Operational Efficiencies of Proactive Vulnerability Management
|
|
- Grace Joan Fitzgerald
- 8 years ago
- Views:
Transcription
1 Operational Efficiencies of Proactive Vulnerability Management Return on investment analysis
2 Table of Contents Automation Brings Efficiencies 3 Survey Results 3 Cost Elements for 4 Cost Assumptions 4 VMA 1 Inventory Assets 4 Sample asset inventory operational costs 6 VMA 2 Assess Vulnerabilities 6 Sample calculations 7 VMA 3 Correlate Threats 7 Sample calculations 8 VMA 4 Remediate and Validate 9 Sample calculations 10 Conclusion 10 About Cooper Research Associates 10 About McAfee, Inc. 10
3 In the security industry, the high costs associated with security risk management are often difficult to quantify. How do you calculate the value of good will lost in the wake of a major denial of service attack that prevents customers from accessing their accounts? How do you calculate the costs associated with data corruption or the extent to which the integrity of information resources has been violated as a result of a malicious attack on your network? Automation Brings Efficiencies The answers to these questions vary from industry to industry and from company to company, and they can be very difficult and time consuming to measure. This paper details the operational and economic efficiencies associated with the implementation of proactive, integrated, and automated vulnerability management compared to the inefficiencies of a reactive, manual, and fragmented security operation. When activities are managed or implemented in a manual and non-integrated manner, the operational cost of vulnerability management rises in proportion to the number of devices, systems, and the complexity of the enterprise network. However, if vulnerability management activities (VMAs) are automated and integrated, then the operational cost of vulnerability management can be significantly reduced by several orders of magnitude while actually elevating the security posture of the enterprise networking environment. VMAs are those functions performed by network and security personnel to protect against, prevent, and recover from security events that can challenge the integrity of enterprise information assets or threaten to disrupt business continuity. Survey Results To establish a benchmark of awareness of the crucial elements and activities associated with managing enterprise security operations, CRA Reports surveyed 149 security officers and IT managers who have security responsibilities. Among the survey s findings: 88.6 percent of respondents have initiatives in place to inventory network assets 75.8 percent have programs that prioritize network assets in terms of criticality to the enterprise 59.1 percent currently correlate known threats to their organization s critical information assets Only 38.3 percent have automated the process of remediating vulnerabilities on their enterprise systems 77.9 percent report that clearly defined policies for security compliance are in place in their organizations 58.4 percent regularly measure the performance of their security operations to established security policies Only 54.4 percent report requirements to provide senior management with regular reports on the security posture of their organization More than 65 percent report that they have not established ROI metrics for security risk management initiatives in their organizations. Further analysis of the survey results reveals that most companies overspend on discrete aspects of their security risk management operations, while underinvesting in broad categories of security activities. Along with financial investments, most organizations allocate disproportionate human and technical resources on some aspects of their security risk management operations, while ignoring other often critical elements of their security operations. The reason for the discrepancy has to do with the way organizations organize their security risk management operation, often resulting in the following: The need for manual reconciliation of silos of security automation Very high costs from this approach A lack of resources needed to perform all of the functions to maximize the security posture 3
4 Cost Elements for Although specific risks, vulnerabilities, and threats tend to be unique to each organization, many of the procedures and costs associated with managing security vulnerabilities like any business process share common elements that are consistent and that can be tracked, measured, and quantified. In other words, while the staff, networks, and devices maintained by different organizations vary, there are a common set of VMAs that provide a common basis for comparative analysis. This report identifies those quantifiable elements, defines and describes them, and provides a matrix against which individual organizations can compare the actual costs of running a manual vulnerability management operation against automated approaches. In identifying elements that can be quantified and analyzed objectively, we have developed a simple and effective operational cost of vulnerability management (OCVM) formula to which each element must apply. The formula is as follows: Devices (number of live devices on your network) Time (time for each VMA) Cycles (the number of times you will complete this activity) Operational Cost of (D x T x C = OCVM) Cost Assumptions VMAs that could not be quantified by this formula were not included in this analysis. We identified four VMAs that were applicable to the OCVM formula. They are: VMA 1 Inventory assets VMA 2 Assess vulnerabilities VMA 3 Correlate threats VMA 4 Remediate issues and validate fixes To provide a basis for financial analysis, we attached a labor rate to the time associated with VMAs. According to a recent security professional salary survey conducted by Dice/Datamation, the most widely listed network security job is a LAN/network administrator, with a starting salary of $71,000, or $36/hour. We have adopted this hourly rate as a conservative basis for assessing the financial costs of vulnerability management. VMA 1 Inventory Assets Almost 90 percent of respondents to the CRA Reports Security Survey reported having a concerted effort in place to inventory network assets (Figure 1). However, the approaches taken by different organizations to inventory and classify their network resources vary significantly depending on the size of the organization and the industry in which they operate. My organization currently prioritzes its network assets. 100% 80% 88.60% 60% 40% 20% 0% Agree 10.70% Disagree 0.70% No Opinion Figure 1. Percentage of respondents with efforts to inventory network assets. (Source: CRA Reports) 4
5 A full 75 percent of respondents to the CRA Reports survey indicated their organizations engage in efforts to prioritize network assets in terms of criticality to their business operations (Figure 2). My organization currently prioritizes its network assets in terms of criticality to the business/agency. 80% 75.80% 60% 40% 20% 0% Agree 20.10% Disagree 4% No Opinion Figure 2. Percentage of respondents whose organization currently prioritizes its network assets in terms of criticality to the business/agency. (Source: CRA Reports.) There is broad consensus that using traditional manual techniques represents a labor- and resourceintensive effort, even for organizations that have asset management systems in place. This is especially true as the size of the organization grows. Nevertheless, there is overwhelming agreement that regular, rigorous, and comprehensive surveys must be conducted of all devices, applications, databases, and processes that make up or are connected to the enterprise network to maintain or improve security posture. The security-oriented inventory assessment steps include: 1. Identify or query all devices in the enterprise. In general, it can take a relatively small organization with up to 256 devices as little as five minutes to fully account for all systems attached to the network. A mid-sized company with up to 65,500 devices can take five hours. And a large Fortune 1000 firm can take as many as 20 hours to identify and query as many 250,000 devices. Identifying subnets, segmentation devices, owners of subnets and devices, and entering findings into a spreadsheet adds further time to this phase of the identification process. It can take two weeks to perform this for up to 5,000 devices, up to three weeks for 10,000 devices, four weeks for 20,000 devices, and five weeks for 40, Categorize and prioritize assets by function. Categorizing and prioritizing assets is the most time consuming element of this process. It can take between three to five minutes to appropriately classify an asset once the data gathering phase of the research is done. Because this is such a time-consuming effort, few organizations categorize their assets comprehensively. Most organizations have taken a pragmatic approach and applied the rule (20 percent of assets actually represent more than 80 percent of the value to the organization) and categorize those assets accordingly. 3. Make regular updates. Because of the time-intensive nature of the effort, few organizations update their asset inventories more than three or four times per year. It is estimated that each update takes 50 percent of the time associated with performing the original inventory/query. If there are significant changes, additions, or removals, then the updates can take significantly more time to perform accurately. 5
6 Sample asset inventory operational costs Sample calculations on the operational cost of asset inventory for security are listed below. Manual Assumptions 1 minute per device Subsequent cycles = 50% of first cycle Automated Assumptions 15 hours for all devices Subsequent cycles = 50% of first cycle Manual Process Costs Automated Process Costs Devices 380, ,000 Time/Device 1 minute 15 hours* Cycle 1 $228,000 $540 Cycle 2 $114,000 $270 Cycle 3 $114,000 $270 Total Cost $456,000 $1,080 * This assumes that the security or IT professional is monitoring the automated process in real time. Table 1. Operational cost of asset inventory for security purposes. VMA 2 Assess Vulnerabilities The assess vulnerabilities activity provides the foundation for determining the vulnerabilities and the severity of the vulnerabilities, such as misconfigurations or missing patches that are present on the enterprise network. Ideally, a vulnerability assessment will: Look for weaknesses in the network architecture and devices Provide current information to guide how security measures should be implemented Provide the necessary logic to prioritize mission-critical assets The vulnerability assessment steps include: Leverage asset inventory findings Using the data gathered from the asset discovery process, an assessment tool can be used to analyze all live hosts Identify weaknesses, risk exposures, and misconfigurations If this process is implemented frequently, the time it takes to complete each analysis will be relatively short. The process may take longer due to delays between analyses. Match findings of this analysis to inventory Manual correlation between asset spreadsheets and assessment output can take several days. If the analysis is broader for example at a business unit or operational unit level then it could take a few additional days to analyze the impact of the analysis. Review and distribute reports to appropriate personnel This process also has a high level of variability. It is highly dependent on the size and complexity of the enterprise network, as well as the organizational/reporting structure. Generally speaking, it takes approximately one week to segment, summarize, and distribute reports that provide an accurate snapshot assessment of an organization s vulnerability to threats. Since most companies do not have a centralized system that manages inventory and vulnerabilities, the vulnerability assessment activity is typically extremely time consuming and resource intensive. It s difficult for many organizations to organize, correlate, and act on disparate and inconsistent results from desktop assessment tools. 6
7 Sample calculations Sample calculations on the operational cost of vulnerability assessment are listed below. Manual Assumptions Assessment of 2 minutes per device Subsequent cycles = 50% of first cycle Automated Assumptions Assessment of 20 hours for all devices Subsequent cycles = 50% of first cycle Manual Process Costs Automated Process Costs Devices 380, ,000 Time/Device 2 minute 20 hours* Cycle 1 $456,000 $720 Cycle 2 $228,000 $360 Cycle 3 $228,000 $360 Total Cost $912,000 $1,440 * This assumes that the security or IT professional is monitoring the automated process in real time. Table 2. Operational cost of vulnerability assessment. VMA 3 Correlate Threats After scanning for vulnerabilities, the vulnerability management operation should proceed with a threat correlation analysis. Organizations must be constantly aware of emerging threats to enterprise systems, and develop the ability to determine how those threats can potentially affect the security of the organization. And yet, according to the CRA Reports Security Survey, less than 60 percent of organizations have systems in place for correlating known threats to critical information assets (Figure 3). My organization has a system(s) for correlating threats to our critical information assets. 80% 60% 59.10% 40% 33.60% 20% 7.40% 0% Agree Disagree No Opinion Figure 3. Percentage of respondents with a system for correlating threats to critical information assets. (Source: CRA Reports) 7
8 Threat correlation aggregates potential and known threats against specific assets in the target environment. Often, administrators scour the web to get news, information, and alerts from different sources to identify new threats that might affect their enterprise systems. Done properly, this provides information security officers with an opportunity to anticipate and proactively implement countermeasures before their systems are exposed to threats. The threat correlation steps include: Search and monitor the Internet for information on the most recently identified threats This has become a routine part of an IT or security professional s job description. It can take up to one hour per day. (IT staffs typically don t spend that much time because automated services send a synopsis of threats on a daily basis.) Correlate the results to vulnerability assessment reports When a likely threat is identified, searching through reports for the correct information might take 30 minutes and could take many hours in a large organization Threat correlation is probably the most time-consuming and imprecise process. Because many organizations do not regularly inventory their assets, most systems administrators and security directors do not know all the systems they have in the environment. They therefore do not have a clear idea of which assets may be susceptible to an attack. Once a potential threat is identified, matching it to systems and then checking if vulnerabilities actually exist can also be extremely time consuming. Sample calculations Sample calculations on the operational cost of threat correlation are listed in Table 3. Manual Assumptions 15% of assets reporting potential vulnerabilities 20 minutes per device Subsequent cycles = first cycle Automated Assumptions 15% of assets reporting potential vulnerabilities 2 hours for all devices Subsequent cycles = first cycle Manual Process Costs Automated Process Costs Devices 57,000 57,000 Time/Device 20 minutes 2 hours* Cycle 1 $684,000 $72 Cycle 2 $684,000 $72 Cycle 3 $684,000 $72 Total Cost $2,052,000 $216 * This assumes that the security or IT professional is monitoring the automated process in real time. Table 3. Operational cost of performing threat correlation. 8
9 VMA 4 Remediate and Validate Less than 40 percent of the CRA Reports Security Survey respondents indicated that they have automated the process of remediating and validating vulnerabilities on their organizations enterprise systems (Figure 4). The vast majority of organizations perform this function manually or do not remediate all vulnerabilities against critical threats. For those companies that do not have a way of prioritizing mission-critical assets, this can elevate risk unnecessarily. My organization has an automated process to remediate vulnerabilities. 60% 50% 40% 30% 20% 38.30% 55% 10% 6.70% 0% Agree Disagree No Opinion Figure 4. Percentage of respondents with an automated process to remediate vulnerabilities. (Source: CRA Reports). Steps must be taken to fix or remediate severe vulnerabilities discovered during the assessment phase. Once the misconfiguration has been fixed or the asset has been patched, then the asset should be tested to ensure that the vulnerability has been fixed correctly. The steps for remediating and validating remediation are: Leverage vulnerability assessment Some form of assessment is a prerequisite for remediation Package vulnerability reports for appropriate personnel Reports need to be packaged and sent out to the network administrators who are charged with protecting and maintaining those assets. In many organizations, the actual remediation activity is performed by IT staffs, not security personnel. Disseminating these reports and work orders often takes a full work day. A technician visits the asset to remediate and validate Managers should budget between 10 to 45 minutes to remediate all high- and medium-risk vulnerabilities on a machine. Low-risk vulnerabilities are usually ignored. Process steps include:»» Technician performs patch and remediation»technician» re-scans box to determine if vulnerability is still there (this step is often not carried out at all and is usually left up to the security team to do any re-scanning)»» Technician generates report and sends report back to security management team»» Security management re-scans for vulnerabilities (for instance, bulk verification) to confirm remediation The remediation and validation process is often convoluted especially in larger organizations. A relatively small percentage of organizations have developed enterprise-wide standard operating procedures for remediation and validation. Several administrators typically manage a large environment, and each will have a certain expertise and will be responsible for discreet parts of a network. Often, different approaches are taken to prioritizing which vulnerabilities get patched first. This can create confusion, as managers or executives receive inconsistent reports. 9
10 Sample calculations Sample calculations on the operational cost of performing remediation and validation are listed below. Manual Assumptions 15% of assets reporting potential vulnerabilities 15 minutes per device Subsequent cycles = first cycle Automated Assumptions 15% of assets reporting potential vulnerabilities 10 minutes per device Subsequent cycles = first cycle Manual Process Costs Automated Process Costs Devices 380, ,000 Time/Device 15 minutes 10 minutes* Cycle 1 $513,000 $342,000 Cycle 2 $513,000 $342,000 Cycle 3 $513,000 $342,000 Total Cost $1,539,000 $1,026,000 * This assumes that the security or IT professional is monitoring the automated process in real time. Table 4. Operational cost of performing remediation and validation. Conclusion When security activities are managed or implemented in a manual and non-integrated manner, the operational cost of vulnerability management rises in proportion to the number of devices, systems, and complexity of the enterprise network. However, if VMAs are automated and integrated with each other, then the operational cost of vulnerability management can be significantly reduced (by several orders of magnitude) while actually improving overall security posture. About Cooper Research Associates The research in this report was prepared by CRA Reports. Founded in 1994, Cooper Research Associates (CRA) is an independent reporting agency with offices in San Francisco, CA and Washington, DC that analyzes user trends in business technology. CRA Reports explore the role that technology products and services play in the overall economy and/or in specific vertical industries. To view a list of current white papers, please visit About McAfee, Inc. McAfee, Inc., headquartered in Santa Clara, California, is the world s largest dedicated security technology company. McAfee is relentlessly committed to tackling the world s toughest security challenges. The company delivers proactive and proven solutions and services that help secure systems and networks around the world, allowing users to safely connect to the Internet, browse and shop the web more securely. Backed by an award-winning research team, McAfee creates innovative products that empower home users, businesses, the public sector, and service providers by enabling them to prove compliance with regulations, protect data, prevent disruptions, identify vulnerabilities, and continuously monitor and improve their security. McAfee, Inc Freedom Circle Santa Clara, CA McAfee and the McAfee logo are registered trademarks or trademarks of McAfee, Inc. or its subsidiaries in the United States and other countries. Other marks and brands may be claimed as the property of others. The product plans, specifications and descriptions herein are provided for information only and subject to change without notice, and are provided without warranty of any kind, express or implied. Copyright 2010 McAfee, Inc. 8946wp_grc_op-eff-vuln-mgmt_0310_ETMG
Total Protection for Compliance: Unified IT Policy Auditing
Total Protection for Compliance: Unified IT Policy Auditing McAfee Total Protection for Compliance Regulations and standards are growing in number, and IT audits are increasing in complexity and cost.
More informationCA Vulnerability Manager r8.3
PRODUCT BRIEF: CA VULNERABILITY MANAGER CA Vulnerability Manager r8.3 CA VULNERABILITY MANAGER PROTECTS ENTERPRISE SYSTEMS AND BUSINESS OPERATIONS BY IDENTIFYING VULNERABILITIES, LINKING THEM TO CRITICAL
More informationMcAfee epolicy Orchestrator
Optimizing Security Management with McAfee epolicy Orchestrator The proof is in the research Chief information officers (CIOs) at enterprises worldwide are facing a major struggle today: how to balance
More informationOptimizing Network Vulnerability
SOLUTION BRIEF Adding Real-World Exposure Awareness to Vulnerability and Risk Management Optimizing Network Vulnerability Management Using RedSeal november 2011 WHITE PAPER RedSeal Networks, Inc. 3965
More informationLeveraging a Maturity Model to Achieve Proactive Compliance
Leveraging a Maturity Model to Achieve Proactive Compliance White Paper: Proactive Compliance Leveraging a Maturity Model to Achieve Proactive Compliance Contents Introduction............................................................................................
More informationTechnology Blueprint. Protect Your Email Servers. Guard the data and availability that enable business-critical communications
Technology Blueprint Protect Your Email Servers Guard the data and availability that enable business-critical communications LEVEL 1 2 3 4 5 SECURITY CONNECTED REFERENCE ARCHITECTURE LEVEL 1 2 4 5 3 Security
More informationHow To Buy Nitro Security
McAfee Acquires NitroSecurity McAfee announced that it has closed the acquisition of privately owned NitroSecurity. 1. Who is NitroSecurity? What do they do? NitroSecurity develops high-performance security
More informationMcAfee Global Threat Intelligence File Reputation Service. Best Practices Guide for McAfee VirusScan Enterprise Software
McAfee Global Threat Intelligence File Reputation Service Best Practices Guide for McAfee VirusScan Enterprise Software Table of Contents McAfee Global Threat Intelligence File Reputation Service McAfee
More informationLeveraging Network and Vulnerability metrics Using RedSeal
SOLUTION BRIEF Transforming IT Security Management Via Outcome-Oriented Metrics Leveraging Network and Vulnerability metrics Using RedSeal november 2011 WHITE PAPER RedSeal Networks, Inc. 3965 Freedom
More informationTechnology Blueprint. Assess Your Vulnerabilities. Maintain a continuous understanding of assets and manage vulnerabilities in real time
Technology Blueprint Assess Your Vulnerabilities Maintain a continuous understanding of assets and manage vulnerabilities in real time LEVEL 1 2 3 4 5 SECURITY CONNECTED REFERENCE ARCHITECTURE LEVEL 1
More informationImproving Network Security Change Management Using RedSeal
SOLUTION BRIEF Mapping the Impact of Change on Today s Network Security Infrastructure Improving Network Security Change Management Using RedSeal november 2011 WHITE PAPER RedSeal Networks, Inc. 3965 Freedom
More informationIBM Security QRadar Risk Manager
IBM Security QRadar Risk Manager Proactively manage vulnerabilities and network device configuration to reduce risk, improve compliance Highlights Collect network security device configuration data to
More informationMcAfee Enterprise Mobility Management Versus Microsoft Exchange ActiveSync
McAfee Enterprise Mobility Management Versus Microsoft Secure, easy, and scalable mobile device management Table of Contents What Can Do? 3 The smartphone revolution is sweeping the enterprise 3 Can enterprises
More informationTechnology Blueprint. Secure Your Virtual Desktop Infrastructure. Optimize your virtual desktop infrastructure for performance and protection
Technology Blueprint Secure Your Virtual Desktop Infrastructure Optimize your virtual desktop infrastructure for performance and protection LEVEL 1 2 3 4 5 SECURITY CONNECTED REFERENCE ARCHITECTURE LEVEL
More informationIBM Security QRadar Risk Manager
IBM Security QRadar Risk Manager Proactively manage vulnerabilities and network device configuration to reduce risk, improve compliance Highlights Visualize current and potential network traffic patterns
More informationGOOD PRACTICE GUIDE 13 (GPG13)
GOOD PRACTICE GUIDE 13 (GPG13) GPG13 - AT A GLANCE Protective Monitoring (PM) is based on Good Practice Guide 13 Comprises of 12 sections called Proactive Monitoring Controls 1-12 Based on four Recording
More informationWhite Paper. McAfee Web Security Service Technical White Paper
McAfee Web Security Service Technical White Paper Effective Management of Anti-Virus and Security Solutions for Smaller Businesses Continaul Security Auditing Vulnerability Knowledge Base Vulnerability
More informationContinuous Network Monitoring
Continuous Network Monitoring Eliminate periodic assessment processes that expose security and compliance programs to failure Continuous Network Monitoring Continuous network monitoring and assessment
More informationMcAfee SECURE Technical White Paper
Protect what you value. VERSION #1 093008 McAfee SECURE Technical White Paper Table of Contents Contnuous Security Auditing....................................................................... 2 Vulnerability
More informationSolutions Brochure. Security that. Security Connected for Financial Services
Solutions Brochure Security that Builds Equity Security Connected for Financial Services Safeguard Your Assets Security should provide leverage for your business, fending off attacks while reducing risk
More informationCatbird 6.0: Private Cloud Security
WHITE PAPER Catbird 6.0: Private Cloud Security and agile infrastructure that is exposing weaknesses in legacy perimeter-based network controls and leaving applications vulnerable to advanced threats.
More informationBusiness Case Outsourcing Information Security: The Benefits of a Managed Security Service
Business Case Outsourcing Information Security: The Benefits of a Managed Security Service seccuris.com (866) 644-8442 Contents Introduction... 3 Full- Time Experts vs. a Part- Time In- House Staff...
More informationApplication Security Testing as a Foundation for Secure DevOps
Application Security Testing as a Foundation for Secure DevOps White Paper - April 2016 Introduction Organizations realize that addressing the risk of attacks on their Website applications is critical.
More informationMcAfee Phishing Quiz. Partner Enablement Guide
McAfee Phishing Quiz Partner Enablement Guide Use the Phishing Quiz to educate your own organization, prospects, and existing customers about phishing and how McAfee security solutions can help. This guide
More informationFoundstone Enterprise is a closed-loop,
Foundstone Enterprise is a closed-loop, enterprise-class security solution engineered to manage and mitigate the business risks associated with digital vulnerabilities. This award-winning appliance-based
More informationPower, Patch, and Endpoint Managers Expand McAfee epo Platform Capabilities While Cutting Endpoint Costs
Business Brief Power, Patch, and Endpoint Managers Expand McAfee epo Platform Capabilities While Cutting Endpoint Costs McAfee Compatible Solution Autonomic Software Endpoint Manager 1.2 and McAfee epo
More informationLeveraging innovative security solutions for government. Helping to protect government IT infrastructure, meet compliance demands and reduce costs
IBM Global Technology Services Leveraging innovative security solutions for government. Helping to protect government IT infrastructure, meet compliance demands and reduce costs Achieving a secure government
More informationEffective Threat Management. Building a complete lifecycle to manage enterprise threats.
Effective Threat Management Building a complete lifecycle to manage enterprise threats. Threat Management Lifecycle Assimilation of Operational Security Disciplines into an Interdependent System of Proactive
More informationHow To Protect Your Data From Attack
Solutions Brochure Situation Under Control Security Connected for the Public Sector 2 Security Connected for the Public Sector Increase Availability. Strengthen Resiliency. Government entities face pressure
More informationPreemptive security solutions for healthcare
Helping to secure critical healthcare infrastructure from internal and external IT threats, ensuring business continuity and supporting compliance requirements. Preemptive security solutions for healthcare
More informationMcAfee Server Security
Security Secure server workloads with low performance impact and integrated management efficiency. Suppose you had to choose between securing all the servers in your data center physical and virtual or
More informationWhat a Vulnerability Assessment Scanner Can t Tell You. Leveraging Network Context to Prioritize Remediation Efforts and Identify Options
White paper What a Vulnerability Assessment Scanner Can t Tell You Leveraging Network Context to Prioritize Remediation Efforts and Identify Options november 2011 WHITE PAPER RedSeal Networks, Inc. 3965
More informationVulnerability Management
Vulnerability Management Buyer s Guide Buyer s Guide 01 Introduction 02 Key Components 03 Other Considerations About Rapid7 01 INTRODUCTION Exploiting weaknesses in browsers, operating systems and other
More informationMcAfee Total Protection Reduce the Complexity of Managing Security
McAfee Total Protection Reduce the Complexity of Managing Security Computer security has changed dramatically since the first computer virus emerged 25 years ago. It s now far more complex and time-consuming.
More informationData Loss Prevention Best Practices for Healthcare
Data Loss Prevention Best Practices for Healthcare The perils of data loss Table of Contents This white paper is co authored with Siemens Healthcare First Steps to Data Loss Prevention....3 You Cannot
More informationBest Practices for Vulnerability Management
4 Steps to Reducing Risk with Vulnerability Management Best Practices Is Your Vulnerability Management Process Meaningful To Your Business? The vulnerability management process can be very useful and provide
More informationMaking the Business Case for IT Asset Management
1 The business case for IT Asset Management Making the Business Case for IT Asset Management Executive Summary IT Asset Management (ITAM) is an important business discipline that provides insight into
More informationIBM Internet Security Systems October 2007. FISMA Compliance A Holistic Approach to FISMA and Information Security
IBM Internet Security Systems October 2007 FISMA Compliance A Holistic Approach to FISMA and Information Security Page 1 Contents 1 Executive Summary 1 FISMA Overview 3 Agency Challenges 4 The IBM ISS
More informationDatabase Security in Virtualization and Cloud Computing Environments
White Paper Database Security in Virtualization and Cloud Computing Environments Three key technology challenges in protecting sensitive data Table of Contents Securing Information in Virtualization and
More informationAttack Intelligence: Why It Matters
Attack Intelligence: Why It Matters WHITE PAPER Core Security +1 617.399-6980 info@coresecurity.com www.coresecurity.com A Proactive Strategy Attacks against your organization are more prevalent than ever,
More informationEnabling Continuous PCI DSS Compliance. Achieving Consistent PCI Requirement 1 Adherence Using RedSeal
SOLUTION BRIEF Enabling Continuous PCI DSS Compliance Achieving Consistent PCI Requirement 1 Adherence Using RedSeal november 2011 WHITE PAPER RedSeal Networks, Inc. 3965 Freedom Circle, Suite 800, Santa
More informationWhite Paper The Dynamic Nature of Virtualization Security
White Paper The Dynamic Nature of Virtualization Security The need for real-time vulnerability management and risk assessment Introduction Virtualization is radically shifting how enterprises deploy, deliver,
More informationExtreme Networks Security Analytics G2 Vulnerability Manager
DATA SHEET Extreme Networks Security Analytics G2 Vulnerability Manager Improve security and compliance by prioritizing security gaps for resolution HIGHLIGHTS Help prevent security breaches by discovering
More informationReal-Time Security for Active Directory
Real-Time Security for Active Directory Contents The Need to Monitor and Control Change... 3 Reducing Risk and Standardizing Controls... 3 Integrating Change Monitoring... 4 Policy Compliance... 4 The
More informationReducing the Complexity of Virtualization for Small and Midsized Businesses
Reducing the Complexity of Virtualization for Small and Midsized Businesses Deploying an SMB-Specific SaaS Solution to Simplify Virtualization and Increase IT Productivity WHITE PAPER Executive Summary
More informationWhite Paper. Network Management and Operational Efficiency
White Paper Network Management and Operational Efficiency Table of Contents Why Does It Matter? 3 Customer Needs and Challenges 3 Key operational tasks 3 Typical Management Systems 4 The McAfee Response
More informationWhite Paper. Emergency Incident Response: 10 Common Mistakes of Incident Responders
Emergency Incident Response: 10 Common Mistakes of Incident Responders Table of Contents This white paper was written by: Michael G. Spohn Principal Consultant McAfee Foundstone Professional Services Incident
More informationHow To Monitor Your Entire It Environment
Preparing for FISMA 2.0 and Continuous Monitoring Requirements Symantec's Continuous Monitoring Solution White Paper: Preparing for FISMA 2.0 and Continuous Monitoring Requirements Contents Introduction............................................................................................
More informationAgent or Agentless Policy Assessments: Why Choose?
Technical Brief Agent or Agentless Policy Assessments: Why Choose? McAfee Total Protection for Compliance Meeting newer, more stringent regulatory standards and the increasing number of IT audits requires
More informationThe Business Case for Security Information Management
The Essentials Series: Security Information Management The Business Case for Security Information Management sponsored by by Dan Sullivan Th e Business Case for Security Information Management... 1 Un
More informationROUTES TO VALUE. Business Service Management: How fast can you get there?
ROUTES TO VALUE Business Service : How fast can you get there? BMC Software helps you achieve business value quickly Each Route to Value offers a straightforward entry point to BSM; a way to quickly synchronize
More informationClosing the Vulnerability Gap of Third- Party Patching
SOLUTION BRIEF: THIRD-PARTY PATCH MANAGEMENT........................................ Closing the Vulnerability Gap of Third- Party Patching Who should read this paper IT Managers who are trying to manage
More informationIBM Security QRadar Vulnerability Manager
IBM Security QRadar Vulnerability Manager Improve security and compliance by prioritizing security gaps for resolution Highlights Help prevent security breaches by discovering and highlighting high-risk
More informationEMC CONSULTING SECURITY STANDARDS AND COMPLIANCE SERVICES
EMC CONSULTING SECURITY STANDARDS AND COMPLIANCE SERVICES Aligning information with business and operational objectives ESSENTIALS Leverage EMC Consulting as your trusted advisor to move your and compliance
More informationExtreme Networks Security Analytics G2 Risk Manager
DATA SHEET Extreme Networks Security Analytics G2 Risk Manager Proactively manage vulnerabilities and network device configuration to reduce risk, improve compliance HIGHLIGHTS Visualize current and potential
More information1 Introduction... 2 2 Product Description... 3 3 Strengths and Challenges... 5 4 Copyright... 5
KuppingerCole Report EXECUTIVE VIEW by Alexei Balaganski May 2015 is a business-critical application security solution for SAP environments. It provides a context-aware, secure and cloud-ready platform
More informationFIREMON SECURITY MANAGER
FIREMON SECURITY MANAGER Regain control of firewalls with comprehensive firewall management The enterprise network is a complex machine. New network segments, new hosts and zero-day vulnerabilities are
More informationNetwork Intrusion Prevention Systems Justification and ROI
White Paper October 2004 McAfee Protection-in-Depth Strategy Network Intrusion Prevention Systems 2 Table of Contents Are My Critical Data Safe? 3 The Effects and Results of an Intrusion 3 Why the Demand
More informationCA Service Desk Manager
PRODUCT BRIEF: CA SERVICE DESK MANAGER CA Service Desk Manager CA SERVICE DESK MANAGER IS A VERSATILE, COMPREHENSIVE IT SUPPORT SOLUTION THAT HELPS YOU BUILD SUPERIOR INCIDENT AND PROBLEM MANAGEMENT PROCESSES
More informationExtend the value of your service desk and integrate ITIL processes with IBM Tivoli Change and Configuration Management Database.
IBM Service Management solutions and the service desk White paper Extend the value of your service desk and integrate ITIL processes with IBM Tivoli Change and Configuration Management Database. December
More informationPayment Card Industry Data Security Standard
Symantec Managed Security Services support for IT compliance Solution Overview: Symantec Managed Services Overviewview The (PCI DSS) was developed to facilitate the broad adoption of consistent data security
More informationReducing the cost and complexity of endpoint management
IBM Software Thought Leadership White Paper October 2014 Reducing the cost and complexity of endpoint management Discover how midsized organizations can improve endpoint security, patch compliance and
More informationBreaking down silos of protection: An integrated approach to managing application security
IBM Software Thought Leadership White Paper October 2013 Breaking down silos of protection: An integrated approach to managing application security Protect your enterprise from the growing volume and velocity
More informationIndustrial Control System Cybersecurity
Industrial Control System Cybersecurity Buyer s Top 10 Guide 1 Introduction The purpose of this guide is to provide you with high-level questions to ask of any prospective vendor looking to secure your
More informationMcAfee Security Architectures for the Public Sector
White Paper McAfee Security Architectures for the Public Sector End-User Device Security Framework Table of Contents Business Value 3 Agility 3 Assurance 3 Cost reduction 4 Trust 4 Technology Value 4 Speed
More informationWhiteHat Security White Paper. Top 11 PCI DSS 3.0 Changes That Will Affect Your Application Security Program
WhiteHat Security White Paper Top 11 PCI DSS 3.0 Changes That Will Affect Your Application Security Program October 2015 The Payment Card Industry Data Security Standard (PCI DSS) is a proprietary information
More informationFISMA Compliance: Making the Grade
FISMA Compliance: Making the Grade A Qualys Guide to Measuring Risk, Enforcing Policies, and Complying with Regulations EXECUTIVE SUMMARY For federal managers of information technology, FISMA is one of
More informationTackling Third-Party Patches
Tackling Third-Party Patches VMware vcenter Protect Update Catalog Delivers an Efficient, Effective Way to Extend an Organization s SCCM Infrastructure Technical WHITE PAPER Companies around the world
More informationA proven 5-step framework for managing supplier performance
IBM Software Industry Solutions Industry/Product Identifier A proven 5-step framework for managing supplier performance Achieving proven 5-step spend framework visibility: benefits, for managing barriers,
More informationProtect what you value. McAfee Tackles the Complexities of Endpoint Security. Stronger security. Streamlined management. Simplified compliance.
Protect what you value. McAfee Tackles the Complexities of Endpoint Security Stronger security. Streamlined management. Simplified compliance. Table of Contents Endpoint Security Challenges Abound... 3
More information8 Key Requirements of an IT Governance, Risk and Compliance Solution
8 Key Requirements of an IT Governance, Risk and Compliance Solution White Paper: IT Compliance 8 Key Requirements of an IT Governance, Risk and Compliance Solution Contents Introduction............................................................................................
More informationCoverity White Paper. Effective Management of Static Analysis Vulnerabilities and Defects
Effective Management of Static Analysis Vulnerabilities and Defects Introduction According to a recent industry study, companies are increasingly expanding their development testing efforts to lower their
More informationMcAfee Tackles the Complexities of Endpoint Security
McAfee Tackles the Complexities of Endpoint Security Stronger security. Streamlined management. Simplified compliance. Table of Contents Endpoint Security Challenges Abound 3 Point Products Increase Complexities
More informationCONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL
CONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL WHAT IS CDM? The continuous stream of high profile cybersecurity breaches demonstrates the need to move beyond purely periodic, compliance-based approaches to
More informationTrend Micro Cloud Security for Citrix CloudPlatform
Trend Micro Cloud Security for Citrix CloudPlatform Proven Security Solutions for Public, Private and Hybrid Clouds 2 Trend Micro Provides Security for Citrix CloudPlatform Organizations today are embracing
More informationCORE INSIGHT ENTERPRISE: CSO USE CASES FOR ENTERPRISE SECURITY TESTING AND MEASUREMENT
CORE INSIGHT ENTERPRISE: CSO USE CASES FOR ENTERPRISE SECURITY TESTING AND MEASUREMENT How advancements in automated security testing software empower organizations to continuously measure information
More informationForeScout CounterACT CONTINUOUS DIAGNOSTICS & MITIGATION (CDM)
ForeScout CounterACT CONTINUOUS DIAGNOSTICS & MITIGATION (CDM) CONTENT Introduction 2 Overview of Continuous Diagnostics & Mitigation (CDM) 2 CDM Requirements 2 1. Hardware Asset Management 3 2. Software
More informationCyber Security Services: Data Loss Prevention Monitoring Overview
WHITE PAPER: DLP MONITORING OVERVIEW........................................ Cyber Security Services: Data Loss Prevention Monitoring Overview Who should read this paper Customers who are interested in
More information2011 Forrester Research, Inc. Reproduction Prohibited
1 2011 Forrester Research, Inc. Reproduction Prohibited Information Security Metrics Present Information that Matters to the Business Ed Ferrara, Principal Research Analyst July 12, 2011 2 2009 2011 Forrester
More informationSeven Requirements for Hybrid Web Delivery Getting the best of both on-premises and SaaS
Seven Requirements for Hybrid Web Delivery Getting the best of both on-premises and SaaS Traditionally, IT risk management has balanced security investment and the impact of the threat, allowing each business
More informationAUDIT REPORT. Cybersecurity Controls Over a Major National Nuclear Security Administration Information System
U.S. Department of Energy Office of Inspector General Office of Audits and Inspections AUDIT REPORT Cybersecurity Controls Over a Major National Nuclear Security Administration Information System DOE/IG-0938
More informationAsset Discovery with Symantec Control Compliance Suite
WHITE PAPER: ASSET DISCOVERY WITH SYMANTEC CONTROL COMPLIANCE............. SUITE........................... Asset Discovery with Symantec Control Compliance Suite Who should read this paper IT Operations
More informationWhiteHat Security White Paper. Evaluating the Total Cost of Ownership for Protecting Web Applications
WhiteHat Security White Paper Evaluating the Total Cost of Ownership for Protecting Web Applications WhiteHat Security October 2013 Introduction Over the past few years, both the sophistication of IT security
More informationWhite Paper: Consensus Audit Guidelines and Symantec RAS
Addressing the Consensus Audit Guidelines (CAG) with the Symantec Risk Automation Suite (RAS) White Paper: Consensus Audit Guidelines and Symantec RAS Addressing the Consensus Audit Guidelines (CAG) with
More informationCORE Security and GLBA
CORE Security and GLBA Addressing the Graham-Leach-Bliley Act with Predictive Security Intelligence Solutions from CORE Security CORE Security +1 617.399-6980 info@coresecurity.com www.coresecurity.com
More informationThe Benefits of an Integrated Approach to Security in the Cloud
The Benefits of an Integrated Approach to Security in the Cloud Judith Hurwitz President and CEO Marcia Kaufman COO and Principal Analyst Daniel Kirsch Senior Analyst Sponsored by IBM Introduction The
More informationTake the Red Pill: Becoming One with Your Computing Environment using Security Intelligence
Take the Red Pill: Becoming One with Your Computing Environment using Security Intelligence Chris Poulin Security Strategist, IBM Reboot Privacy & Security Conference 2013 1 2012 IBM Corporation Securing
More informationConvergence of Desktop Security and Management: System Center 2012 Endpoint Protection and System Center 2012 Configuration Manager
Convergence of Desktop Security and Management: System Center 2012 Endpoint Protection and System Center 2012 Configuration Manager Contents INTRODUCTION: UNDERSTANDING HOW ALIGNING DESKTOP SECURITY AND
More informationBypassing CAPTCHAs by Impersonating CAPTCHA Providers
White Paper Bypassing CAPTCHAs by Impersonating CAPTCHA Providers Gursev Singh Kalra, Principal Consultant McAfee Foundstone Professional Services Table of Contents Inside a CAPTCHA Provider Integration
More informationNETWORK PENETRATION TESTING
Tim West Consulting 6807 Wicklow St. Arlington, TX 76002 817-228-3420 Twest@timwestconsulting.com OVERVIEW Tim West Consulting Tim West Consulting is a full service IT security and support firm that specializes
More informationSecurity solutions White paper. Acquire a global view of your organization s security state: the importance of security assessments.
Security solutions White paper Acquire a global view of your organization s security state: the importance of security assessments. April 2007 2 Contents 2 Overview 3 Why conduct security assessments?
More informationAUDIT REPORT. The Energy Information Administration s Information Technology Program
U.S. Department of Energy Office of Inspector General Office of Audits and Inspections AUDIT REPORT The Energy Information Administration s Information Technology Program DOE-OIG-16-04 November 2015 Department
More informationSecurity. Security consulting and Integration: Definition and Deliverables. Introduction
Security Security Introduction Businesses today need to defend themselves against an evolving set of threats, from malicious software to other vulnerabilities introduced by newly converged voice and data
More informationProactive Enterprise Risk Management
Proactive Enterprise Risk Management Xacta Corporation! Hurwitz Report Proactive Enterprise Risk Management Xacta Corporation iii Executive Summary Without a reliable mechanism for frequently assessing
More informationEmail Encryption Made Simple
White Paper For organizations large or small Table of Contents Who Is Reading Your Email? 3 The Three Options Explained 3 Organization-to-organization encryption 3 Secure portal or organization-to-user
More informationProactive Security through Effective Management
Proactive Security through Effective Management COMPANY Overview There are fundamental flaws in the way enterprises manage their network security infrastructures. We created FireMon, an enterprise security
More informationNorth American Electric Reliability Corporation (NERC) Cyber Security Standard
North American Electric Reliability Corporation (NERC) Cyber Security Standard Symantec Managed Security Services Support for CIP Compliance Overviewview The North American Electric Reliability Corporation
More information