App Security White Papers
App Security white papers and technology resources for implementing and optimizing App Security strategy, solutions, App Security products, and more.
Data security presents a multi-dimensional challenge in today's complex IT environment. Multiple access paths and permission levels have resulted in a broad array of security threats and vulnerabilities. Traditional "fortress approaches" such as firewalls and IDS/IPS systems are no longer sufficient to defend against attackers who can easily bypass perimeter defenses. These security measures can't differentiate or prevent unauthorized traffic that appears to be legitimate. We invite you to read this new eBook: "Protecting against database attacks and insider threats" to learn the top five scenarios and essential best practices for preventing database attacks and insider threats.
Sponsor: IBM
Establishing a Strategy for Database Security is No Longer Optional
As databases continue to grow in size, complexity and importance, enterprises struggle to identify the most appropriate controls regarding their use and misuse. The most effective database security implementations will leverage controls across administrative, preventive and detective controls. The report identifies best practices, including: Implementing database activity monitoring to mitigate the high levels of risk from database vulnerabilities, and address audit findings in areas such as database segregation of duties and change management; using data security measures, such as data masking and data encryption; and monitoring privileged-user access and access to critical data.
Sponsor: IBM
Protecting Point of Sale Systems from Cyber Attacks
Retail systems are on the front lines of attack, where hackers look to steal cardholder data. The daily headlines remind us that traditional antivirus (AV), or blacklisting, products that have been around for decades are no longer effective at stopping modern attacks. If you are responsible for protecting retail systems, download this case study to learn how this retailer eliminated the threat of malware on their POS systems using Bit9's award winning solutions.
Sponsor: Bit9
Stop Hackers Before They Attack
Hacktivism, Identify Theft, Financial Gain, Cyber War - regardless of motivation, stopping today's hackers requires a new proactive approach to protecting endpoints. Learn how this New England hospital, breached multiple times by targeted attacks, put an end to the malware with Bit9 Parity. Their IT team can now identify malware and secure PCs and workstations -protecting patient care and privacy.
Sponsor: Bit9
Protection Against Modern Cybersecurity Threats
Are your endpoints safe from today's malware, data leaks and unauthorized software? With today's mobile workforce, businesses need to take every precaution to secure their endpoints. Download this case study to learn how this accounting and consulting giant uses Bit9's adaptive application whitelisting to offer employees flexibility without jeopardizing enterprise safety.
Sponsor: Bit9
A Proactive Approach to Server Security
Learn why security-conscious organizations are taking a more proactive approach to server security. Download this Spire Research whitepaper to understand how you can eliminate the threat caused by today's more advanced threats and protect your organization's most valuable data.
Sponsor: Bit9
From the Frontline - Preventing APT
Is your company's network secure? Are your endpoints and servers secured? Before you answer, read this case study on a US Military Command that discovered no matter how much you educate users, hackers can get through traditional defenses. This targeted attack blew through all layers of their security, except one: Bit9 Parity's advanced threat protection.
Sponsor: Bit9
Cloud Security: Who do you trust?
Cloud computing changes the way we use computing with the promise of significant economic and efficiency benefits. But significant security issues are presented with this new approach to computing. This white paper explains why trust, reliability and security decisions are central to choosing the right model.
Sponsor: IBM
SAML 101
Today's enterprise employees use an ever-increasing number of applications, both enterprise hosted and in the Cloud, to do their jobs. What's more, they will access those applications from a variety of devices (desktops, laptops, tablets, phones, etc) and application models (both browser and native). Expecting those employees to remember strong and unique passwords for each and every application simply does not scale. Providing employees seamless, secure "single sign-on" access to their applications has become business critical.
Identity federation solves these challenges by providing a secure, private mechanism for organizations to share user identities, removing the need to maintain separate user profiles for every enterprise application.
Sponsor: Ping Identity
Simple Cloud Identity Management (SCIM)
The Simple Cloud Identity Management (SCIM) specification defines a simple, RESTful protocol for identity account management operations. SCIM's model is based upon the experience of existing schemas and SaaS deployments, with specific emphasis on simplifying development and integration, and wherever possible, applying existing authentication, authorization, and privacy mechanisms.
Sponsor: Ping Identity
The Essential OAuth Primer: Understanding OAuth for Securing Cloud APIs
The security and scalability of Cloud APIs are currently threatened by the password anti-pattern problem. OAuth defeats the password anti-pattern, creating a consistent identity and policy architecture for web apps, web services, devices, and clients attempting to communicate with Cloud APIs.
Sponsor: Ping Identity
Secure Internet Single Sign-On 101
The rise of online Software-as-a-Service (SaaS) applications has increased the importance of eliminating multiple logins and passwords within the Enterprise via Single Sign-On (SSO). This White Paper from Ping Identity explains what SSO is and how it works.
Sponsor: Ping Identity
Insider Fraud: New Ponemon Survey Reveals All Organizations Have Risk
Hacks, accidental disclosures and breaches appear in the news every week. This new survey shows the next victim could easily be you. Understand your risk-get this essential information now.
The Ponemon survey on The Risk of Insider Fraud is provided by Attachmate Luminet.
Sponsor: Attachmate
Driving Security in a Hybrid Cloud Environment
As companies increasingly embrace hybrid cloud computing, they are facing new threats and risks to their data and applications. This paper examines recent IDG research among IT leaders, who share their concerns and strategies in addressing security in cloud computing environments.
Sponsor: Astaro Sophos
Reducing Local Admin Exposure Through Application Whitelisting
In today's Windows environment, end users are accustomed to having local administrator privileges which allow them to download a variety of applications and potentially misconfigure their PCs. While standard wisdom may be to simply solve the problem by revoking local administrator rights on users' systems, the reality is that this may not be an option at all organizations. Fortunately, there's hope for IT administrators seeking to gain control over the Windows environment while still offering local admin rights to the user base - through application whitelisting.
Sponsor: Lumension
E Is for Endpoint: Six Security Strategies for Highly Effective IT Professionals
Security professionals know that effective endpoint protection calls for a layered, defense-in-depth approach. But today's endpoints demand even more. Endpoint security now requires a new way of thinking that goes beyond just battling threats to actually enable operational improvement. Read this whitepaper to learn the six steps you need to think different about endpoint security.
Sponsor: Lumension
The Ponemon Institute 2012 State of the Endpoint
The 2012 State of the Endpoint study sponsored by Lumension and conducted by Ponemon Institute is the third annual study to determine how effective organizations are in the protection of their endpoints and what they perceive are the biggest obstacles to reducing risk. The study focused on four topics on the state of endpoint security: risk, productivity, resources and complexity. The findings are presented in this report.
Sponsor: Lumension
