Security Applications - IT Library : ZDNet Asia

Case Studies

Vendor Webcast

Show all content

Title Date Added Company

Addressing IT Risks of Software Applications: A Risk Management Strategy 26/03/08 Symantec

As companies increasingly depend on software applications to enhance operations, the business impact of a broad range of IT risks concurrently rises. This whitepaper describes an IT risk management strategy for applications. Key aspects of this strategy include developing an awareness of various types of IT risks related to applications, quantifying the potential business impacts of application-related IT risks, and building an institutional capability to manage this IT risk. The paper then outlines how Symantecs advisory consultants support organizations to address their IT risk management needs for applications. sponsored by

The Importance of Application Security 26/03/08 Symantec

Application security has been a growing discipline in the IT world for about a decade. Not long ago, knowledge about securing applications came from a select few independent researchers, and resources for implementation were scarce. Through the years, more and more resources have become available as security expertise and toolsets have found their way to a wider population of technologists. Over the past five years, general knowledge of application security criteria has widened, making it rare that applications developers do not consider basic security aspects such as authentication and access control, among others. sponsored by

PowerBroker Privileged Access Control Supports NISPOM Compliance 2008-07-01 Symark Software

This paper explains Symark PowerBroker functionality by showing how the product addresses the National Industrial Security Program Operating Manual (NISPOM) security categories developed by the Defense Security Service (DSS). A sample PowerBroker script implementing authorization in a UNIX environment is included, and sample PowerBroker log output is also provided. An Appendix shows in detail how PowerBroker supports NISPOM compliance by mapping its functionalities to the NISPOM auditor's checklist developed by the SANS Institute.

Tags: IT Budgeting, Security Administration, Server Platforms - OS, Regulatory Compliance, Homeland Security, Security Administration

Towards Application Security on Untrusted Operating Systems 2008-07-01 VMware

Complexity in commodity operating systems makes compromises inevitable. Consequently, a great deal of work has examined how to protect security-critical portions of applications from the OS through mechanisms such as microkernels, virtual machine monitors, and new processor architectures. Unfortunately, most work has focused on CPU and memory isolation and neglected OS semantics. Thus, while much is known about how to prevent OS and application processes from modifying each other, far less is understood about how different OS components can undermine application security if they turn malicious. This paper explores how malicious behavior in each major OS subsystem can undermine application security, and present potential mitigations.

Kaspersky Anti-Virus 5.6 for Linux Mail Server 2008-07-01 Kaspersky Lab

Kaspersky Anti-Virus 5.6 for Linux Mail Server (Kaspersky Anti-Virus or the application) provides anti-virus processing of mail traffic and file systems of servers running the Linux or FreeBSD operating systems, and using the Sendmail, Postfix, qmail, or Exim MTA. Version 5.6 of Kaspersky Anti-Virus for Linux Mail Server merges the features of Kaspersky Anti-Virus 5.5 for Linux and FreeBSD Mail Server and Kaspersky Anti-Virus 5.6 for Sendmail with Milter API.

Tags: Intrusion - Tampering, Security Administration

Web Application Security: Automated scanning versus manual penetration testing 2008-01-01 IBM

Research has shown that a vast number of Web sites are vulnerable to application attacks, most occurring over HTTP/S protocols. There are two methods to detect Web vulnerability: using manual penetration testing and code review or using automated scanning tools and static analysis. This white paper addresses and compares these two methods.

Tags: Security Administration, Security Administration, Intrusion - Tampering, Security Administration, Software Development Tools, Software Development Tools

Take a holistic approach to business-driven security 2008-04-02 IBM

Corporate leaders face multiple challenges including the need to address complience measures and protection against external and internal threats. This white paper introduces actions that organizations can take to drive secruity efforts from a business and operations perspective.

Tags: Security Administration, Security Administration, Security Administration, Security Administration

TechNet Webcast: Cool and Under-Utilized ISA 2006 Scenarios (Level 300) 2008-06-05 Microsoft

Microsoft Internet Security and Acceleration (ISA) Server is a great solution for not only branch office, forward proxy, and reverse proxy but many other scenarios in customer environments that can solve edge security issues. The presenter of this webcast explains some of the lesser known scenarios that are easy to configure and deploy. The attendee will learn how to get the most of ISA Server and take advantage of its rich features and functionality.

Tags: Security Administration, Security Administration

Case Study: Improve Network Security, Cut Carbon Emissions 2008-06-04 Microsoft

The John Lewis Partnership was founded in London 143 years ago. The company, which operates John Lewis department stores and Waitrose supermarkets, had consolidated its diverse IT infrastructure over several years, which included installing Windows ServerÂ® 2003. It wanted to take the next step to improve its network operations. In 2007, the company evaluated Windows Server 2008 features, including new security enhancements. It plans to deploy the Read-Only Domain Controller option to more than 200 remote sites. With the new solution, the John Lewis Partnership anticipates that it will be able to remove at least one server from each remote site. The company expects to improve security, increase productivity, and reduce energy consumption and costs.

Tags: Workflow Management, Intrusion - Tampering, Security Administration, IT Budgeting

Clean VPN Approach to Secure Remote Access 2008-06-02 SonicWall

A SonicWALL Clean VPN can detect the identity of users and security state of the endpoint device, protect against malware and unauthorized access based on granular policy before authorizing access, and connect authorized users easily to mission-critical network resources. Only SonicWALL is capable of delivering a truly viable Clean VPN, because only SonicWALL can offer granular endpoint control, a unified policy model allowing dynamic access policies, and the revolutionary ultra-high-performance security of Reassembly-Free Deep Packet Inspection over a multi-core processing platform.

Tags: Intrusion - Tampering, Security Administration, Security Administration, LAN - WAN

Trend Micro Smart Protection Network Security Made Smarter 2008-06-01 Trend Micro

As the underground economy has grown and prospered, cyber criminals have developed increasingly sophisticated malware as tools of their trade. Yet, as these criminals prosper, businesses and consumers alike are suffering financial losses, identity theft, and damaged reputations, creating a security environment that is ripe for change. Security professionals are scrambling to catch up - both with the newest malware variations and with the exploding number of Web threats. As threats have increased in number and complexity, conventional, pattern-based antivirus protection is falling short and security update deployment issues are impacting network and system performance.

Tags: Security Administration, Security Administration

Is Information Rights Management the Best Option for Your Enterprise? 2008-05-15 NextPage

A first step to solving the problems involves publishing and consistently enforcing document retention and disposition policies. Unfortunately, document policy compliance is abysmally low in most enterprises because user behavior is so difficult to dictate - especially in enterprises where business is primarily conducted using individually controlled laptops and desktops. The industry has offered a dizzying array of business processes and software solutions to help enterprises enforce these document policies. Not all solutions will necessarily be appropriate for their enterprise's particular characteristics and priorities. The purpose of this paper is to help people compare their enterprise's needs with one class of solutions: Information Rights Management.

Tags: Security Administration

Jump to 1 2 3 4 5 6 7 [8] 9 10

Title	Date Added	Company
Addressing IT Risks of Software Applications: A Risk Management Strategy	26/03/08	Symantec
As companies increasingly depend on software applications to enhance operations, the business impact of a broad range of IT risks concurrently rises. This whitepaper describes an IT risk management strategy for applications. Key aspects of this strategy include developing an awareness of various types of IT risks related to applications, quantifying the potential business impacts of application-related IT risks, and building an institutional capability to manage this IT risk. The paper then outlines how Symantecs advisory consultants support organizations to address their IT risk management needs for applications.		sponsored by
The Importance of Application Security	26/03/08	Symantec
Application security has been a growing discipline in the IT world for about a decade. Not long ago, knowledge about securing applications came from a select few independent researchers, and resources for implementation were scarce. Through the years, more and more resources have become available as security expertise and toolsets have found their way to a wider population of technologists. Over the past five years, general knowledge of application security criteria has widened, making it rare that applications developers do not consider basic security aspects such as authentication and access control, among others.		sponsored by
PowerBroker Privileged Access Control Supports NISPOM Compliance	2008-07-01	Symark Software
This paper explains Symark PowerBroker functionality by showing how the product addresses the National Industrial Security Program Operating Manual (NISPOM) security categories developed by the Defense Security Service (DSS). A sample PowerBroker script implementing authorization in a UNIX environment is included, and sample PowerBroker log output is also provided. An Appendix shows in detail how PowerBroker supports NISPOM compliance by mapping its functionalities to the NISPOM auditor's checklist developed by the SANS Institute. Tags: IT Budgeting, Security Administration, Server Platforms - OS, Regulatory Compliance, Homeland Security, Security Administration
Towards Application Security on Untrusted Operating Systems	2008-07-01	VMware
Complexity in commodity operating systems makes compromises inevitable. Consequently, a great deal of work has examined how to protect security-critical portions of applications from the OS through mechanisms such as microkernels, virtual machine monitors, and new processor architectures. Unfortunately, most work has focused on CPU and memory isolation and neglected OS semantics. Thus, while much is known about how to prevent OS and application processes from modifying each other, far less is understood about how different OS components can undermine application security if they turn malicious. This paper explores how malicious behavior in each major OS subsystem can undermine application security, and present potential mitigations.
Kaspersky Anti-Virus 5.6 for Linux Mail Server	2008-07-01	Kaspersky Lab
Kaspersky Anti-Virus 5.6 for Linux Mail Server (Kaspersky Anti-Virus or the application) provides anti-virus processing of mail traffic and file systems of servers running the Linux or FreeBSD operating systems, and using the Sendmail, Postfix, qmail, or Exim MTA. Version 5.6 of Kaspersky Anti-Virus for Linux Mail Server merges the features of Kaspersky Anti-Virus 5.5 for Linux and FreeBSD Mail Server and Kaspersky Anti-Virus 5.6 for Sendmail with Milter API. Tags: Intrusion - Tampering, Security Administration
Web Application Security: Automated scanning versus manual penetration testing	2008-01-01	IBM
Research has shown that a vast number of Web sites are vulnerable to application attacks, most occurring over HTTP/S protocols. There are two methods to detect Web vulnerability: using manual penetration testing and code review or using automated scanning tools and static analysis. This white paper addresses and compares these two methods. Tags: Security Administration, Security Administration, Intrusion - Tampering, Security Administration, Software Development Tools, Software Development Tools
Take a holistic approach to business-driven security	2008-04-02	IBM
Corporate leaders face multiple challenges including the need to address complience measures and protection against external and internal threats. This white paper introduces actions that organizations can take to drive secruity efforts from a business and operations perspective. Tags: Security Administration, Security Administration, Security Administration, Security Administration
TechNet Webcast: Cool and Under-Utilized ISA 2006 Scenarios (Level 300)	2008-06-05	Microsoft
Microsoft Internet Security and Acceleration (ISA) Server is a great solution for not only branch office, forward proxy, and reverse proxy but many other scenarios in customer environments that can solve edge security issues. The presenter of this webcast explains some of the lesser known scenarios that are easy to configure and deploy. The attendee will learn how to get the most of ISA Server and take advantage of its rich features and functionality. Tags: Security Administration, Security Administration
Case Study: Improve Network Security, Cut Carbon Emissions	2008-06-04	Microsoft
The John Lewis Partnership was founded in London 143 years ago. The company, which operates John Lewis department stores and Waitrose supermarkets, had consolidated its diverse IT infrastructure over several years, which included installing Windows ServerÂ® 2003. It wanted to take the next step to improve its network operations. In 2007, the company evaluated Windows Server 2008 features, including new security enhancements. It plans to deploy the Read-Only Domain Controller option to more than 200 remote sites. With the new solution, the John Lewis Partnership anticipates that it will be able to remove at least one server from each remote site. The company expects to improve security, increase productivity, and reduce energy consumption and costs. Tags: Workflow Management, Intrusion - Tampering, Security Administration, IT Budgeting
Clean VPN Approach to Secure Remote Access	2008-06-02	SonicWall
A SonicWALL Clean VPN can detect the identity of users and security state of the endpoint device, protect against malware and unauthorized access based on granular policy before authorizing access, and connect authorized users easily to mission-critical network resources. Only SonicWALL is capable of delivering a truly viable Clean VPN, because only SonicWALL can offer granular endpoint control, a unified policy model allowing dynamic access policies, and the revolutionary ultra-high-performance security of Reassembly-Free Deep Packet Inspection over a multi-core processing platform. Tags: Intrusion - Tampering, Security Administration, Security Administration, LAN - WAN
Trend Micro Smart Protection Network Security Made Smarter	2008-06-01	Trend Micro
As the underground economy has grown and prospered, cyber criminals have developed increasingly sophisticated malware as tools of their trade. Yet, as these criminals prosper, businesses and consumers alike are suffering financial losses, identity theft, and damaged reputations, creating a security environment that is ripe for change. Security professionals are scrambling to catch up - both with the newest malware variations and with the exploding number of Web threats. As threats have increased in number and complexity, conventional, pattern-based antivirus protection is falling short and security update deployment issues are impacting network and system performance. Tags: Security Administration, Security Administration
Is Information Rights Management the Best Option for Your Enterprise?	2008-05-15	NextPage
A first step to solving the problems involves publishing and consistently enforcing document retention and disposition policies. Unfortunately, document policy compliance is abysmally low in most enterprises because user behavior is so difficult to dictate - especially in enterprises where business is primarily conducted using individually controlled laptops and desktops. The industry has offered a dizzying array of business processes and software solutions to help enterprises enforce these document policies. Not all solutions will necessarily be appropriate for their enterprise's particular characteristics and priorities. The purpose of this paper is to help people compare their enterprise's needs with one class of solutions: Information Rights Management. Tags: Security Administration

Cutting-edge technology from premium sponsors

The Roots for a
Greener World

What are
Eco-Products? »

View Featured
Eco-Products »

Brought to you by:

More Tech Showcases:

Juniper Networks
Hitachi Eco-Products

IDC's Powering the Enterprise Cloud Event 2009

12 Nov - 17 Dec 2009

Grand Copthorne Waterfront Hotel, Singapore

Cloud Computing Summit 2009

9 Dec 2009

Hong Kong Convention and Exhibition Center

4th Annual GovTech 2010

27 - 28 Jan 2010

Amara Hotel, Singapore

ZDNet Asia Top Tech 50 Index

AT&T

Asustek

Canon

Convergys

Ericsson

Hewlett-Packard

Infosys

LogicaCMG

NTT

Samsung

SingTel Group

Toshiba

Xerox

Accenture

Atos Origin

Capgemini

Dell

France Telecom

Hitachi

Intel

Microsoft

Nokia

Satyam Computer Services

Sony

Verizon Communications

ZTE

Alcatel-Lucent

British Telecom

China Mobile

Deutsche Telekom

Fujitsu

Huawei Technologies

LG Electronics

Motorola

Oracle

Seagate Technology

Sun Microsystems

Western Digital

Apple

CSC

Cisco Systems

EMC

Google

IBM

Lenovo Group

NEC

SAP

Siemens IT Solutions & Services

Tata Consultancy Services

Wipro

ZDNet Asia's Top Tech Index will be next updated in 2010.

Overwhelmed by consolidation? Take it in steps.
Learn the 5 steps to data center consolidation - download the whitepaper now.

Choose a career with Accenture in Singapore
A dynamic job opportunity where technology and business intersect

Choose a career with Accenture in Malaysia
A dynamic job opportunity where technology and business intersect

Improving the Security & Management of Active Directory:
See a live demonstration of NetIQ DRA now

The Roots for a Greener World
Discover Hitachi's Environmental Vision 2025 and featured Eco-Products

The Desktop Virtualization Revolution is here!
Find our more with Citrix Simplicity is Power

Master in Organisational Leadership
Part-time masters program from Monash University. Find out more.

Lack of visibility into network issues and performance?
Find out today. Download SolarWinds FREE 30-Day Trial Software here.

IT Salary & Skills Report 2009
Join activeTechPros for free access to the report

More from CBS Interactive

CBS Interactive Inc Sites

About ZDNet Asia |

About CBS Interactive |

ZDNet Asia editorial calendar |

Advertise with us |

Jobs |

Partnership |

Contact Us |

CNET Direct |

CNET Asia |

CNET Asia mobile |

Sitemap

ZDNet.com |

ZDNet Japan |

ZDNet.de |

CNET UK |

CNET.de |

Tech Republic |

BNET |

MP3.com |

activeTechPros |

ZDNet UK |

ZDNet Korea |

ZDNet France |

CNET Australia |

CNET France |

Download.com |

Builder |

GameSpot

ZDNet Australia |

ZDNet Taiwan |

CNET |

CNET Taiwan |

News.com |

Silicon.com |

TV.com |

GameSpot Korea

News | Insight | Reviews | TechGuides | Jobs | Blogs | Videos | Community | Downloads | IT Library |

Get RSS feeds

Security

Featured Whitepapers

Member Login

The Roots for aGreener World

ZDNet Asia Top Tech 50 Index

The Roots for a
Greener World