IT Security: Malware

Click for details

Prävention & Recovery Bei Ransomware

Die heutigen Ransomware-Kampagnen unterscheiden sich von dem, was wir in der Vergangenheit gesehen haben. Auf der einen Seite ist Ransomware leicht von Kriminellen, die wenig bis keine Hacking-Fähigkeiten haben, zu erhalten und erfolgreich zu verwenden; so gibt es heute Dienste, die als „Ransomware as a Service (RAAS)“ bezeichnet werden. Auf der anderen Seite sehen wir, wie Ransomware für mehr als nur Lösegeld verwendet wird. Cylance bietet bewährte Verfahren zur Malware Prävention, Netzwerk-Architektur, interne Incident Response-Workflows, Schwachstellen- und Patch-Management und die Sicherheitsbewertung der internen Hosts und externen Services.

Download…

Click for details

Die Ransomware-Bedrohung

So erkennen Sie einen Angriff, bevor es zu spät ist

Download…

Click for details

The Ransomware Threat: A guide to detecting an attack before it’s too late

WannaCry: What we know

Download…

Click for details

How Ransomware can hold your Business hostage

Understanding Ransomware attacks and how they're delivered

Download…

Click for details

8 Ways to Protect your Network against Ransomware

Click for more details

Download…

Click for details

2017 Annual Threat Report

Click for more details

Download…

Click for details

Calculating the return on investment in layered security

Click for more details

Download…

Click for details

The business case for layered security

Click for more details

Download…

Click for details

La fin des antivirus ?

Click for more details

Download…

Click for details

Calculer le retour sur investissement avec la sécurité multicouche

Click for more details

Download…

Click for details

Arguments en faveur de la sécurité multicouche

Click for more details

Download…

Click for details

So schützen sie ihr unternehmen vor Ransomware

Click for more details

Download…

Click for details

Gründe für die wichtigkeit einer sicherheit auf mehreren ebenen

Click for more details

Download…

Click for details

Haben sich Antivirenprogramme erledigt?

Click for more details

Download…

Click for details

Is Antivirus Dead?

Detecting Malware and Viruses in a Dynamic Threat Environment

Download…

Click for details

Perché La Protezione Multi-Livello é Importante

Click for more details

Download…

Click for details

Il business case per la sicurezza a più livelli

Click for more details

Download…

Click for details

Calcolo del ritorno del capitale investito nella sicurezza a più livelli

Click for more details

Download…

Click for details

Understanding Ransomware and Strategies to Defeat it

Click for more details

Download…

How to Protect Against Ransomware

Ransomware is malware that employs asymmetric encryption to hold a victim’s information at ransom. Asymmetric (public-private) encryption is cryptography that uses a pair of keys to encrypt and decrypt a file. The public-private pair of keys is uniquely generated by the attacker for the victim, with the private key to decrypt the files stored on the attacker’s server. The attacker makes the private key available to the victim only after the ransom is paid, though that is not always the case—as seen in recent ransomware campaigns. Without access to the private key, it is nearly impossible to decrypt the files that are being held for ransom.

Download…

Click for details

How mobile Malware compromises your secure containers and enterprise content

Click for more details

Download…

Click for details

Check Point Sandblast Zero-day Protection: The Best Protection at every level

Click for more details

Download…

Click for details

Zscaler Is A Leader Among SaaS Web Content Security

Zscaler has been positioned as a leader in The Forrester Wave™: SaaS Web Content Security, Q2 2015 from Forrester Research

Download…

Click for details

Magic Quadrant for Secure Web Gateways

The market for SWG solutions is still dominated by traditional on-premises appliances. But, the use of cloud-based services is growing rapidly.

Download…

Click for details

Vendor Landscape: Security Information & Event Management (SIEM)

Select an appropriate SIEM solution based on vendor research; create an implementation roadmap; and define your SIEM architecture.

Download…

Click for details

Protective Monitoring and the UK Public Services Network (PSN)

Conducting business and delivering services online has delivered great benefits but there are associated risks that customers and the public are increasingly becoming aware of.

Download…

Click for details

Security intelligence: solving the puzzle for actionable insight

The extent of security incidents and breaches seen today is so high and so widespread that no organisation should be complacent.

Download…

Click for details

Financial Conduct Authority – Financial Crime: A guide for Firms

LogRhythm’s integrated architecture has been specifically designed to provide real-time continuous, automated monitoring for the detection and prevention of both security and fraudulent related activity.

Download…

Click for details

Surfacing Critical Cyber Threats Through Security Intelligence

The rapidly expanding supply chain supporting the cybercrime economy is empowering cyber criminals, cyber terrorists and even nation states in ways that put companies, critical infrastructure and governments at increased risk. The fate of an organization whose defenses have been compromised will be determined by the speed with which they can detect and respond to intruders. A mature security intelligence posture boosts an organization’s resiliency amidst these advanced threats. If intruders are detected early in their lifecycle, organizations can respond quickly and potentially avoid loss altogether. In this webinar, three cyber security veterans will discuss today’s rapidly evolving cyber threat landscape and LogRhythm’s new Security Intelligence Maturity Model™ (SIMM). They will explore how the SIMM provides organizations with a framework to plan for continuous reduction in their mean-time-to-detect (MTTD) and mean-time-to-respond (MTTR) to high-impact threats. Key themes to be covered include: • Emerging cyber threat vectors in 2015 • Security Intelligence and the critical role it plays in addressing high-impact threats • Using the SIMM to assess your current Security Intelligence Maturity • How to move from “greatly exposed” to “highly resilient” via End-to-End Threat Lifecycle Management

Download…

Click for details

The Cyber Threat Risk – Oversight Guidance for CEOs and Boards

The time has come for CEOs and Boards to take personal responsibility for improving their companies’ cyber security. Global payment systems, private customer data, critical control systems, and core intellectual property are all at risk today. As cyber criminals step up their game, government regulators get more involved, litigators and courts wade in deeper, and the public learns more about cyber risks, corporate leaders will have to step up accordingly.

Download…

Click for details

SANS “Top 20” Critical Controls for Effective Cyber Defense

In a rapidly evolving threat landscape, organizations must protect their entire IT environment against both external and internal attacks. Threats and risks arrive from many angles, requiring security professionals to use a wide variety of methods to defend against attacks. As a result, many organizations are now adopting the 20 Critical Security Controls developed by the SANS Institute. These controls help organizations prioritize the most effective methods and policies for safeguarding their assets, information and infrastructure.

Download…

Click for details

Retail Cyber Crime

Over the past few years, several retail organizations have been hit with high-profile data breaches that have left millions of customers’ credit card details and personal information exposed. Retailers will continue to be prime targets for motivated cyber criminals targeting sensitive and lucrative customer data, and must take steps to secure delicate information.

Download…

Click for details

The APT Lifecycle and its Log Trail

Advanced Persistent Threats, or APTs, are a growing concern in the security industry. APTs differentiate themselves from other types of hacking activities by targeting a specific organization for a specific target, often extremely high pay-off data.

Download…

Click for details

Know and Secure the Enterprise

In today’s hyper-connected world, the financial performance and brand integrity of your company greatly depend on the operational performance and security of your network.

Download…

Click for details

Continuous Monitoring for the New IT Landscape

Recent breaches have targeted a fatal flaw in the way organizations have approached security over the last two decades. Find out how continuous monitoring for the new IT landscape can help.

Download…

Click for details

Cybersecurity's Maginot Line: A Real-World Assessment of the Defense-in-Depth Model

It doesn’t matter what types of firewall, intrusion prevention system (IPS), Web gateway, sandbox and endpoint systems make up organizations’ Maginot Line; attackers are circumventing them all.

Download…

Click for details

Definitive Guide to Next-Generation Threat Protection

As I’ve met with national leaders and customers around the world, I’ve found that there’s a great divide between the level of security they need for their networks and the level of security available to them using traditional security tools.

Download…

Click for details

APT28: A Window into Russia’s Cyber Espionage Operations?

Our clients often ask us to assess the threat Russia poses in cyberspace. Russia has long been a whispered frontrunner among capable nations for performing sophisticated network operations.

Download…

Click for details

Data Loss by the Numbers

Virtually every day there are stories about data loss in the news. This paper focuses on raw data obtained through the Open Security Foundation’s Data Loss Database or DataLossDB to help support improved decision making.

Download…

Click for details

Protecting Intellectual Property in Email

Read this whitepaper to learn about guarding against information-stealing malware and outbound data loss.

Download…

Click for details

Protecting Databases: Boosting Security Against Today’s Attacks and Loss Vectors

Download this whitepaper for more information on how to boost security against today’s attacks and loss vectors.

Download…

Click for details

7 Requirements for Hybrid Web Delivery

Read this whitepaper to find out how the McAfee Hybrid Delivery Architecture defines critical requirements that allow IT to apply traditional risk management to web security.

Download…

Click for details

McAfee Enhanced Server Protection

Server performance fuels business performance. Servers also store and use your company’s most valuable and sensitive information. These two facts pose a dilemma for data center and security managers: should they maximize server protection at the expense of performance or optimize server performance and risk a serious security breach? With McAfee® Enhanced Server Protection, you never have to make that choice. Our solution provides advanced threat protection, reduces compliance and management costs, and maintains server performance and availability.

Download…

Click for details

Protecting Information

For more information and best practice considerations on how to boost security against malicious insiders and external attacker, download this whitepaper.

Download…

Click for details

McAfee Security Management

Say goodbye to silos that splinter your visibility. McAfee® Security Management solutions make security operations efficient and effective, integrating, automating, and correlating data and processes within each system and across the IT environment. Our open platform offers complete visibility into your security posture, proactive risk analytics, and integration of security and compliance with other business operations. You gain a coordinated and holistic approach to managing security that scales and adapts to any enterprise.

Download…

Click for details

Expand Virtualization, Maintain Security

This whitepaper looks at how McAfee Management for Optimized Virtual Environments AntiVirus (McAfee MOVE AntiVirus) tailors security systems to the special technical and management requirements of virtualization.

Download…

Click for details

Counter Stealthy Attacks

The most menacing type of cyberattack is invisible. The risk to enterprises is real as evidenced by recent high-profile attacks. Organisations need layered security controls that work together to detect the presence and actions of stealthy malware and attackers.

Download…

Click for details

NSS Labs Corporate AV/EPP Comparative Analysis: McAfee Achieves Highest Score in Exploit Protection

NSS Labs provides overall exploit protection rates for 11 popular enterprise Endpoint Protection Products.

Download…

Click for details

Endpoint Security: Anti-Virus Alone is Not Enough

The latest report by the Aberdeen Group asks the simple question: “Is anti-virus and a firewall enough security for businesses operating in today’s business environment?”

Download…

Click for details

Network Intrusion Prevention System

NSS Labs performed an independent test of the McAfee Network Security Platform (NSP) M-8000 v6.1. The product was subjected to thorough testing at the NSS Labs facility in Austin, Texas, based on the Network Intrusion Prevention methodology v6.2 available on www.nsslabs.com. This test was conducted free of charge and NSS Labs did not receive any compensation in return for McAfee’s participation.

Download…

Click for details

Advanced Malware Appliances

Advanced malware appliances defend the network from malicious files, or malware. According to Gartner, “The advanced threat prevention appliance market is defined by appliance-based products whose primary purpose is to capture and evaluate network traffic in order to detect and/or prevent advanced forms of customized targeted malware.” Advanced malware appliances typically use one of the following techniques to detect malware: program emulation, object code walkthrough with static analysis, or sandboxing. Currently, more of the excitement in the market is centered on dynamic sandboxing approaches, but there are undeniable advantages to other techniques. Static analysis examines object code without actually executing the code. It examines all possible execution paths and variable values, uncovering attacks that may not immediately manifest (they could occur weeks or months after initial execution). On the other hand, sandboxing, or dynamic analysis, analyzes the behavior of the malware during runtime. It discovers attacks and malicious behavior that are typically too complex to be discovered by static code analysis.

Download…

Click for details

SANS Survey on Application Security Programs and Practices

Web applications have recently emerged as a top cybercriminal attack vector, and organizations that don’t take a proactive approach to app security may be setting themselves up for disaster. More than one-third of organizations still don’t have an application security program in place – what can you do to make sure you’re protected? Consult this informative survey today to discover your peers’ proven practices for app security success, and learn what you can do to stay protected – read on to get started.

Download…

Click for details

Discovering Vulnerable Web Applications

Vulnerabilities in web applications are a major vector for cybercrime. In large organizations, vulnerable web applications comprised 54% of all hacking breaches and led to 39% of compromised records, according to the 2012 Data Breach Investigation Report by Verizon Business.

Download…

Click for details

Keep your PCs safe while surfing the Web

The Web has become a hub of information and productivity, making the web browser one of the most-used applications. This has drawn the attention of cyber criminals—making it a potential Achilles heel for security.

Download…

Click for details

Best Practices for Selecting a Web Application Scanning Solution

Automated Web Application Scanning (WAS) solutions help you discover web apps running in your network, determine whether they are vulnerable to attack, understand how to fix them, and protect your business.

Download…

Click for details

Best Practices for Selecting a Vulnerability Management (VM) Solution

Automated Vulnerability Management (VM) solutions help you discover devices running in your network, determine whether they are vulnerable to attack, find fixes to the underlying problems, and protect yourself while those fixes are being implemented.

Download…

Click for details

Achieve Situational Awareness

If you administer or manage endpoints, you probably have discovered an infected or compromised system. Your !rst reaction is to !nd the system and clean it, so that it does not affect your other systems, and the user can get back to work. Your second reaction is probably “how did this system get infected or compromised?” Unfortunately, most organizations do not have the ability to easily piece together all the information needed to understand an infection incident such as this. If just a single system is affected, it is a luxury for an administrator to track down the root cause—a luxury few can or choose to afford.

Download…

Click for details

Managed security services

Managed Service Providers become better acquainted with their clients IT environments than arguably the clients themselves. Managed Services are a preventive model that relies on remotely monitoring systems around the clock to keep networks humming with minimal or no downtime. As a result, MSPs acquire an unmatched level of insight about their clients environments, and in so doing, they become better positioned than anyone to secure their clients networks.

Download…

Click for details

Vulnerability Management For Dummies

This free eBook provides a vital overview of Vulnerability Management, including your protection options and ten best practices to implement.

Download…

Select a topic