Login  |  Register  |  Contact

All Research Papers

Last Updated: Monday, February 10, 2014

Application Security

Securing Enterprise Applications
Secure Agile development
2014 Open Source Development and Application Security Survey Analysis
Security Analytics with Big Data
Defending Against Application Denial of Service Attacks
API Gateways: Where security enables innovation.
Securing Big Data: Recommendations for Securing Hadoop and NoSQL
Pragmatic WAF Management: Giving Web Apps a Fighting Chance
Building a Web Application Security Program

Cloud and Virtualization

What CISOs Need to Know about Cloud Computing
The Future of Security: The Trends and Technologies Transforming Security
A Practical Example of Software Defined Security
Defending Cloud Data with Infrastructure Encryption
The Security Pro’s Guide to Cloud File Storage and Collaboration


Tokenization Guidance
Tokenization vs. Encryption: Options for Compliance
Data Encryption 101: A Pragmatic Approach to PCI

Data Security

Cracking the Confusion: Encryption and Tokenization for Data Centers, Servers, and Applications
Trends in Data Centric Security
Defending Data on iOS 7
Dealing with Database Denial of Service
Understanding and Selecting a Key Management Solution
Pragmatic Key Management for Data Encryption
Understanding and Selecting Data Masking Solutions
Implementing and Managing a Data Loss Prevention Solution
Defending Data on iOS
Understanding and Selecting a Database Security Platform
Understanding and Selecting a File Activity Monitoring Solution
Database Activity Monitoring: Software vs. Appliance
The Securosis 2010 Data Security Survey
Understanding and Selecting a Tokenization Solution
Understanding and Selecting a DLP Solution
Understanding and Selecting a Database Encryption or Tokenization Solution
Low Hanging Fruit: Quick Wins with Data Loss Prevention (V2.0)
Database Assessment
Content Discovery Whitepaper
Selecting a Database Activity Monitoring Solution

Endpoint Security

Endpoint Defense: Essential Practices
The 2015 Endpoint and Mobile Security Buyer’s Guide
Advanced Endpoint and Server Protection
Reducing Attack Surface with Application Control
The 2014 Endpoint Security Buyer’s Guide
The Endpoint Security Management Buyer’s Guide
Evolving Endpoint Malware Detection: Dealing with Advanced and Targeted Attacks
Endpoint Security Fundamentals
Best Practices for Endpoint DLP

Identity and Access Management

Identity and Access Management for Cloud Services

Network Security

Security and Privacy on the Encrypted Network
Defending Against Network-based Distributed Denial of Service (DDoS) Attacks
Firewall Management Essentials
Network-based Malware Detection 2.0: Assessing Scale, Accuracy and Deployment
Network-based Threat Intelligence: Searching for the Smoking Gun
Defending Against Denial of Service (DoS) Attacks
Network-based Malware Detection: Filling the Gaps of AV
Applied Network Security Analysis: Moving from Data to Information
Fact-Based Network Security: Metrics and the Pursuit of Prioritization
Network Security in the Age of Any Computing
Understanding and Selecting an Enterprise Firewall

Project Quant

Malware Analysis Quant
Measuring and Optimizing Database Security Operations (DBQuant)
Network Security Ops Quant Metrics Model
Network Security Operations Quant Report
Project Quant Survey Results and Analysis
Project Quant Metrics Model Report

Security Management

Monitoring the Hybrid Cloud: Evolving to the CloudSOC
Leveraging Threat Intelligence in Incident Response/Management
Leveraging Threat Intelligence in Security Monitoring
Security Management 2.5: Replacing Your SIEM Yet?
Eliminate Surprises with Security Assurance and Testing
Security Awareness Training Evolution
Continuous Security Monitoring
Threat Intelligence for Ecosystem Risk Management
The CISO’s Guide to Advanced Attackers
Building an Early Warning System
Implementing and Managing Patch and Configuration Management
Vulnerability Management Evolution: From Tactical Scanner to Strategic Platform
Watching the Watchers: Guarding the Keys to the Kingdom (Privileged User Management)
Security Management 2.0: Time to Replace Your SIEM?
Security Benchmarking: Going Beyond Metrics
React Faster and Better: New Approaches for Advanced Incident Response
Monitoring up the Stack: Adding Value to SIEM
Understanding and Selecting SIEM/Log Management
The Business Justification for Data Security

Web and Email Security

Quick Wins with Website Protection Services
Email-based Threat Intelligence: To Catch a Phish

Previous entry: Upcoming Research