, highlighting that massive volumetric attacks were on the rise, while lower-bandwidth, more sophisticated attacks were targeting the application layer. It also described how DDoS had evolved from a standalone threat to become increasingly part of blended attacks against intellectual property or financial assets, with the DDoS providing a smokescreen to cover the theft.

This white paper updates the process, looking at attack data for the last year, as well as discussing and seeking to dispel some of the myths around how DDoS mitigation is developing. Finally, it makes recommendations regarding the kind of infrastructure that companies facing the entire spectrum of DDoS attacks should adopt.

Evolving to Hunt: Changing Organization Models and Metrics for Effective Incident Response

This paper examines the four stages of evolution as security organizations move from reactively responding to incidents to proactively identifying and hunting for threats. It provides a snapshot of each stage, including the size and structure of the security team, approaches to incident response (IR), team skill sets and necessary metrics. It also identifies how to evolve your security posture to one capable of proactively hunting and neutralizing advanced cyber threats—before you end up in the headlines.

The Hunted Becomes the Hunter

The ground has shifted under most enterprise IT security staff. Breaches are now capturing prime-time air across mainstream media outlets. As the world becomes more connected, it is no longer enough for enterprises to react once an alert indicates an attacker is inside the network. Instead, with continuous packet capture and threat feeds followed by analysis, it is now possible to hunt the attackers and locate them versus waiting for an alert. Breaches may be viewed as a security problem, but it’s they’re a bigger issue. This is a business problem; similar to lost customers, inventory, or market share, but it just happens to be through technology.

Experienced security leaders and executives have already recognized this challenge and are working towards assembling the perfect blend of people, process, and technology. What is it that they are forming? Internal teams directed to stop waiting for alerts to indicate there’s a problem and to go hunt for the attacker.

Replicación Veeam: La protección un paso más allá

No cabe duda que cada día hay una mayor relación entre la actividad objeto del negocio, la que proporciona los beneficios, y la tecnología utilizada en cada organización. Y del acierto en la elección de estos dependerá totalmente el éxito o fracaso de cada organización. Ciñéndonos al apartado estrictamente tecnológico existe una relación directa, como ocurre con el comercio online, donde la más mínima variación sobre el comportamiento previsto impacta directamente a la cuenta de resultados, y existen relaciones indirectas, como ocurre con servicios financieros, donde la indisponibilidad de un servicio de consulta online, afecta a la imagen de la compañía, lo que repercutirá negativamente en los resultados futuros, especialmente si esta situación se repite.

Top Ten Challenges of Cloud Implementation

The cloud is about transforming businesses, gaining extreme competitive advantage, interacting directly with customers in real time, and dozens of other game-changing possibilities.

Cloud 101 Primer: An introduction to the Cloud

The Peak 10 Cloud 101 Primer provides an important baseline understanding of the cloud and the various concepts and components that comprise it.

Building security controls into cloud services

Ensuring security in cloud networks presents its own set of challenges …challenges that everyone who builds, uses or manages cloud services must be prepared to meet.

Benefiting from Breaches: What We Can Learn

Given that data security and protection takes effort, this eBook shares steps that you should take as well as lessons to be learned from recent data breaches.

Putting Disaster Recovery on the SQL Server Platter: a Perfect Combination

Download our eBook today to find out how to get the most from your database solutions by protecting your critical IT assets from unexpected events and disasters.

How To Choose A Certificate Authority for Safer Web Security

Without trust, no website or online service can succeed in the competitive online marketplace. This year has seen a spate of breaches that have targeted the systems of Certificate Authorities (CAs), the companies that prove websites and services are secure and safe to use. Some of these attacks have undermined the trusting relationship between users and even well-known online brands. The changing security landscape has demonstrated not all CAs are the same, and choosing the right CA is critical to running and maintaining a safe and trusted online business.

This white paper looks at the role of CAs in web security, including what measures a CA can take to promote trust in its certificates and the criteria to consider when choosing the best CA for the job.

Software License Optimization for the Datacenter

Optimized license management is a necessity for all software licenses owned by the enterprise, from desktop to datacenter and beyond. While many organizations understand their license position for the desktop estate, the reality is that licensing in the datacenter still presents a daunting set of challenges that require a robust, automated Software License Optimization solution. Compounding this, it is difficult to take the same set of processes, technologies, and remediation techniques used to manage desktop licenses and apply them to datacenter license management. Organizations need a solution to address the unique license management requirements of enterprise IT environments including the desktop, datacenter and private and/or hybrid clouds.

Zero Trust on the Endpoint

The Forrester Zero Trust Model (Zero Trust) of information security advocates a “never trust, always verify” philosophy in protecting information resources. Though the model has traditionally been applied to network communications, it is clear that today’s cyber threats warrant a new approach in which the Zero Trust model is extended to endpoints. Palo Alto Networks® Traps™ Advanced Endpoint Protection is an innovative endpoint protection technology that prevents exploits and malicious executables, both known and unknown. It has the proven capacity to act as the enforcer for Zero Trust and to serve as a vital component of an enterprise’s security architecture and compliance suite on the endpoint.

Operation Lotus Blossom

Operation Lotus Blossom describes a persistent cyber espionage campaign against government and military organizations in Southeast Asia, stretching back over three years. Nations we have identified as targeted in this campaign include Hong Kong, Taiwan, Vietnam, the Philippines and Indonesia. The Lotus Blossom group deploys a backdoor Trojan, named Elise, after the sports car made by Group Lotus PLC of the United Kingdom.

Threat Landscape Review

It is essential that information security practitioners, from management and governance to enablement and execution, stay up to date on the trends, distribution patterns and risks presented by the ever-evolving threat landscape.

Threat Intelligence Cloud

No organization today is immune to cybercrime. Cyber criminals are ramping up activity across the globe and utilizing new methods to evade traditional security measures. An effective network security solution must not only prevent known threats from entering and damaging the network, but also leverage global threat intelligence to protect the network from unknown threats. Traditional detection-focused solutions typically focus on a single threat vector across a specific section of the network, leaving multiple areas vulnerable to attack. In addition, these legacy solutions are made up of a “patchwork” of point products that make it very difficult to coordinate and share intelligence among the various devices. By employing the Palo Alto Networks® Threat Intelligence Cloud, businesses can reduce their attack surface, block all known threats, and leverage the global threat community to detect unknown threats and convert them into known, stoppable threats.