Defense in Depth: How Application Whitelisting Can Increase Your Desktop Security
sponsored by Faronics
WHITE PAPER:
No single technology guarantees security, however application whitelisting covers situations not addressed by firewalls or anti-virus utilities. This paper focuses on how application whitelisting can be effectively used as an important layer in your security scenario.
Posted: 20 Nov 2009 | Published: 20 Nov 2009
|
|
|
Software Reliability: Building Security In
sponsored by Ounce Labs, an IBM Company
VIDEO:
Fixing software security vulnerabilities during development is expensive, difficult and time-consuming. But fixing them after deployment is far more expensive and counterproductive. In this video featuring security expert Diana Kelley, learn state-of-the-art techniques for building a secure software development process.
Posted: 19 Nov 2009 | Premiered: 19 Nov 2009
|
|
|
Countdown: Selling security in the SDLC
sponsored by Ounce Labs, an IBM Company
PODCAST:
Building security into the software development lifecycle takes more than just a plan. You need the support of both the development and security/audit organizations to make it work. This podcast, featuring Diana Kelley, presents a plan for selling the value of security to all of the constituencies who matter in your organization.
Posted: 19 Nov 2009 | Premiered: 19 Nov 2009
|
|
|
Understanding and Simplifying SharePoint 2007 Permissions Management
sponsored by Metalogix
WHITE PAPER:
Authentication to a SharePoint environment is the process in which a firm's architecture approves a user's credentials; most commonly a Windows-based authentication. This whitepaper will discuss the finer points and give a greater understanding of securable objects, permissions, permission levels, and access scenarios.
Posted: 18 Nov 2009 | Published: 18 Nov 2009
|
|
|
Mapping Application Security To Business Value: Considerations And Recommendations For IT And Business Decision Makers
sponsored by Redspin, Inc.
WHITE PAPER:
This white paper outlines considerations and recommendations for reducing business risk by ensuring that your web applications are secure.
Posted: 16 Nov 2009 | Published: 16 Nov 2009
|
|
|
What Executives Need to Know About Web Application Development Security
sponsored by Redspin, Inc.
WHITE PAPER:
The most common approach to securing a web application involves doing a single security test, usually a Web Application Security Assessment, when a development project is completed. While this is still a requirement, this paper discusses why security needs to be incorporated earlier and throughout the software development life cycle (SDLC).
Posted: 16 Nov 2009 | Published: 16 Nov 2009
|
|
|
Podcast: Insider Threats - an Interview with the Former Deputy Director of the National Security Agency - NSA
sponsored by Imperva
PODCAST:
Bill Crowell, former Deputy Director of the NSA, is interviewed in this podcast. He talks extensively about insider threats, shares some stories from the trenches, and discusses the nature of cybercrime. Bill also covers the importance of sensitive data protection –- especially around mission-critical applications and databases.
Posted: 12 Nov 2009 | Premiered: 12 Nov 2009
|
|
|
Rational AppScan Podcast
sponsored by IBM
PODCAST:
Web Application Security Podcast featuring Paul Kaspian. This PodCast touches on how to meet application security compliance deadlines.
Posted: 10 Nov 2009 | Premiered: 10 Nov 2009
|
|
|
Try Rational AppScan
sponsored by IBM
ASSESSMENT TOOL:
Download Rational® AppScan® Standard Edition V7.9, previously known as Watchfire AppScan, a leading Web application security testing tool that automates vulnerability assessments and scans and tests for all common Web application vulnerabilities including SQL-injection, cross-site scripting, and buffer overflow.
Posted: 03 Nov 2009 | Published: 03 Nov 2009
|
|
|
e-Kit: Web Application Security eKit
sponsored by IBM
RESOURCE CENTER:
Check out this e-Kit for comprehensive information related to web application security strategies and web application security testing through SaaS. Included are several white papers, demos, and podcasts.
Posted: 03 Nov 2009 | Published: 03 Nov 2009
|
|
|
Webcast -- Malware: It’s Everywhere
sponsored by IBM
WEBCAST:
Join IBM for a one-hour presentation which introduces a new technique that combines IBM Rational AppScan & ISS technologies that scan to identify unwanted, embedded malware.
Posted: 03 Nov 2009 | Premiered: 03 Nov 2009
|
|
|
Analyst Whitepaper: Practical Approaches for Securing Web Applications Across the Software Delivery Lifecycle
sponsored by IBM
WHITE PAPER:
When web application delivery is implemented in a collaborative, re-peatable, and process-oriented manner, companies can benefit from more efficient development models and more secure applications. Read this white paper to learn more.
Posted: 03 Nov 2009 | Published: 03 Nov 2009
|
|
|
Security Event Monitoring for IBM System i/i-series/AS400 Systems
sponsored by SecureWorks
WHITE PAPER:
The purpose of this whitepaper is to describe best practices for securing IBM System i/i-Series/AS400 systems and detail the AS400 monitoring service provided by SecureWorks.
Posted: 03 Nov 2009 | Published: 03 Nov 2009
|
|
|
Presentation Transcript: Optimize Business and IT with New Generation Application Lifecycle
sponsored by SAP Community Network
PRESENTATION TRANSCRIPT:
This transcript provides a complete overview of application lifecycle management (ALM) and discusses how SAP's integrated and open approach to ALM can accelerate innovation, ensure business continuity, reduce risk and lower TCO.
Posted: 26 Oct 2009 | Published: 26 Oct 2009
|
|
|
Software Security for Compliance, PCI, and Beyond
sponsored by SearchSecurity.com
PRESENTATION:
This collection of slides from the Diana Kelley presents an overview of software security best practices. There is a heavy emphasis on PCI DSS requirement 6 -- “Develop and maintain secure systems and applications”. Some important subsections are highlighted and explained in detail.
Posted: 26 Oct 2009 | Published: 26 Oct 2009
|
|
|
Application Whitelisting: Enhancing Host Security
sponsored by McAfee, Inc.
ANALYST REPORT:
This paper explains how whitelisting (accepting only applications and behaviors that are on the approved list and denying everything else) provides a lighter, more agile alternative to blacklisting as a means to protect networks and end points.
Posted: 21 Oct 2009 | Published: 21 Oct 2009
|
|
|
Windows 7 Security: A Great Leap Forward or Business as Usual?
sponsored by Sophos Inc.
WHITE PAPER:
The public release of Windows 7 is approaching fast. Debates and discussions have been raging on the security improvements in the new platform, and some potential problems have also emerged. In this white paper, we run through the most significant changes and additions, and look at what they might mean to users and administrators.
Posted: 13 Oct 2009 | Published: 13 Oct 2009
|
|
|
Podcast: Optimize Business and IT With New Generation Application Lifecycle Management
sponsored by SAP Community Network
PODCAST:
This podcast provides a complete overview of application lifecycle management (ALM) and discusses how SAP's integrated and open approach to ALM can accelerate innovation, ensure business continuity, reduce risk and lower TCO.
Posted: 12 Oct 2009 | Premiered: 12 Oct 2009
|
|
|
When Good Applications Go Bad: Adding Application Control to your Toolbox
sponsored by Fortinet, Inc. / Alternative Technology Group of Arrow ECS
PRESENTATION TRANSCRIPT:
Check out this podcast transcript for the latest information about application security threats and how Fortinet can provide multi-function security system solutions as well as an award-wining Partner Program.
Posted: 05 Oct 2009 | Published: 05 Oct 2009
|
|
|
Presentation Transcript: Application Whitelisting: The Must Have Technology for Security and Compliance Today
sponsored by McAfee, Inc.
PRESENTATION TRANSCRIPT:
Read this paper, which is a transcription of a presentation where speakers Stuart McClure, VP of Operations & Strategy, Risk & Compliance Business Unit, at McAfee Incorporated and Evelyn de Souza, Senior Manager, Risk & Compliance, at McAfee discuss application whitelisting and its benefits.
Posted: 29 Sep 2009 | Published: 29 Sep 2009
|
|
|
Oracle Database 11g: Cost-Effective Solutions for Security and Compliance
sponsored by Oracle Corporation
WHITE PAPER:
The increasingly sophisticated nature of information theft, and the continued emergence of new data privacy protection regulations worldwide, requires strong data security. Effective information security starts by protecting data at the source - the databases in which it resides. Read on to learn more.
Posted: 25 Sep 2009 | Published: 25 Sep 2009
|
|
|
Buyer’s Guide for Enterprise Single Sign-On
sponsored by Oracle Corporation
WHITE PAPER:
This whitepaper offers a thorough checklist that should enable potential ESSO implementers to deploy the right ESSO solution which should help eliminate sign-on problems, reduce helpdesk costs, maximize user productivity, strengthen security, simplify administration and accelerate regulatory compliance.
Posted: 25 Sep 2009 | Published: 25 Sep 2009
|
|
|
Revolutionizing Access Management with Shared Authorization Services
sponsored by Oracle Corporation
WHITE PAPER:
Read this whitepaper to learn how externalization and the consequent centralization of authorization policies leads to better policy transparency, improved compliance and quicker IT response to evolving regulatory requirements.
Posted: 25 Sep 2009 | Published: 25 Sep 2009
|
|
|
Podcast: Staying competitive and Showing ROI
sponsored by IBM
PODCAST:
According to recent research conducted by IBM® ISS X-Force®, more than half of all disclosed vulnerabilities in 2008 were Web application flaws. Learn how IBM Web application security solutions can help you reduce costs, manage risk and improve service. Listen to the podcast.
Posted: 21 Sep 2009 | Premiered: 21 Sep 2009
|
|
|
Weathering a Perfect Storm: The Collision of Application Vulnerabilities and Data Privacy
sponsored by Ounce Labs, an IBM Company
JOURNAL ARTICLE:
Enterprises, particularly those that deal with personal or private data, are now squarely in the path of a perfect storm. The convergence of regulatory compliance, high-profile data breaches and increased sophistication of cyber-attackers has transformed data security from an interesting IT sideline to a bottom-line, corner-office priority.
Posted: 18 Sep 2009 | Published: 18 Sep 2009
|
|
Free Newsletters
