This Lab Validation report from ESG provides you with best practices to create an environment that offers you simple unified data protection across physical and virtual landscapes, maximum protection and data availability, and reduced storage needs and operational costs. Request Free! |
This Blog has Moved!
Achieving Best Practices for Virtual Machine Backup and Recovery
Everything You Need To Know About A DDoS Attack
Big companies and brands have been victims of attacks with the attacks themselves growing in size and complexity. While large corporations are often the topic of these stories, DDoS attacks can happen to companies of any size. Just a few things you’ll learn and understand:
Request Free! |
Evaluating The Cost Of A DDoS Attack
Take a look at all that a DDoS attack can cost you (hint: it’s not JUST downtime) and maybe you’ll reconsider your plan of crossing your fingers that no one attacks you. While no one would want to undergo a DDoS attack and risk downtime, many companies don’t have the proper procedures and equipment in place to successfully prevent or mitigate an attack. For something that may never happen, many look at DDoS protection as a sunk cost. The question is, are you willing to risk the cost of a DDoS attack in order to save some money now? Find out just how much you’re putting at stake if you skimp on security. Request Free! |
Top 5 Ways to Improve Protection from Advanced Threats
In a recent IDG Research Survey, enterprise executives cited both the sophisticated threat environment and consolidation of security functions as top drivers for Next Generation FireWall (NGFW) deployments. Among other things, this webinar will discuss the top 5 ways network security professionals can improve their security posture in light of advanced threats. And see the 5 times faster next generation performance of Fortinet's FortiGate next generation firewalls. Request Free! |
5 DNS Security Risks That Keep You Up At Night
In this whitepaper, we discuss 5 common and treacherous security threats that can completely debilitate your DNS, and subsequently, your online business. From DNS Amplification Attacks to Registrar Hijacking, we explain exactly what goes on during these attacks, what threat do they pose to you, and how you can prevent becoming a target yourself. Don’t let your DNS fend for itself; give it the protection it needs to hide from the Internet monsters. Request Free! |
Space Weather Outlook July 27, 2014 at 10:44PM
Data Centers in the Crosshairs: Today's Most Dangerous Threats
Comprising the most valuable assets in your organization – your web, DNS, database, and email servers - data centers have become the number one target of cyber criminals, hacktivists and state-sponsored attackers. This paper analyzes the top five most dangerous threats to your data center. It also describes the impact of these threats and it reveals the latest methods, tools and techniques used by attackers to exploit data center resources. Request Free! |
Space Weather Outlook July 20, 2014 at 09:43PM
SECURITY LEADERSHIP SERIES: Security Strategies for Success
For IT leaders, these security strategies for success are essential reading. Request Free! |
Critical Concepts of the 200-120 CCNA Routing and Switching Exam
In the spring of 2013, Cisco announced major updates to their Cisco Certified Network Associate (CCNA) curricula, including a new version of the CCNA Routing and Switching exam (200-120 CCNA). This paper provides a review of the CCNA Routing and Switching exam's critical concepts, as an aid to students preparing to pass the latest version of the CCNA Routing and Switching exam. Request Free! |
The CIO Playguide for Secure BYOD
Mobile devices and the ability to work everywhere present a huge opportunity but also pose a challenge for IT in securing corporate data. This ebook provides essential insights for planning and deploying BYOD processes and tools to mitigate security risks and assure proper compliance. Ensure a successful BYOD program today, download the free ebook. Request Free! |
Single Sign-On Saves South Shore Staff 583 Hours a Day
Learn more about how single sign-on saved staff 583 hours a day and helped increase productivity at South Shore Hospital. With single sign-on they were able to reduce roaming sign-on time, increase security and improve their staff's overall workflow. Download this case study to learn how single sign-on saves time and increases user productivity in a regulated industry. Request Free! |
The Value of Perfect Forward Secrecy
A solution is to employ Perfect Forward Secrecy, in which unrecoverable temporary session keys are generated, used and discarded. When implemented correctly with Elliptic Curve Cryptography (ECC), Perfect Forward Secrecy is more secure than RSA algorithms and performs better. Request Free! |
Space Weather Outlook July 13, 2014 at 11:08PM
Protect Your IT Systems with Next Generation Security
A data breach, probings, hackers… protect your critical IT information. What these real-life examples have in common is that perpetrators can attack companies through their IT systems. Read how trusted computing from IBM PureFlex System can help secure your systems against emerging threats. Request Free! |
The Essentials of Information Security Kit: Includes a Free PC Security Handbook - 2nd Edition eBook
The Essentials of Information Security brings together the latest in information, coverage of important developments, and expert commentary to help with your Information Security related decisions. The following kit contents will help you get the most out of your Information Security research:
Request Free! |
Extending Traditional Security to VDI
Organizations have adopted Virtual Desktop Infrastructure (VDI) due to benefits such as increasing overall utilization, reducing management costs, and enhancing security. VDI also supports consumerization and Bring-Your-Own-Device (BYOD) strategies, as endpoint users can access applications and data on their desktops using any mobile device, resulting in better productivity. However, extending traditional security to virtualized environments opens up networks to a plethora of security challenges and threats that can lead to business disruption or, worse, data leakage. Request Free! |
Space Weather Outlook July 06, 2014 at 09:45PM
The 2014 Next Generation Firewall Challenge
The Target security breach and discovery of the “Heartbleed” vulnerability in web encryption software taught us some important lessons about enterprise security. Analyst Robin Layland applies those lessons to establish key requirements for Next-Generation Firewalls (NGFW). Then HP's TJ Alldridge explains how HP TippingPoint NGFW meets those requirements and offers a compelling NGFW that is simple, effective, and reliable. Read the report to learn:
Request Free! |
No-IP Microsoft Takedown: When Good Intentions Go Bad
In case you hadn't heard, Microsoft convinced a federal court to seize 22 of No-IP.com's domains, taking down most of No-IP's free subdomains and impacting millions of users. Microsoft's justification was that No-IP.com subdomains are used by malware creators.
According to No-IP, Microsoft's intention was only to "filter out" the bad sub-domains, and continue to serve traffic for the valid ones. However, Microsoft's infrastructure was unable to handle the load, and stopped serving No-IP content completely. Even if Microsoft's infrastructure would have been able to handle the load, the privacy implications for this kind of court order are astounding, and disturbing.
To put this in context, this would be no different from another company convincing a Federal court to seize Outlook.com or Live.com "because spammers and scammers use it to contact victims". Then, monitor every single email address, and make sure it's not being used by a scammer.
Disturbed yet? You should be. Common uses for No-IP include VPN/remote desktop to home systems, monitoring home security systems and IP-cameras, and private game servers. And the only way Microsoft would know for sure if a domain was used by a malware creator would be to inspect the traffic for each and every subdomain. It's no wonder Microsoft's infrastructure wasn't able to handle the load.
Another use which I have personally used No-IP for in the past on multiple occasions is for seeding honeypot URLs. You can see some of the results of my honeypot over at the CaffSec Malware Analysis Lab, including a LOT of previously unknown malware. So, in Microsoft's attempts to make the Internet a safer place, they have seriously hindered my (and most likely others') honeypots ability to collect new malware samples.
Additionally - sometimes it's not always the right step to shutdown a malware command and control center. Sometimes, the better approach is to simply monitor the known command and control center, in order to trace back its origins. Otherwise, when that C&C server is shutdown, investigators lose future sources of intelligence. It is sometimes much more effective to monitor malware creators than play a never-ending game of whack-a-mole with their servers.
So, with that said, who's going to step up to the plate and sieze Microsoft's free email system? I'm sure they won't mind, since they had no problems seizing domains from No-IP.
Extending Traditional Security to VDI
Organizations have adopted Virtual Desktop Infrastructure (VDI) due to benefits such as increasing overall utilization, reducing management costs, and enhancing security. VDI also supports consumerization and Bring-Your-Own-Device (BYOD) strategies, as endpoint users can access applications and data on their desktops using any mobile device, resulting in better productivity. However, extending traditional security to virtualized environments opens up networks to a plethora of security challenges and threats that can lead to business disruption or, worse, data leakage. Request Free! |
5 DNS Security Risks That Keep You Up At Night
In this whitepaper, we discuss 5 common and treacherous security threats that can completely debilitate your DNS, and subsequently, your online business. From DNS Amplification Attacks to Registrar Hijacking, we explain exactly what goes on during these attacks, what threat do they pose to you, and how you can prevent becoming a target yourself. Don’t let your DNS fend for itself; give it the protection it needs to hide from the Internet monsters. Request Free! |