Tenable Malware Detection: Keeping Up With An Increasingly Sophisticated Threat Environment

With an ever-increasing cyber-threat profile, traditional anti-virus (AV) and anti-malware (AM) products are unable to adequately detect new malware threats facing organizations today. In addition, the rise of the mobile workforce and adoption of BYOD policies introduces another layer of risk with unknown and unmanaged laptops, smartphones and mobile devices accessing sensitive IT resources. These developments leave corporations, government entities and individuals at risk from a wide range of cyber-crime activities.

SANS Inaugural Health Care IT Security Survey – October 2013

For perspective on the current state of health care IT security, the SANS Institute completed a detailed industry-specific survey in September 2013. Based input from 373 respondents representing mostly US-based health care provider organizations, findings were analyzed and published in a report co-sponsored by Tenable Network Security, titled, SANS Inaugural Health Care Security Survey.

Continuous Security for Disruptive IT Networks in Higher Education

Institutions of higher education have a unique combination of security and compliance requirements. Security implementation is especially hard considering the independence of their user community and breadth of their endeavors. Even with PCI, HIPAA and other compliance requirements, it is essential that security be proactive because being compliant does not mean that your institution is secure.

Analysen von Angriffswegen

Für Sicherheitsorganisationen ist es kein Problem, Schwachstellen in ihren Unternehmensnetzwerken zu finden. Doch die Masse an Security-Daten wächst konstant. Die größere Herausforderung ist es, diese Daten zu durchstöbern und die größten Risiken für das Geschäft zu finden bzw. korrigierende Maßnahmen zu bestimmen. Das Analysieren der Angriffswege (Attack Path Analytics) ist ein strategischer, risikoorientierter Ansatz in puncto „Security Remediation“.

Attack Path Analytics

Security organizations have no problem finding vulnerabilities on enterprise networks – the volume of security data is constantly growing. The greater challenge is sifting through this data to determine which situations present the greatest risk to the business and prioritizing remediation efforts. Using attack path analytics enables a strategic, risk-based approach to security remediation.

Implementing an Effective Vulnerability Management Program

The traditional approach to vulnerability management is to scan systems and applications for weaknesses at certain intervals These intervals could be anything from yearly, quarterly or even monthly scans The problem with this approach is that the organisation only has visibility of the vulnerabilities detected at those particular points in time.

What is required is a comprehensive and continuous vulnerability management program tightly coupled with other essential operational security processes such as asset management, patch management and incident response.

SANS 2013 Critical Security Controls Survey: Moving From Awareness to Action

Security managers are raising a number of urgent questions related to the 20 Critical Security Controls (CSCs) such as What types of organizations are implementing what controls, and why? How integrated are these controls with overall operations and with risk management dashboards? And what new development, staffing and tool decisions will adopters have to make to address the control areas they’re focusing on?