Security

Case Studies

Vendor Webcast

Show all content

Title Date Added Company

Tripwire PCI DSS Solutions: Automated, Continuous Compliance 2008-01-24 Tripwire

The major credit card companies collaboratively developed the Payment Card Industry Data Security Standard (PCI DSS) to protect sensitive cardholder account data from theft and fraud. Compliance is no longer an option; it's a requirement for all payment card network members and failure to meet requirements can result in monetary penalties or even the suspension or revocation of a company's right to accept or process credit card transactions. Fortunately, these standards amount to best practices that keep the systems, hardware, and data secure - critical for maintaining customer trust and the reputation. That's why it is so important to keep IT systems in a known and trusted state.

Tags: Security Management

An Agent-Based Intrusion Detection System 2008-01-23 South University

This paper will discuss research and programming done to investigate the advantages and disadvantages of distributed host based intrusion detection. More common types of intrusion detection will be discussed to give a background to the field, as well as give reference points with which to compare distributed host based intrusion detection systems. Techniques for detecting intruders locally will also be discussed, including the techniques used in the process monitor written for this assignment.

Tags: Security Tools, Intrusion Detection Systems

Pragma Systems: Using SSH for PCI Compliance 2008-01-18 Pragma Systems

The objective of this paper is to examine the federal and industry regulatory environment and to analyze the benefits of utilizing Secure Shell (SSH) in achieving PCI compliance. In addition, to review the role Pragma Systems, Inc. and its FortressSSH product can play in a robust, secure computing environment. In the wake of the first Sept. 30, 2007, Payment Card Industry (PCI) deadline for locking down networks and customer data, it's clear many companies - and more than half of smaller organizations - still fall short of prescribed security standards. As a result, the majority of Telnet-dependent companies are now scrambling to find cost-effective solutions for effecting full compliance with PCI Data Security Standards (PCI DSS).

Tags: Security Management

Symantec's Security Management Solution: People, Processes, and Technology 2008-01-15 Symantec

Symantec security management products and services help customers with security monitoring, assessments and compliance-related activities, including internal audits, risk assessments, log management, and assessing the effectiveness of IT security controls. A hybrid approach to security, built upon a foundation of products, managed services, and professional services, helps enterprises surmount these challenges. Symantec's comprehensive portfolio of products and services enables enterprises to feel confident that their information is safe and their transactions are secure.

EPICS CA Gateway Employment in the BEPCII Network 2008-01-15 CERN

The EPICS Process Variable Gateway has become a stable, high-performance application that provides access to process variables while minimizing the impact on critical Input-Output Controllers (IOCs) and implementing additional access security. The additional access security typically prevents write access but is highly configurable. The control network of the BEPCII is divided into two separate different subnets in the control network. In order to access IOC PVs between the separate subnets as well as IOC PVs from the campus network, EPICS CA gateway has been employed in the BEPCII network. This paper introduces the Gateways application in the BEPCII control network and describes the procedures of the Gateway setup as well as the test result.

Tags: Security Management, Gateways - Hubs

Firewall Compressor: An Algorithm for Minimizing Firewall Policies 2008-01-13 Michigan State University

A firewall is a security guard placed between a private network and the outside Internet that monitors all incoming and outgoing packets. The function of a firewall is to examine every packet and decide whether to accept or discard it based upon the firewall's policy. This policy is specified as a sequence of (possibly conflicting) rules. With the explosive growth of Internet-based applications and malicious attacks, the number of rules in firewalls have been increasing rapidly, which consequently degrades network performance and throughput. This paper proposes Firewall Compressor, a framework that can significantly reduce the number of rules in a firewall while keeping the semantics of the firewall unchanged.

Tags: Network Security, Security Management

Importance of Web Application Firewall Technology for Protecting Web-Based Resources 2008-01-10 Cybertrust

Web-based applications and services have changed the landscape of information delivery and exchange in today's corporate, government, and educational arenas. Ease of access, increased availability of information, and the richness of web services have universally increased productivity and operational efficiencies. These increases have led to heavier reliance on web-based services and greater integration of internal information systems and data repositories with web-facing applications. While motivations of attackers against a victim's corporate and organizational assets remain the same (financial, IP, identity theft, services disruption, or denial of service, for example), web applications enable a whole new class of vulnerabilities and exploit techniques such as SQL injection, cross-Site Scripting (XSS), and cross-site request forgery, to name a few.

Tags: Security Tools

A Security Strategy for Manufacturing Operations 2008-01-09 Microsoft

By connecting manufacturing and enterprise networks, companies have helped employees become more productive, resulting in streamlined operations and more effective business. But with this new connectivity comes additional risk from cyber attacks from both internal and external sources. Manufacturers must protect their systems from attacks that can negatively affect production and plant safety, and put proprietary information at risk. To mitigate the risks inherent in connecting manufacturing and external networks, companies must implement a defense-in-depth strategy to prevent their manufacturing systems from being compromised. This white paper focuses on technologies such as the Microsoft Forefront family of business security products, along with various other current technologies. It also introduces virtualization as a potential solution that secures applications in the manufacturing operations area.

Improving Compliance and Efficiency With Sun Identity Auditing and Other Sun Identity Management Capabilities 2008-01-01 Sun Microsystems

Faced with increasing compliance requirements and related challenges since the passage of the Sarbanes-Oxley Act of 2002 and other regulations governing data integrity and privacy, Sun and its alliance partner Deloitte & Touche LLP (Deloitte & Touche) deployed Sun Java System Identity Manager and Java System Identity Auditor software to improve Sun's processes related to user account management and access controls and to achieve operational efficiencies. This paper recounts the process from solution criteria and selection through planning and deployment, and describes the benefits that have resulted for both Sun and its customers.

Tags: Security Management

Intelligence and Identity 2008-01-01 Oracle

When one is deploying Oracle Business Intelligence Enterprise Edition, how one handles identity management is as important as query speed and the quality of the data. A well-architected identity management solution ensures that the users are set up automatically when they first join the organization, that they can quickly access applications and data appropriate for their varied roles, and that personal details and access privileges can be easily managed. This paper focuses on integrating Oracle Business Intelligence Enterprise Edition with two of Oracle's flagship identity management tools: Oracle Internet Directory and Oracle Application Server Single Sign-On. The user will see how to combine the security features of Oracle Business Intelligence Enterprise Edition and Oracle Identity Management to provide granular, secure access to data.

Tags: Security Management, Business Intelligence - Data Warehousing

Jump to 1 2 3 4 5 6 7 8 [9] 10

Title	Date Added	Company
Tripwire PCI DSS Solutions: Automated, Continuous Compliance	2008-01-24	Tripwire
The major credit card companies collaboratively developed the Payment Card Industry Data Security Standard (PCI DSS) to protect sensitive cardholder account data from theft and fraud. Compliance is no longer an option; it's a requirement for all payment card network members and failure to meet requirements can result in monetary penalties or even the suspension or revocation of a company's right to accept or process credit card transactions. Fortunately, these standards amount to best practices that keep the systems, hardware, and data secure - critical for maintaining customer trust and the reputation. That's why it is so important to keep IT systems in a known and trusted state. Tags: Security Management
An Agent-Based Intrusion Detection System	2008-01-23	South University
This paper will discuss research and programming done to investigate the advantages and disadvantages of distributed host based intrusion detection. More common types of intrusion detection will be discussed to give a background to the field, as well as give reference points with which to compare distributed host based intrusion detection systems. Techniques for detecting intruders locally will also be discussed, including the techniques used in the process monitor written for this assignment. Tags: Security Tools, Intrusion Detection Systems
Pragma Systems: Using SSH for PCI Compliance	2008-01-18	Pragma Systems
The objective of this paper is to examine the federal and industry regulatory environment and to analyze the benefits of utilizing Secure Shell (SSH) in achieving PCI compliance. In addition, to review the role Pragma Systems, Inc. and its FortressSSH product can play in a robust, secure computing environment. In the wake of the first Sept. 30, 2007, Payment Card Industry (PCI) deadline for locking down networks and customer data, it's clear many companies - and more than half of smaller organizations - still fall short of prescribed security standards. As a result, the majority of Telnet-dependent companies are now scrambling to find cost-effective solutions for effecting full compliance with PCI Data Security Standards (PCI DSS). Tags: Security Management
Symantec's Security Management Solution: People, Processes, and Technology	2008-01-15	Symantec
Symantec security management products and services help customers with security monitoring, assessments and compliance-related activities, including internal audits, risk assessments, log management, and assessing the effectiveness of IT security controls. A hybrid approach to security, built upon a foundation of products, managed services, and professional services, helps enterprises surmount these challenges. Symantec's comprehensive portfolio of products and services enables enterprises to feel confident that their information is safe and their transactions are secure.
EPICS CA Gateway Employment in the BEPCII Network	2008-01-15	CERN
The EPICS Process Variable Gateway has become a stable, high-performance application that provides access to process variables while minimizing the impact on critical Input-Output Controllers (IOCs) and implementing additional access security. The additional access security typically prevents write access but is highly configurable. The control network of the BEPCII is divided into two separate different subnets in the control network. In order to access IOC PVs between the separate subnets as well as IOC PVs from the campus network, EPICS CA gateway has been employed in the BEPCII network. This paper introduces the Gateways application in the BEPCII control network and describes the procedures of the Gateway setup as well as the test result. Tags: Security Management, Gateways - Hubs
Firewall Compressor: An Algorithm for Minimizing Firewall Policies	2008-01-13	Michigan State University
A firewall is a security guard placed between a private network and the outside Internet that monitors all incoming and outgoing packets. The function of a firewall is to examine every packet and decide whether to accept or discard it based upon the firewall's policy. This policy is specified as a sequence of (possibly conflicting) rules. With the explosive growth of Internet-based applications and malicious attacks, the number of rules in firewalls have been increasing rapidly, which consequently degrades network performance and throughput. This paper proposes Firewall Compressor, a framework that can significantly reduce the number of rules in a firewall while keeping the semantics of the firewall unchanged. Tags: Network Security, Security Management
Importance of Web Application Firewall Technology for Protecting Web-Based Resources	2008-01-10	Cybertrust
Web-based applications and services have changed the landscape of information delivery and exchange in today's corporate, government, and educational arenas. Ease of access, increased availability of information, and the richness of web services have universally increased productivity and operational efficiencies. These increases have led to heavier reliance on web-based services and greater integration of internal information systems and data repositories with web-facing applications. While motivations of attackers against a victim's corporate and organizational assets remain the same (financial, IP, identity theft, services disruption, or denial of service, for example), web applications enable a whole new class of vulnerabilities and exploit techniques such as SQL injection, cross-Site Scripting (XSS), and cross-site request forgery, to name a few. Tags: Security Tools
A Security Strategy for Manufacturing Operations	2008-01-09	Microsoft
By connecting manufacturing and enterprise networks, companies have helped employees become more productive, resulting in streamlined operations and more effective business. But with this new connectivity comes additional risk from cyber attacks from both internal and external sources. Manufacturers must protect their systems from attacks that can negatively affect production and plant safety, and put proprietary information at risk. To mitigate the risks inherent in connecting manufacturing and external networks, companies must implement a defense-in-depth strategy to prevent their manufacturing systems from being compromised. This white paper focuses on technologies such as the Microsoft Forefront family of business security products, along with various other current technologies. It also introduces virtualization as a potential solution that secures applications in the manufacturing operations area.
Improving Compliance and Efficiency With Sun Identity Auditing and Other Sun Identity Management Capabilities	2008-01-01	Sun Microsystems
Faced with increasing compliance requirements and related challenges since the passage of the Sarbanes-Oxley Act of 2002 and other regulations governing data integrity and privacy, Sun and its alliance partner Deloitte & Touche LLP (Deloitte & Touche) deployed Sun Java System Identity Manager and Java System Identity Auditor software to improve Sun's processes related to user account management and access controls and to achieve operational efficiencies. This paper recounts the process from solution criteria and selection through planning and deployment, and describes the benefits that have resulted for both Sun and its customers. Tags: Security Management
Intelligence and Identity	2008-01-01	Oracle
When one is deploying Oracle Business Intelligence Enterprise Edition, how one handles identity management is as important as query speed and the quality of the data. A well-architected identity management solution ensures that the users are set up automatically when they first join the organization, that they can quickly access applications and data appropriate for their varied roles, and that personal details and access privileges can be easily managed. This paper focuses on integrating Oracle Business Intelligence Enterprise Edition with two of Oracle's flagship identity management tools: Oracle Internet Directory and Oracle Application Server Single Sign-On. The user will see how to combine the security features of Oracle Business Intelligence Enterprise Edition and Oracle Identity Management to provide granular, secure access to data. Tags: Security Management, Business Intelligence - Data Warehousing

Featured Whitepapers

Member Login

Oracle Technology Solutions for Midsize Businesses

Industry Report: Financial Services