loading content...
 

Application Security

  • Securing Enterprise Applications
  • Secure Agile Development
  • Pragmatic WAF Management: Giving Web Apps a Fighting Chance
  • 2014 Open Source Development and Application Security Survey Analysis
  • Security Analytics with Big Data
  • Defending Against Application Denial of Service Attacks
  • API Gateways: Where Security Enables Innovation
  • Securing Big Data: Recommendations for Securing Hadoop and NoSQL
  • Building a Web Application Security Program

Cloud and Virtualization

  • The Security Pro’s Guide to Cloud File Storage and Collaboration
  • The Future of Security: The Trends and Technologies Transforming Security
  • What CISOs Need to Know about Cloud Computing
  • A Practical Example of Software Defined Security
  • Defending Cloud Data with Infrastructure Encryption

Compliance

  • Tokenization vs. Encryption: Options for Compliance
  • Tokenization Guidance
  • Data Encryption 101: A Pragmatic Approach to PCI

Data Security

  • Cracking the Confusion: Encryption and Tokenization for Data Centers, Servers, and Applications
  • Trends in Data Centric Security White Paper
  • Defending Data on iOS 7
  • Dealing with Database Denial of Service
  • Understanding and Selecting a Key Management Solution
  • Pragmatic Key Management for Data Encryption
  • Understanding and Selecting Data Masking Solutions
  • Implementing and Managing a Data Loss Prevention Solution
  • Understanding and Selecting a Database Security Platform
  • Understanding and Selecting a File Activity Monitoring Solution
  • Database Activity Monitoring: Software vs. Appliance
  • The Securosis 2010 Data Security Survey
  • Understanding and Selecting a DLP Solution
  • Understanding and Selecting a Tokenization Solution
  • Understanding and Selecting a Database Encryption or Tokenization Solution
  • Low Hanging Fruit: Quick Wins with Data Loss Prevention (V2.0)
  • Database Assessment
  • Selecting a Database Activity Monitoring Solution
  • Report: Content Discovery Whitepaper

Endpoint Security

  • Endpoint Defense: Essential Practices
  • The 2015 Endpoint and Mobile Security Buyer’s Guide
  • Advanced Endpoint and Server Protection
  • Reducing Attack Surface with Application Control
  • The 2014 Endpoint Security Buyer’s Guide
  • The Endpoint Security Management Buyer’s Guide
  • Evolving Endpoint Malware Detection: Dealing with Advanced and Targeted Attacks
  • White Paper: Endpoint Security Fundamentals
  • Best Practices for Endpoint DLP

Identity and Access Management

  • Identity and Access Management for Cloud Services

Network Security

  • Security and Privacy on the Encrypted Network
  • Defending Against Network-based Distributed Denial of Service (DDoS) Attacks
  • Firewall Management Essentials
  • Network-based Malware Detection 2.0: Assessing Scale, Accuracy and Deployment
  • Network-based Threat Intelligence: Searching for the Smoking Gun
  • Defending Against Denial of Service (DoS) Attacks
  • Network-Based Malware Detection: Filling the Gaps of AV
  • Applied Network Security Analysis: Moving from Data to Information
  • Fact-Based Network Security: Metrics and the Pursuit of Prioritization
  • Network Security in the Age of *Any* Computing
  • Understanding and Selecting an Enterprise Firewall

Project Quant

  • Malware Analysis Quant
  • Measuring and Optimizing Database Security Operations (DBQuant)
  • Network Security Ops Quant Metrics Model
  • Network Security Operations Quant Report
  • Project Quant Survey Results and Analysis
  • Project Quant Metrics Model Report

Security Management

  • Monitoring the Hybrid Cloud: Evolving to the CloudSOC
  • Leveraging Threat Intelligence in Incident Response/Management
  • Leveraging Threat Intelligence in Security Monitoring
  • Security Management 2.5: Replacing Your SIEM Yet?
  • Eliminate Surprises with Security Assurance and Testing
  • Security Awareness Training Evolution
  • Continuous Security Monitoring
  • Threat Intelligence for Ecosystem Risk Management
  • The CISO’s Guide to Advanced Attackers
  • Building an Early Warning System
  • Implementing and Managing Patch and Configuration Management
  • Vulnerability Management Evolution: From Tactical Scanner to Strategic Platform
  • Watching the Watchers: Guarding the Keys to the Kingdom (Privileged User Management)
  • Security Management 2.0: Time to Replace Your SIEM?
  • Security Benchmarking: Going Beyond Metrics
  • React Faster and Better: New Approaches for Advanced Incident Response
  • Monitoring up the Stack: Adding Value to SIEM
  • Understanding and Selecting SIEM/Log Management
  • The Business Justification for Data Security

Web and Email Security

  • Quick Wins with Website Protection Services
  • Email-based Threat Intelligence: To Catch a Phish
Featured Article

We’ve seen a renaissance of sorts regarding endpoint security. To be clear, most of solutions in the market aren’t good enough. Attackers don’t have to be advanced to make quick work of the endpoint protection suites in place. That realization has created a wave of innovation on the endpoint that promises to provide a better chance to prevent and detect attacks. But the reality is far too many organizations can’t even get the fundamentals of endpoint security.

But the fact remains that many organizations are not even prepared to deal with unsophisticated attackers. You know, that dude in the basement banging on your stuff with Metasploit. Those organizations don’t really need advanced security now – their requirements are more basic. It’s about understanding what really needs to get done – not the hot topic at industry conferences. They cannot do everything to fully protect endpoints, so they need to start with essentials.

  • Application Security

  • Cloud and Virtualization

  • Compliance

  • Data Security

  • Cracking the Confusion: Encryption and Tokenization for Data Centers, Servers, and Applications
  • Endpoint Security

  • Endpoint Defense: Essential Practices
  • Identity and Access Management

  • Network Security

  • Security and Privacy on the Encrypted Network
  • Project Quant

  • Security Management

  • Monitoring the Hybrid Cloud: Evolving to the CloudSOC
  • Web and Email Security