If you’ve worked in IT or development you’ve seen this before: User names and passwords sitting in a file. When your database starts up, or when you run an automation script, it grabs the credentials it needs to function. The problem with this is obvious; admins and attackers alike know this is common practice, and both know where to look for easy access to applications or services.
Data Loss Prevention is alive and well. Data protection remains in the forefront of organizations’ need to protect critical technology assets. But it hasn’t gotten easier to select a solution, mostly because various aspects of content analysis and filtering exist in many tools, using a variety of deployment models. And that whole cloud thing brings additional complexity to purchasing decisions. So what should you choose to address your needs? Our updated Understanding and Selecting DLP paper explains the technology and the options, and offers a process and map to help you make the best decision for your organization.
A penetration test is resource-intensive and expensive, but characterizes your environment at a single point in time. Given the increasing complexity of technology infrastructure and the increasing sophistication of adversaries, a new approach to security testing is required. That approach is Dynamic Security Assessment.
