Application Security

This report outlines five trends that enterprises are architecting to better equip their DR solutions today including: secondary site configuration and separation, cloud recovery, tiers of applications and causes of disasters.

This online eBook provides insight and advice on how to build an effective disaster recovery strategy in the evolving world of virtual infrastructures, while mitigating the impact of so-called 'Black Swan' events in the datacenter. Practical, how-to best practices, real customer success testimonials and links to additional resources.

In the inaugural 2011 Magic Quadrant report, Gartner Inc. provides insights into the Identity and Access Governance (IAG) market.

This viewpoints paper examines what's wrong with legacy provisioning and how a more strategic approach is needed.

Assess your priorities and evaluate available identity management technology offerings with this 68-page workbook.

See how Sallie Mae re-architected its IT compliance processes by employing SailPoint IdentityIQ.

Aviva, the sixth largest insurance provider in the world, rolled out a fully-operational identity governance solution in less than six months with SailPoint.

Learn how to build a sustainable approach to compliance and improving efficiency.

Read this white paper from IBM to learn about applying predictive analytics to claims management, including the typical ROI achieved, how embedded analytics improves decision making, and technology components of a predictive analytics solution.

Read this paper to learn how to combine powerful analytical techniques with your existing fraud detection and prevention efforts and deploy results to the people who can use the information to eradicate fraud and recoup money.

The web is the number one source for malware distribution today. While many organizations have replaced first-generation URL filters with secure web gateways, even these advanced solutions do not provide web protection everywhere. This paper identifies today's most critical web threats and provides checklists for you to identify and evaluate the security capabilities you need for the best web protection.

This on-demand webinar outlines the steps to building a business case for your identity management program.

Learn how you can quickly improve the operational efficiency and accuracy of your certification process.

Ian Glazer, Gartner Research Director, joins SailPoint to reveal today's access request challenges. Listen and learn how governance-based identity management can help.

This document is an excerpt of the Verisign iDefense 2012 Cyber Threats and Trends report. The full report is sent to Verisign iDefense customers annually, providing a valuable overview of key cyber security trends during 2011 and how those trends and others might unfold in 2012. iDefense intends for this report to serve as a reference and a strategic complement to daily tactical intelligence reports for the purpose of providing IT security and business operations with actionable and relevant decision support. This report uses iDefense intelligence-collection research and analysis, and research using both primary and secondary sources.

There's a difference between cyber attacks and cyber espionage. The purpose of cyber crimes, designed to obtain credit card, bank data or intellectual property, is financial gain. Cyber espionage, meanwhile, is performed for political purposes and is calculated to disable critical infrastructure. Though evidence is at best circumstantial, major powers like China, the United States and Russia are all said to active in the cyber spying arena. While security appliances and services are available to thwart intrusions, there remains the human element, a disgruntled insider hurt by the financial downturn, tempted by easy gain to transfer enterprise data to gray market operators who could be anywhere in the world. It's all about managing risk, experts say, and a layered approach to security - one that includes both perimeter and internal defenses - is necessary, whether for a company or a country.

In this technical white paper from IBM, learn how predictive analytics can be used to detect internal and external threats to your organization. You will learn how techniques including cluster analysis, anomly detection, time series analysis, social network analysis, predictive models and scoring can be used to detect suspicious activity in real-time so your orgnization can take action to minimize risk and increase positive outcomes. As a final step, you will learn how automating model creation and scoring to ensure recent data points and observations are included in your analysis will further lessen the likelihood and impact of security event.

With organizations facing a multitude of threats - from the economy and financial risk to data security and insider fraud - that are increasing in number and severity, it's no suprise threat and risk mitigation a top priority for business. The best defense is a systematic approach to reducing exposure and minimizing negative impact. You must be diligent about managing the threats you are aware of as well as the threats you have yet to identify. This paper from IBM describes how to build a proactive threat and risk strategy based on predictive analytics; examples of how organizations used predictive analytics to minimize the negative impact of risk and maximize positive results; and steps to advance your organization's use of predictive analytics to combat threat and risk.

To create a satisfactory end user experience, enterprises must ensure that DNS Resolution is fast and reliable. Learn more about how using a hybrid routing solution can greatly maximize performance while minimizing latency-and address your business's specific needs along the way.

Throughout the world, organizations are realizing that advanced intelligence capabilities consistently deliver substantial cost savings - with proactive insights on true threats, the intelligence to avoid false alarms, and the system and application availability required to preserve revenues and customer loyalty. While the benefits are clear, achieving them requires organizations to establish a formal cyber intelligence capability. This paper describes a proven, repeatable process with clearly established steps for setting up an in-house cyber security intelligence operation. It has been written to convey the fundamentals of intelligence operations, and will be most helpful to organizations still in the planning or initial stages of establishing an intelligence capability. Its content should also prove enlightening to organizations that find themselves struggling with the development and evolution of an existing intelligence capability.

This paper describes four critical elements of cyber-security intelligence and how you can improve the safety and profitability of your enterprise. Learn the true risks of unfiltered and unsubstantiated intelligence, and questions to ask to determine the best approach for overall risk mitigation.

Although distributed denial of service (DDoS) attacks have become a mainstay of hackers' arsenals, their profile has changed considerably in the past year or so, making them an even greater threat to companies that conduct business online or have significant investments in their online brand and reputation. DDoS attacks are larger, stealthier, more targeted, and more sophisticated than ever. In this whitepaper, Verisign has identified a set of best practices that enables organizations to keep pace with DDoS attacks while minimizing impact on business operations.

All organizations with an online presence or dependence on Internet-based systems need to fortify their defenses against distributed denial of service (DDoS) attacks. These attacks-which can disrupt online services and applications-are a major operational security problem facing enterprises today. DDoS can cost an organization in tangible losses and in more subtle ways-whether it has been attacked or whether it is just dedicating resources to defend against an attack. The whitepaper provides a deeper perspective on the cost benefits of a dedicated, cloud-based DDoS service over either an in-house hardware solution or over provisioning through your ISP.

WikiLeaks and Stuxnet have illustrated a few fundamental IT Security issues that have underscored the need for Total Security Intelligence to counter advanced threats and to detect anomalous behavior. See how government and commercial organizations are using QRadar as an integral component of their IT Security programs to identify emerging threats based on context and situational awareness.

An active DNS management strategy is increasingly important to enterprises due to the addressing and security complexities inherent in recent industry trends, most notably the transition to cloud computing and the adoption of IPv6. In this report, Yankee Group Research outlines the pros and cons of in-house, ISP and managed service provider DNS management options.