| Company White Papers |
| AlertLogic |
White Paper Title:
Buyer’s Guide to Log Management: Comparing On-Premise and On-Demand Solutions
Link:
http://www.alertlogic.com/register/wp.php?cid=De6s
White Paper Abstract:
Looking for a log management solution? Compare the cost and benefits of traditional on-premise log management managed by the in-house infrastructure team and a Software-as-a-Service (SaaS), or on-demand, solution which moves the infrastructure footprint for log management to a physically and organizationally separate company. |
| Algosec |
White Paper Title:
Easily Clean Up Your Firewall Policy of Unwanted Clutter; Maximize Security and Operations Management
Link:
www.algosec.com/Company/LandingPage/Whitehat
White Paper Abstract:
Enterprises have hundreds if not thousands of firewall rules and objects and they just keep growing. As the first and continued line of defense this constant change decreases a firewalls’ performance while increasing an enterprise’s potential exposure to security breaches.
Now, there is a class of solutions that deliver unprecedented levels of insight and intelligence into an enterprise’s complex firewall configuration, quickly and automatically, checking every rule to allow an enterprise to safeguard its business while optimizing its operations.
In this white paper you will learn about:
* Eight proven strategies to clean up firewall rule base of clutter;
* Finding unused rules, duplicated rules, disabled rules, rules without logging and rules without comments;
* Rapidly identifying and closing potential security holes;
* Achieving compliance with corporate security policy by streamlining operations management |
| Core Security Technologies |
White Paper Title:
The PenTest GutCheck
Link:
http://www.coresecurity.com/?module=Form&action=webinar&campaign=whitehat
White Paper Abstract:
Download this white paper by Spire Security and learn the current status of computing environments along with the value proposition and the economic benefits of penetration testing. |
| Dorian Software |
White Paper Title:
Executive's Guide to Event Log Management Strategy
Link:
ExecutivesGuidetoEventLogManagementStrategy .pdf
White Paper Abstract:
Event log management – the monitoring, collection, consolidation, and analysis of log files - has become a necessary and expanding burden for network security professionals and IT administrators. In fact, new standards set by HIPAA, Sarbanes-Oxley, PCI DSS, and NERC-CIP, for example, require vast amounts of log data be managed in some way – through real-time monitoring, collection, and/or reporting. But what exactly is the event log and what can it tell us? |
| Loglogic, Inc. |
White Paper Title:
Achieving PCI Compliance in Complex Payment Networks
Link:
http://www.loglogic.com/resources/white-papers/achieving-pci-compliance/
White Paper Abstract:
Ensuring data security and integrity is critical to business continuity and risk mitigation. To cost–effectively and efficiently comply with PCI, companies should look to Log Management and Intelligence (LMI) to simplify the process of collecting, storing and managing log data and automate alerting and reporting on that data for use in PCI Compliance audits. |
| Lumesion |
White Paper Title: Fact or Fiction: Debunking the Top 5 Misconceptions about Vulnerability Management
Link:
Fact or Fiction: Debunking the Top 5 Misconceptions about Vulnerability Management
White Paper Abstract:
Vulnerability management can be a powerful means toward reducing the threat surface within an enterprise IT environment. But because vulnerability management technology has been around in some form or another for so long there has been plenty of time for the din of marketing-speak from various vendors to confuse users about the true nature of vulnerability management tools and practices. |
| Mu Security |
White Paper Title:
Six Degrees of Protocols; Why do Bad things Happen to Good Networks
Link:
http://www.musecurity.com/resources/collaterals_noreg/6degrees.pdf
White Paper Abstract:
Network attack surface weaknesses are multiplying with increasing use of open source components and outsourcing. Next-gen VoIP and IPTV services, as well as IMS architectures, are becoming more and more fragile as their complex software receives virtually no negative testing (i.e., developers create new features and network operators roll out services at a far faster rate than traditional test tools can evaluate them for quality). The pace of application development leaves traditional testing methodologies in the dust with little or no service assurance, and networks have become increasingly application-aware - so we have a complex, fragile mess instead of a well-oiled machine. |
| RippleTech |
White Paper Title:
Winning the War Against Inside Threats: Actionable Strategies for Safeguarding Critical Data
Link:
http://www.rippletech.com/index.php?page=Complete-Security-Management-WHWReg
White Paper Abstract:
With the increase in data breaches and attacks, companies need to protect their high value critical data and implement stringent security policies. Forrester has calculated that up to 80% of data breaches are internally sponsored. Therefore, companies need to focus their efforts on securing the inside as well as the outside. This whitepaper will look at the benefits an organization will receive from implementing a complete data protection strategy. |
| SAINT |
White Paper Title:
A Comparative Analysis of Competitor Vulnerabilities and Exploits
Link:
SAINT_Comparative_Analysis.pdf
White Paper Abstract:
New vulnerabilities are announced every day and a growing percentage of new vulnerabilities are exploitable. A vulnerability scanner that integrates exploits and penetration testing provides the ideal solution, saving both time and money. SAINT is the only integrated vulnerability scanner and penetration testing tool available.
You need to know how and where your network can be attacked. Few organizations have the resources to correct all of their network vulnerabilities. Therefore, it is important to identify the greatest threats and tackle those first. By identifying which vulnerabilities are exploitable, SAINT shows you where to begin your remediation efforts. |
| Sourcefire, Inc. |
White Paper Title:
Extending Your Investment in Snort
Link:
http://www.sourcefire.com/resources/?sfext=WHW1q08wp#tb
White Paper Abstract:
Extend the solid foundation of open source SNORT® IPS with the Sourcefire 3D™ System to achieve the complete Enterprise Threat Management solution. |
| Tenable |
White Paper Title:
Unified Security Monitoring.
Link:
http://www.tenablesecurity.com/whitepapers/unified_security_monitoring.pdf
White Paper Abstract:
By combining vulnerability and configuration auditing with log analysis and continuous network monitoring, large and small enterprise organizations can effectively monitor their networks for compliance and security violations. |
| TippingPoint |
White Paper Title:
PS vs. IDS: Similar on the Surface, Polar Opposites Underneath
Link:
http://www.tippingpoint.com/request_document.html
White Paper Abstract:
A common notion is that an IPS is nothing more than an IDS deployed in-line with blocking capabilities. Although IPS and IDS both examine traffic looking for attacks, there are critical differences. The differences between IPS and IDS deployment and purpose cause substantial distinctions in prioritizing the requirement, the meaning of the requirement, and implementation options available for meeting the requirement. This paper describes many critical differences in the nature and priority of IPS and IDS requirements. |