The network security paradigm is currently shifting toward a new reality as advanced hacking methods become more prevalent and harder to detect. An example of such a method is advanced evasion techniques (AETs). Although evasions have been documented extensively in the last 15 years, security vendors have systematically ignored the significance of evasions. Some vendors
The debate over advanced evasion techniques (AETs). To assess what IT security professionals understand about AETs and what measures have been put in place to stop them, McAfee commissioned Vanson Bourne in January 2014 to survey 800 CIOs and security managers from the US, UK, Germany, France, Australia, Brazil, and South Africa.
The need for robust network security is growing, but IT security teams, resources, and budgets are shrinking at many organizations. That doesn’t mean you have to scale down your growth or skimp on key IT security areas, but it does mean you need to optimize your resources, starting with your network firewall team. Resource optimization
This white paper will help network and cybersecurity teams understand the things they can and should demand from NGFWs: • Built-in high availability and load balancing for operational resilience and handling growing data loads. • Contextual security that provides fine-grained access control to reduce risk and manage usage. • Automated, advanced evasion detection that can
This is your guide to the security evasion techniques that have become a serious preoccupation of the IT industry. This isn’t to say that IT security hasn’t been a major source of worry in the past; on the contrary, the last decade has been witness to growing security threats, cybercrime and compliance regulations. However, recent
Big Data is not only a challenge for customer-facing organizations—but for security teams as well. Over the past decade, the demand for stronger security has driven the collection and analysis of increasingly larger amounts of event and security contextual data. Security Information and Event Management (SIEM) has long been the core tool that security teams
SIEM: Solve for the Bigger Business Issues After more than a decade functioning in production environments, security information and event management (SIEM) solutions are now considered mature. Capabilities such as event collection, correlation, alerting, and demonstrating compliance with regulatory mandates are table stakes, and most SIEM solutions address these needs. But the landscape is changing.
Compliance and !nancial risk used to be the driving concerns for security and risk management. Audits and governance processes were predictable events that IT attempted to minimize and automate. Risk was a fairly static concept. However, today the pace of threats—“low and slow” as targeted attacks or lightning fast as cyberactivism and malware outbreaks—demands that
Is it time? Are you waving the white flag? Has your SIEM failed to meet expectations despite your significant investment? If you are questioning whether your existing product or service can get the job done, you are not alone. You likely have some battle scars from the difficulty of managing, scaling, and actually doing something