This Blog has Moved!

This blog is moving to


Thank you for visiting! Content will remain here for archival purposes.

Space Weather Outlook November 29, 2015 at 09:22PM

Official Space Weather Advisory issued by NOAA Space Weather Prediction Center Boulder, Colorado, USA SPACE WEATHER ADVISORY OUTLOOK #15-48 2015 November 29 at 7:12 p.m. MST (2015 November 30 0212 UTC) **** SPACE WEATHER OUTLOOK **** Summary For November 23-29 No space weather storms were observed. Outlook For November 30-December 6 Category G1-Minor geomagnetic storms are likely on 01 December due to effects from a recurrent positive polarity coronal hole high speed stream. Data used to provide space weather services are contributed by NOAA, USAF, NASA, NSF, USGS, the International Space Environment Services and other observatories, universities, and institutions. More information is available at SWPC's Web site http://swpc.noaa.gov Thank you for using the Product Subscription Service. If you would like to remove a product subscription or update the personal information in your account, go to the Product Subscription Site. Please do not use the from address for correspondence, as it is not monitored. For comments or help, please contact SWPC Help.

Drones for Dummies (FREE eBook Valued at $16.99) Plus a Chance to Win a Parrot Bebop Drone!

The following is external content provided as a free resource for blog readers.
Ready to soar into the world of unmanned aircraft? Drones For Dummies introduces you to the fascinating world of UAVs. Written in plain English and brimming with friendly instruction, Drones For Dummies provides you with the information you need to find and purchase the right drone for your needs, examples of ways to use a drone, and even drone etiquette and the laws and regulations governing consumer drone usage. Plus, you'll discover the basics of flight, including how to use a drone to capture photos and video.

Download today & be entered to win your very own drone!

Request Free!

Space Weather Outlook November 23, 2015 at 01:34AM

Official Space Weather Advisory issued by NOAA Space Weather Prediction Center Boulder, Colorado, USA SPACE WEATHER ADVISORY OUTLOOK #15-47 2015 November 22 at 11:15 p.m. MST (2015 November 23 0615 UTC) **** SPACE WEATHER OUTLOOK **** Summary For November 16-22 G1 (Minor) geomagnetic storming was observed on 18 November due to a combination of the arrival of the 15-16 November coronal mass ejections as well as coronal hole high speed stream activity. Outlook For November 23-29 There is a chance for R1-R2 (Minor to Moderate) radio blackouts from 23-25 November due to flare potential from active sunspot Region 2454. Data used to provide space weather services are contributed by NOAA, USAF, NASA, NSF, USGS, the International Space Environment Services and other observatories, universities, and institutions. More information is available at SWPC's Web site http://swpc.noaa.gov Thank you for using the Product Subscription Service. If you would like to remove a product subscription or update the personal information in your account, go to the Product Subscription Site. Please do not use the from address for correspondence, as it is not monitored. For comments or help, please contact SWPC Help.

Online Penetration Testing and Ethical Hacking - FREE Video Training Course

The following is external content provided as a free resource for blog readers.
No longer will money have dominion over our ability to learn. Anyone who wants to become a penetration tester, now has the opportunity to learn to do so with this free course.

The need for capable ethical hackers is a global need. Ethical hackers are “white-hat” hackers (aka the good guys) that penetrate secured systems to highlight flaws and weaknesses in a system. They help government agencies, private businesses and public organizations identify what is secure and what needs to be fixed. If the idea of hacking as a career excites you, you'll benefit greatly from completing Penetration Testing and Ethical Hacking video training course.

Learning objectives include:
  • Intrusion Detection
  • Policy Creation
  • Social Engineering
  • DDoS Attacks
  • Buffer Overflows
  • Virus Creation
Total Course Duration: 13 hrs, 26 mins

Request Free!

Practical Guide to IT Security Breach Prevention Part II

The following is external content provided as a free resource for blog readers.
A staggering 1/3 of businesses have experienced lost or stolen staff mobile devices and, of those, ¼ have lost data as a result.

With users connecting to unsecured public networks and social media platforms on both company-owned and personal devices, sensitive data can now be accessed--and lost--from more endpoints than ever before.

Kaspersky Lab has created a set of IT & Data Security Breach Prevention Practical Guides to simplify this seemingly daunting task. Download Part II to learn:
  • How to protect employees wherever they're working
  • How to close the door to mobile malware
  • How to balance freedom and control with employee internet


Request Free!

Short Guide to Protecting Against Web Application Threats

The following is external content provided as a free resource for blog readers.
Although there is no single security measure than can prevent all threats, there are some that provide broad—based mitigation to a number of threats. The use of SSL encryption and digital certificate‐based authentication is one of them.

In this paper learn how SSL encryption can protect server-to-server communications, client devices, cloud resources, and other endpoints in order to help prevent the risk of data loss. Also included is a step-by-step guide to assessing your needs, determining where SSL encryption and digital certificate-based authentication may be helpful, planning for the rollout of SSL to Web applications, and establishing policies and procedures to manage the full life cycle of SSL certificates.

Request Free!

Spoofing Server-Server Communication: How You Can Prevent It

The following is external content provided as a free resource for blog readers.
Learn how to prevent the new SSL Strip threat that could compromise your secure applications. In this must read white paper, “Spoofing Server-Server Communication: How You Can Prevent it,” written by security analyst Larry Seltzer, you will learn about the new advances in attacks that exploit weaknesses of generic SSL to compromise server-server communication and how you can help prevent it.

Request Free!

Perfect Forward Secrecy - The Next Step in Data Security

The following is external content provided as a free resource for blog readers.
That's why Symantec is continuing to innovate with Perfect Forward Secrecy—SSL certificates that feature ECC. Elliptic Curve Cryptography allows increased performance and protection with shorter key lengths to bring greater confidence to you and your customers.

Request Free!

The Shortcut Guide to Business Security Measures Using SSL

The following is external content provided as a free resource for blog readers.
Designed for IT professionals and business managers, this guide provides an overview of security threats, their impact on businesses, and, perhaps most importantly, practices and technologies for controlling security risks. The first chapter begins with a discussion of cybercrime and the business resources targeted by increasingly sophisticated and organized attackers. The second chapter moves to examine how common weaknesses in business processes, such as insufficient use of SSL, leave organizations vulnerable to data breaches and compromised systems. The final two chapters address how to create a high impact security strategy and implement best practices, including multiple uses of SSL technologies, to protect your business.

Request Free!

A New Prescription for Privacy: Understanding and Meeting Security Requirements for Electronic Health Records

The following is external content provided as a free resource for blog readers.
Technology continues to make information more readily available to a larger group of people than ever before. Yet even as the latest technological advances bring a greater wealth of opportunities for sharing and distributing knowledge, each advance also increases the risk that sensitive data will land in the wrong hands. The more sensitive the data, the greater the risk—and few industries handle a larger volume of sensitive data than the healthcare industry.

No matter how your organization decides to secure its EHR system, working with a trusted third party like Symantec will help ensure that patient records are always protected with the most advanced security solutions currently available. With Symantec, providers can be sure that their EHR systems—and the vital data they contain—are safe, so doctors and hospitals can focus on delivering the best possible care to their patients.

Request Free!

The Shortcut Guide to Protecting Against Web Application Threats Using SSL

The following is external content provided as a free resource for blog readers.
Designed for IT professionals and business managers, this guide provides an overview of security threats, their impact on businesses, and, perhaps most importantly, practices and technologies for controlling security risks.

The first chapter begins with a discussion of cybercrime and the business resources targeted by increasingly sophisticated and organized attackers. The second chapter moves to examine how common weaknesses in business processes, such as insufficient use of SSL, leave organizations vulnerable to data breaches and compromised systems. The final two chapters address how to create a high impact security strategy and implement best practices, including multiple uses of SSL technologies, to protect your business.

Request Free!

Website Security for Dummies

The following is external content provided as a free resource for blog readers.
Symantec demystifies the science behind SSL authentication, encryption and more in the world-famous ‘For Dummies’ style, it's The How-To Guide to keeping a company safe from online threats.

Learn to:
  • Make the business case for website security
  • Explain how SSL forms the foundation of great website security
  • Choose and implement the right SSL certificates for your website
  • Follow best practice for maintaining a healthy and trusted website


Request Free!

Frost & Sullivan Analyst Paper, 'Six Golden Rules for Selecting an SSL Certificate'

The following is external content provided as a free resource for blog readers.
The foundation of trusted Internet communications are Secure Socket Link (SSL) certificates, an encryption technology installed on Web servers that permits transmission of sensitive data through an encrypted connection. Using a Public-Key Infrastructure (PKI), SSL certificates authenticate the end-use Website and the endpoint server, making it difficult for those sites to be imitated or forged.

The acquisition of SSL certificates should always be a relatively easy experience; however, the purchasing decision should never be regarded lightly. When businesses consider SSL certificates; there six Golden Rules a purchaser should keep in mind.

At the end of the day, people want to make sure their Web sites are secured with as little friction as possible—Symantec gives businesses every opportunity to achieve that goal.

Request Free!

Hidden Dangers Lurking in E-Commerce - Reducing Fraud with the Right SSL Certificate

The following is external content provided as a free resource for blog readers.
On the Internet, it is easy to pretend to be someone you are not. Looking at the way we all interact online, it's important to understand the threat landscape and help the industry take the required action. The fact is that e-commerce can prove to be extremely compulsive – buy something now! With cost, time until delivery, and returns policy often highest up the agenda, security is typically an afterthought at most. It's no wonder that the cyber criminals have moved in en masse, lured by the easy pickings and riches to be had. And it's this movement that makes security and particularly the use of security online more important today than ever before.

Request Free!

Website Security Threat Report: 2015

The following is external content provided as a free resource for blog readers.
Packed with valuable insights and statistics, included is over ‘100 pages’ of all you need to know about the threats that impact your online business world.

Part 2 will walk you through the latest on the fast-evolving world of targeted attacks - from cyber espionage tactics to denial of service, spear-phishing and watering hole attacks. And in part 3, discover how the public made criminal's lives easier in falling for the latest social media attacks and online scams. Plus, take an invaluable look ahead and benefit from our security recommendations and best practices.

Request Free!

Reduce Your Open Source Security Risk: Strategies, Tactics, and Tools

The following is external content provided as a free resource for blog readers.

There’s no doubt that open source software (OSS) is here to stay, but that doesn’t mean that developers can feel free to use all and any open source software components with no thought to the vulnerabilities and security issues they may introduce into development projects. The fact is, there’s no such thing as bulletproof, bug-free, automatically license compliant, and easily auditable software. Not in the open source world and not in the commercial off the shelf (COTS) world. So, it’s incumbent on developers, project team leaders, IT managers, CIOs and CTOs to ensure that there are sound strategies and tactics making it easy to acquire, distribute, use, monitor, analyze, and keep track of open source software to reduce the risk of vulnerable and buggy software and applications to an absolute minimum.



Request Free!

Defend Against Injection-based Attacks

The following is external content provided as a free resource for blog readers.

Security weaknesses today occur most often in software that is accessible from a user’s desktop, tablet, or mobile device. Web-based applications, network-enabled or controlled devices, and widely-used mobile software are the applications most targeted. This is followed by infrastructure applications such as operating systems, web servers, and browser-based software including plug-ins and extensions. The cause of these weaknesses typically stems from the developer not anticipating how the software could be misused and made to perform actions it wasn’t designed to do. The root problem is often a lack of secure input handling to block any application input or content that has not first been scanned for and had any harmful aspects filtered out. 



Request Free!

Using Micro-Segmentation to Make Cybersecurity Work

The following is external content provided as a free resource for blog readers.
Cybersecurity is dead....that is, the way it was originally designed and is currently deployed. Whether measured by the billions of dollars wasted trying to implement it, or the almost-daily breach notifications from organizations around the world, the core premise of old security models is failing society every day.

A fresh approach to security will tip the balance of power back to the good guys. This paper outlines the power of Micro-segmentation to do just that.

Request Free!

Stop Counting Threats, Start Containing Them

The following is external content provided as a free resource for blog readers.
As threats continuously evolve and become more sophisticated and targeted, the traditional methods of using firewalls, intrusion detection and prevention systems means there will never be a guarantee of full protection. Stop spending more and more on security with no impact.

Request Free!

The Generation-D Dilemma: How Tech-Savvy Workers are Affecting Enterprise Security

The following is external content provided as a free resource for blog readers.
Find out what Frost and Sullivan, Fierce MobileIT and many other experts have to say about the new state of enterprise security. In this infographic, you'll find a variety of valuable content on maintaining IT governance while giving users the new tools they need to work the way that works best for them.​​

Request Free!

Space Weather Outlook November 16, 2015 at 01:40AM

Official Space Weather Advisory issued by NOAA Space Weather Prediction Center Boulder, Colorado, USA SPACE WEATHER ADVISORY OUTLOOK #15-46 2015 November 15 at 11:30 p.m. MST (2015 November 16 0630 UTC) **** SPACE WEATHER OUTLOOK **** Summary For November 9-15 An R1 (Minor) radio blackout was observed on 09 November due to flare activity from sunspot Region 2449. G1 (Minor) geomagnetic storms were observed on 09-11 November with G2 (Moderate) on 10 November due to coronal hole high speed stream activity. Outlook For November 16-22 There is a chance for an R1 (Minor) radio blackout on 22 November with the Return of old Region 2443 to the visible disk. Data used to provide space weather services are contributed by NOAA, USAF, NASA, NSF, USGS, the International Space Environment Services and other observatories, universities, and institutions. More information is available at SWPC's Web site http://swpc.noaa.gov Thank you for using the Product Subscription Service. If you would like to remove a product subscription or update the personal information in your account, go to the Product Subscription Site. Please do not use the from address for correspondence, as it is not monitored. For comments or help, please contact SWPC Help.

Build a Strong End User Security Strategy with These 3 Components

The following is external content provided as a free resource for blog readers.
Security breaches are expensive, costing U.S. businesses an average of $3.5 million per incident, which doesn't include brand damage or other intangibles. Unfortunately, breaches are highly likely to happen, with 87% of organizations experiencing a breach in the past 12 months.

Data, whether it's intellectual property or personal data, needs to be protected. Dell Data Protection solutions provide encryption, malware protection, and authentication for Dell and non-Dell products, to equip businesses with a complete, easy-to-manage, end-user security solution.

Dell recommends Windows 10

Protect sensitive information.
Windows devices deliver users the industry's best multi-layered data protection and recovery options.

Request Free!

Quantifying the Value of Software Asset Management

The following is external content provided as a free resource for blog readers.
Getting visibility and more control over the software applications installed on all of your organization's servers, computers and devices can be a struggle. In this white paper, you'll gain better insight into how a Software Asset Management solution can help you track and manage software applications through all phases of their lifecycle.
  • The impact SAM has on improved budgeting, purchasing and utilization across the enterprise
  • Key security considerations including fully integrated auditing and tracking tools
  • The key areas of your service organization that can achieve the most significant hard-dollar savings with the right SAM solution in place
This white paper will also guide you through calculating your potential Return on Investment (ROI) on software asset management in order to present senior management with a compelling business case for the solution.

Request Free!

Building Effective Controls to Detect and Prevent Fraud

The following is external content provided as a free resource for blog readers.
All organizations are at risk for loss of money and reputation due to fraud. Recently, auditors have challenged the effectiveness of many antifraud controls, and regulators have taken action against executives for failure to implement.

Hear from Joe Howell, Workiva Co-founder and Executive Vice President, and Kelly Richmond Pope, Founder of Helios Digital Learning, as they provide insights into the nature of fraud and the essential ingredients of systems that prevent and detect fraud effectively.

Request Free!

Introduction to Windows 10 Security (a $24.95 value) FREE for a limited time

The following is external content provided as a free resource for blog readers.

This book covers:

  • The current security landscape: Microsoft has taken a comprehensive top down approach to securing Windows 10 — you’ll learn why this is happening.
  • Securing Windows 10 for the consumer: This book is full of practical information about using the tools Microsoft provides to lock down your PC or mobile devices.
  • Securing the Enterprise: You’ll also learn what new tools Microsoft has provided for IT professionals to lock down employee hardware and software.


Request Free!

Encryption as an Enterprise Strategy

The following is external content provided as a free resource for blog readers.
IANS (Institute for Applied Network Security) conducted a survey of over 100 information security professionals to see how they are dealing with advanced attacks while moving into cloud and outsourced service models, where they may have little control over security.

Request Free!

Complying with PCI DSS Requirements with DataStax and Vormetric

The following is external content provided as a free resource for blog readers.
Securing data is a requirement for organizations that handle debit, credit and prepaid cards. These institutions must comply with security standards to avoid data breaches. DataStax with Vormetric offers a comprehensive data security solution to help organizations comply with PCI DSS requirements.

Request Free!

Selecting Encryption for 'Data at Rest' in Back-End Systems

The following is external content provided as a free resource for blog readers.
In this paper, the Aberdeen Group explores why full-disk encryption has become an attractive solution for the risks to data in use at the endpoints—and why file-level encryption is a better fit for the risks associated with data at rest in back-end systems.

Request Free!

Implementing SSL / TLS Using Cryptography and PKI (FREE eBook) Usually $39.99

The following is external content provided as a free resource for blog readers.
If you are a network professional who knows C programming, this practical book is for you. Focused on how to implement Secure Socket Layer (SSL) and Transport Layer Security (TLS), this book guides you through all necessary steps, whether or not you have a working knowledge of cryptography. The book covers SSLv2, TLS 1.0, and TLS 1.2, including implementations of the relevant cryptographic protocols, secure hashing, certificate parsing, certificate generation, and more. Coverage includes:
  • Understanding Internet Security
  • Protecting against Eavesdroppers with Symmetric Cryptography
  • Secure Key Exchange over an Insecure Medium with Public Key Cryptography
  • Authenticating Communications Using Digital Signatures
  • Creating a Network of Trust Using X.509 Certificates
  • A Usable, Secure Communications Protocol: Client-Side TLS
  • Adding Server-Side TLS 1.0 Support
  • Advanced SSL Topics
  • Adding TLS 1.2 Support to Your TLS Library
  • Other Applications of SSL
  • A Binary Representation of Integers: A Primer


Request Free!

Space Weather Outlook November 08, 2015 at 09:35PM

Official Space Weather Advisory issued by NOAA Space Weather Prediction Center Boulder, Colorado, USA SPACE WEATHER ADVISORY OUTLOOK #15-45 2015 November 8 at 7:22 p.m. MST (2015 November 9 0222 UTC) **** SPACE WEATHER OUTLOOK **** Summary For November 2-8 A series of R1 (Minor) radio blackouts were observed on 04 November from flare activity observed from Regions 2443 and 2445. G1 (Minor) geomagnetic storms were observed on 03-04 November due to effects from a positive polarity coronal hole high speed stream (CH HSS). G1 (Minor) and G2 (Moderate) geomagnetic storms were observed on 07 November due to effects from the 04 November coronal mass ejection. Outlook For November 9-15 There is a chance for R1 (minor) radio blackouts through the outlook period due to potential flare activity from Regions 2443 and 2449, coupled with an old active region due to rotate onto the disk on 12 November. G1 (Minor) geomagnetic storms are possible on 09 November due to effects from a recurrent, positive polarity CH HSS. Data used to provide space weather services are contributed by NOAA, USAF, NASA, NSF, USGS, the International Space Environment Services and other observatories, universities, and institutions. More information is available at SWPC's Web site http://swpc.noaa.gov Thank you for using the Product Subscription Service. If you would like to remove a product subscription or update the personal information in your account, go to the Product Subscription Site. Please do not use the from address for correspondence, as it is not monitored. For comments or help, please contact SWPC Help.

IBM Security Network IPS GX7800 Comparative Efficacy and Performance Evaluation

The following is external content provided as a free resource for blog readers.
Tolly Group evaluated the security and performance of the IBM Security Network IPS GX7800 vs. a standard signature-based platform.

Request Free!

Supporting the Zero Trust Model of Information Security

The following is external content provided as a free resource for blog readers.
In this Forrester Research paper, analyst John Kindervag, will discuss the “zero trust” model for security and best practices to combat these new generation of threats.

Request Free!

Combat the Latest Security Attacks with Global Threat Intelligence

The following is external content provided as a free resource for blog readers.
The IBM X-Force research and development team collects, analyzes and distributes threat intelligence to IBM customers - and uses it to enrich the IBM Security portfolio - so users can leverage in-depth knowledge and understanding of threats to bring business value to their organizations.

Request Free!

A Strategic Approach to Threat Management

The following is external content provided as a free resource for blog readers.
Cybersecurity professionals believe that the threat landscape is getting worse as they face an onslaught of voluminous pedestrian malware and sophisticated cyber-attacks. Many CISOs are responding to new threats by purchasing and deploying point tools in search of a new “silver bullet” solution, but while some tools provide incremental improvements, this tactical strategy can be counterproductive, burdening the cybersecurity team with event storms and an array of additional tasks that they can't keep up with.

Download this solution brief to learn about solutions that can help your team work smarter and not harder.

Request Free!

Demystify Mobile Security Attacks

The following is external content provided as a free resource for blog readers.
Attacks on your mobile devices and traffic are quickly evolving. Mobile attackers are stealing (hey, it's what they do) tried and true methods from the “traditional” (wired) world and applying them to the mobile one, as well as coming up with new, never before seen tactics that really take advantage of the new pathways mobile devices offer into an organization's network. Download this white paper to learn some of the most common types of mobile attacks and how to prevent them.

Request Free!

3 Steps to Implementing an Effective BYOD Mobile Security Strategy

The following is external content provided as a free resource for blog readers.
Mobility is attractive for enterprise productivity and mobile cyber security threats. Download this white paper to learn how to truly mitigate mobile risks.

Contents include:
  • Understanding the risks and value of mobility to your stakeholders
  • Identifying the holes in your mobile security
  • Requirements for next-generation mobile security
  • Checklist on mobile security capabilities needed to protect mobility initiatives


Request Free!

Understanding the Magic Quadrant for Enterprise Network Firewalls

The following is external content provided as a free resource for blog readers.
“Next-generation” capability has been achieved by the leading products in the network firewall market, and competitors are working to keep the gap from widening. Learn about vendor strengths and cautions in this informational download.

Request Free!

Understanding the Magic Quadrant for Mobile Data Protection Solutions

The following is external content provided as a free resource for blog readers.
Mobile data protection solutions defend access to secure data on storage systems in notebooks, removable media, desktops, servers and cloud storage environments. Buyers seek data protection policy enforcement across multiple platforms, minimal support costs and proof of protection. Learn about the vendor strengths and cautions in this informative download.

Request Free!

Detecting DDoS Attacks

The following is external content provided as a free resource for blog readers.

Bob Pierpoint, Director of Customer Experience at SevOne, shares how to effectively detect DDoS attacks. It's very important to have a single pane of glass where you can visualize all of the elements that make up your DMZ and your internet facing infrastructure to help diagnose issues and detect DDoS attacks



Request Free!

Space Weather Outlook November 01, 2015 at 07:46PM

Official Space Weather Advisory issued by NOAA Space Weather Prediction Center Boulder, Colorado, USA SPACE WEATHER ADVISORY OUTLOOK #15-44 2015 November 1 at 5:27 p.m. MST (2015 November 2 0027 UTC) **** SPACE WEATHER OUTLOOK **** Summary For October 26-November 1 R1 (Minor) radio blackouts were observed on 31 October from flare activity from active Region 2443. Outlook For November 2-8 R1 (Minor) radio blackouts are likely through the outlook period due to potential flare activity from active Region 2443 and the return of old active Region 2434 on 07 November. G1 (Minor) and G2 (Moderate) geomagnetic storm are likely on 02-03 November while G3 (Strong) geomagnetic storms are likely on 02 November. This activity is likely in response to a recurrent, trans-equatorial coronal hole high speed anticipated to become geoeffective early to midday on 02 November. Data used to provide space weather services are contributed by NOAA, USAF, NASA, NSF, USGS, the International Space Environment Services and other observatories, universities, and institutions. More information is available at SWPC's Web site http://swpc.noaa.gov Thank you for using the Product Subscription Service. If you would like to remove a product subscription or update the personal information in your account, go to the Product Subscription Site. Please do not use the from address for correspondence, as it is not monitored. For comments or help, please contact SWPC Help.