This document discusses how advanced network forensics can help security teams investigate cyber attacks more effectively. It describes how IBM's QRadar Incident Forensics solution allows organizations to (1) retrace an attacker's steps through raw packet data reconstruction, (2) speed up investigations by indexing network activity into searchable information, and (3) give security teams better visibility into security incidents through a simplified search interface.
IT Executive Guide to Security IntelligencethinkASG
Transitioning from log management and SIEM to comprehensive security intelligence.
This white paper discusses the increasing need for organizations to maintain comprehensive and cost-effective information security, and describes the integrated set of solutions provided by the IBM QRadar Security Intelligence Platform designed to help achieve total security intelligence.
Intelligence Driven Threat Detection and ResponseEMC
This white paper examines how an intelligence-driven approach to threat detection and response can help organizations achieve predictably high standards of security despite today’s rapidly escalating and unpredictable threat environment.
Addressing the EU GDPR & New York Cybersecurity Requirements: 3 Keys to SuccessSirius
The EU Global Data Protection Regulation (GDPR) and New York State Cybersecurity Requirements for Financial Services Companies (23 NYCRR 500) represent a landmark change in the global data protection space. While they originate in different countries and apply to different organizations, their primary message is the same:
Protect your data, or pay a steep price. More specifically, protect the sensitive data you collect from customers.
With deadlines looming, is your organization ready?
The time to act is now. Read more to learn:
--Key mandates and minimum requirements for compliance
--Why a comprehensive data-centric security strategy is invaluable to all data protection and data privacy efforts
--How you can gauge your organization’s incident response capabilities
--How to extend your focus beyond the organization’s figurative four walls to ensure requirements are met throughout your supply chain
The first New York requirements deadline has arrived. With the next deadline of mandates only 6 months away, you don't want to fall behind and leave your organization at risk for potential penalties and fines.
This paper discusses the question of optimizing security decisions in an organization, based on the information provided by the technical security infrastructure.
IT Executive Guide to Security IntelligencethinkASG
Transitioning from log management and SIEM to comprehensive security intelligence.
This white paper discusses the increasing need for organizations to maintain comprehensive and cost-effective information security, and describes the integrated set of solutions provided by the IBM QRadar Security Intelligence Platform designed to help achieve total security intelligence.
Intelligence Driven Threat Detection and ResponseEMC
This white paper examines how an intelligence-driven approach to threat detection and response can help organizations achieve predictably high standards of security despite today’s rapidly escalating and unpredictable threat environment.
Addressing the EU GDPR & New York Cybersecurity Requirements: 3 Keys to SuccessSirius
The EU Global Data Protection Regulation (GDPR) and New York State Cybersecurity Requirements for Financial Services Companies (23 NYCRR 500) represent a landmark change in the global data protection space. While they originate in different countries and apply to different organizations, their primary message is the same:
Protect your data, or pay a steep price. More specifically, protect the sensitive data you collect from customers.
With deadlines looming, is your organization ready?
The time to act is now. Read more to learn:
--Key mandates and minimum requirements for compliance
--Why a comprehensive data-centric security strategy is invaluable to all data protection and data privacy efforts
--How you can gauge your organization’s incident response capabilities
--How to extend your focus beyond the organization’s figurative four walls to ensure requirements are met throughout your supply chain
The first New York requirements deadline has arrived. With the next deadline of mandates only 6 months away, you don't want to fall behind and leave your organization at risk for potential penalties and fines.
This paper discusses the question of optimizing security decisions in an organization, based on the information provided by the technical security infrastructure.
Certified Ethical Hacker is a qualification obtained in assessing the security of computer systems, using penetration testing techniques. The code for the CEH exam is 312-50, the certification is in Version 9 as of late 2015.
A brief run-through of the economics of controls, threats and how attackers and defenders think. Following an introduction to the current and next generation security analytics.
M-Trends® 2013: Attack the Security GapFireEye, Inc.
Mandiant’s annual threat report reveals evolving trends, case studies and best practices gained from Mandiant observations to targeted attacks in the last year. The report, compiled from hundreds of Mandiant advanced threat investigations, also includes approaches that organizations can take to improve the way they detect, respond to, and contain complex breaches. For the latest M-Trends report, https://www.fireeye.com/mtrends.
With malware attacks growing more sophisticated, swift, and dangerous by the day — and billions of dollars spent to combat them — surprisingly few organizations have a grip on the problem. Only 20 percent of security professionals surveyed by Information Security Media Group (ISMG) rated their incident response program “very effective.” Nearly two-thirds struggle to detect APTs, limiting their ability to defend today’s most pernicious threats. In addition, more than 60 percent struggle with the speed of detection, and more than 40 percent struggle with the accuracy of detection. Those shortcomings give attackers more time to steal data and embed their malware deeper into targeted systems. For the latest threat intelligence reports, visit https://www.fireeye.com/current-threats/threat-intelligence-reports.html.
Are existing compliance requirements sufficient to prevent data breaches? This session will provide a technical assessment of the 2019 Capital One data breach, illustrating the technical modus operandi of the attack and identify related compliance requirements based on the NIST Cybersecurity Framework. Attendees will learn the unexpected impact of corporate culture on overall cyber security posture.
This talk was presented at RSA Conference 2021 (Session RMG-T15) on May 18, 2021.
Original paper available for download at SSRN: Novaes Neto, Nelson and Madnick, Stuart E. and Moraes G. de Paula, Anchises and Malara Borges, Natasha, A Case Study of the Capital One Data Breach (28/04/2020). https://ssrn.com/abstract=3570138
Security Incident and Event Management (SIEM) - Managed and Hosted Solutions ...Sirius
SIEM technology has been around for years and continues to enjoy broad market adoption. Companies continue to rely on SIEM capabilities to handle proactive security monitoring, detection and response, and regulatory compliance. However, with today’s staggering volume of cyber-security threats and the number of security devices, network infrastructures and system logs, IT security staff can become quickly overwhelmed.
Gartner projects that by 2020:
-- 50% of new SIEM implementations will be delivered via SIEM as a service.
-- 60% of all advanced security analytics will be delivered from the cloud as part of SIEM-as-a-service offerings.
How to Improve Threat Detection & Simplify Security OperationsIBM Security
Over 74% of global enterprise security professionals rate improving security monitoring as a top priority. Monitoring must be done efficiently within a security operations center (SOC) to combat increased threats and a limited supply of trained security analysts.
While the vendor landscape for security solutions is rapidly evolving, many early point solutions and first generation SIEMs are not keeping pace with the changing needs of security operations. A new class of platforms has emerged that combine advanced analytics and flexible deployment options. Join this exclusive webinar featuring Forrester Research to learn:
Characteristics of modern security platforms that have evolved from point solutions and basic SIEMs
Criteria to consider when evaluating vendors and solutions
The advantages of an integrated security platform that incorporates cognitive capabilities and augmented intelligence
Alien vault sans cyber threat intelligenceAlienVault
Over the last several years, we have seen that attackers are innovating much faster than defenders are. This trend is steering many companies to look towards cyber threat intelligence (CTI) to help them navigate today’s threatening landscape. SANS conducted a survey this year to explore who is using cyber threat intelligence and how they are using it. The survey collected responses from 326 IT professionals working in a variety of industries, in all sizes and from many different regions. 69% of the respondents reported implementing CTI to some extent, with only 16% planning not to pursue CTI in their environments. Which side of this percentage do you fall into? The infographic below provides some of the key questions to ask when getting started with threat intelligence, along with data from the SANS survey to show you how others are using threat intelligence.
The Legal Case for Cyber Risk Management Programs and What They Should IncludeShawn Tuma
Cybersecurity & Data Privacy Attorney Shawn Tuma presented this session to The American Institute of Architects' Large Firm Round Table on March 15, 2018. For more of Shawn Tuma's presentations please visit: https://shawnetuma.com/presentations/
Hexis Cyber Solutions: Rules of Engagement for Cyber Security Automationbarbara bogue
Just like soldiers have literal rules of engagement for warfare, cyber warfare can operate on policy-based methodologies and countermeasures which can empower and improve the efficiency of incident response.
The Legal Case for Cyber Risk Management - InfoSec World Privacy & Risk SummitShawn Tuma
Cybersecurity & Data Privacy Attorney Shawn Tuma delivered this presentation at Misti's InfoSec World during the Privacy & Risk Summit on March 22, 2018, in Orlando, Florida.
Certified Ethical Hacker is a qualification obtained in assessing the security of computer systems, using penetration testing techniques. The code for the CEH exam is 312-50, the certification is in Version 9 as of late 2015.
A brief run-through of the economics of controls, threats and how attackers and defenders think. Following an introduction to the current and next generation security analytics.
M-Trends® 2013: Attack the Security GapFireEye, Inc.
Mandiant’s annual threat report reveals evolving trends, case studies and best practices gained from Mandiant observations to targeted attacks in the last year. The report, compiled from hundreds of Mandiant advanced threat investigations, also includes approaches that organizations can take to improve the way they detect, respond to, and contain complex breaches. For the latest M-Trends report, https://www.fireeye.com/mtrends.
With malware attacks growing more sophisticated, swift, and dangerous by the day — and billions of dollars spent to combat them — surprisingly few organizations have a grip on the problem. Only 20 percent of security professionals surveyed by Information Security Media Group (ISMG) rated their incident response program “very effective.” Nearly two-thirds struggle to detect APTs, limiting their ability to defend today’s most pernicious threats. In addition, more than 60 percent struggle with the speed of detection, and more than 40 percent struggle with the accuracy of detection. Those shortcomings give attackers more time to steal data and embed their malware deeper into targeted systems. For the latest threat intelligence reports, visit https://www.fireeye.com/current-threats/threat-intelligence-reports.html.
Are existing compliance requirements sufficient to prevent data breaches? This session will provide a technical assessment of the 2019 Capital One data breach, illustrating the technical modus operandi of the attack and identify related compliance requirements based on the NIST Cybersecurity Framework. Attendees will learn the unexpected impact of corporate culture on overall cyber security posture.
This talk was presented at RSA Conference 2021 (Session RMG-T15) on May 18, 2021.
Original paper available for download at SSRN: Novaes Neto, Nelson and Madnick, Stuart E. and Moraes G. de Paula, Anchises and Malara Borges, Natasha, A Case Study of the Capital One Data Breach (28/04/2020). https://ssrn.com/abstract=3570138
Security Incident and Event Management (SIEM) - Managed and Hosted Solutions ...Sirius
SIEM technology has been around for years and continues to enjoy broad market adoption. Companies continue to rely on SIEM capabilities to handle proactive security monitoring, detection and response, and regulatory compliance. However, with today’s staggering volume of cyber-security threats and the number of security devices, network infrastructures and system logs, IT security staff can become quickly overwhelmed.
Gartner projects that by 2020:
-- 50% of new SIEM implementations will be delivered via SIEM as a service.
-- 60% of all advanced security analytics will be delivered from the cloud as part of SIEM-as-a-service offerings.
How to Improve Threat Detection & Simplify Security OperationsIBM Security
Over 74% of global enterprise security professionals rate improving security monitoring as a top priority. Monitoring must be done efficiently within a security operations center (SOC) to combat increased threats and a limited supply of trained security analysts.
While the vendor landscape for security solutions is rapidly evolving, many early point solutions and first generation SIEMs are not keeping pace with the changing needs of security operations. A new class of platforms has emerged that combine advanced analytics and flexible deployment options. Join this exclusive webinar featuring Forrester Research to learn:
Characteristics of modern security platforms that have evolved from point solutions and basic SIEMs
Criteria to consider when evaluating vendors and solutions
The advantages of an integrated security platform that incorporates cognitive capabilities and augmented intelligence
Alien vault sans cyber threat intelligenceAlienVault
Over the last several years, we have seen that attackers are innovating much faster than defenders are. This trend is steering many companies to look towards cyber threat intelligence (CTI) to help them navigate today’s threatening landscape. SANS conducted a survey this year to explore who is using cyber threat intelligence and how they are using it. The survey collected responses from 326 IT professionals working in a variety of industries, in all sizes and from many different regions. 69% of the respondents reported implementing CTI to some extent, with only 16% planning not to pursue CTI in their environments. Which side of this percentage do you fall into? The infographic below provides some of the key questions to ask when getting started with threat intelligence, along with data from the SANS survey to show you how others are using threat intelligence.
The Legal Case for Cyber Risk Management Programs and What They Should IncludeShawn Tuma
Cybersecurity & Data Privacy Attorney Shawn Tuma presented this session to The American Institute of Architects' Large Firm Round Table on March 15, 2018. For more of Shawn Tuma's presentations please visit: https://shawnetuma.com/presentations/
Hexis Cyber Solutions: Rules of Engagement for Cyber Security Automationbarbara bogue
Just like soldiers have literal rules of engagement for warfare, cyber warfare can operate on policy-based methodologies and countermeasures which can empower and improve the efficiency of incident response.
The Legal Case for Cyber Risk Management - InfoSec World Privacy & Risk SummitShawn Tuma
Cybersecurity & Data Privacy Attorney Shawn Tuma delivered this presentation at Misti's InfoSec World during the Privacy & Risk Summit on March 22, 2018, in Orlando, Florida.
Information Securityfind an article online discussing defense-in-d.pdfforladies
Information Security
find an article online discussing defense-in-depth. List your source and provide a paragraph
summary of what the article stated.
Solution
Abstract
The exponential growth of the Internet interconnections has led to a significant growth of cyber
attack incidents often with disastrous and grievous consequences. Malware is the primary choice
of weapon to carry out malicious intents in the cyberspace, either by exploitation into existing
vulnerabilities or utilization of unique characteristics of emerging technologies. The
development of more innovative and effective malware defense mechanisms has been regarded
as an urgent requirement in the cybersecurity community. To assist in achieving this goal, we
first present an overview of the most exploited vulnerabilities in existing hardware, software, and
network layers. This is followed by critiques of existing state-of-the-art mitigation techniques as
why they do or don\'t work. We then discuss new attack patterns in emerging technologies such
as social media, cloud computing, smartphone technology, and critical infrastructure. Finally, we
describe our speculative observations on future research directions.
A multi-layered approach to cyber security utilising machine learning and advanced analytics is
essential to defend against sophisticated multi-stage attacks including:
Insider Threats | Advanced Human Attacks | Supply Chain Infection | Ransomware |
Compromised User Accounts | Data Loss
Prepare for a cyber security incident or attack and how to adequately manage the aftermath with
an organised approach to Incident Response – coordinating resources, people, information,
technology and complying with regulations.
INSIDER THREATS
Insider threat can originate from employees, contractors, third party services or anyone with
access rights to your network, corporate data or business premises.
The challenge is to identify attacks and understand how they develop in real-time by analysing
and correlating the subtle signs of compromise that an insider makes when they infiltrate the
network.
Traditional security measures are no longer sufficient to combat insider threat. A more
sophisticated, intelligence-based approach is required. Cyberseer uses machine-learning
technology to form a behavioural baseline for every user to determine normal activity and spot
new, previously unidentified threat behaviours. The move to a more proactive approach towards
security will enable companies to take action to thwart developing situations escalating into
exfiltrated information or damaging incidents.
ADVANCED HUMAN ATTACKS
Advanced threats use a set of stealthy and continuous processes to target an organisation, which
is often orchestrated for business or political motives by individuals (or groups). The “advanced”
process signifies sophisticated techniques using malware to exploit vulnerabilities in
organisations systems. They are considered persistent because an external command and control
system .
In this presentation we will look at the cause and effect of the problem, analyze preparedness and learn how you can better prepare, detect, respond and recover from cyber-attacks.
Network security is a dynamic art, with dangers appearing as fast as black hats can exploit vulnerabilities. While there are basic “golden rules” which can make life difficult for the bad guys, it remains a challenge to keep networks secure. John Chambers, Executive Chairman of Cisco, famously said “there are two types of companies: those that have been hacked, and those who don’t know they have been hacked”. The question for most organizations isn’t if they’re going to be breached, but how quickly they can isolate and mitigate the threat. In this paper, we’ll examine best practices for effective cybersecurity – from both a proactive (access hardening) and reactive (threat isolation and mitigation) perspective. We’ll address how network automation can help minimize cyberattacks by closing vulnerability gaps and how it can improve incident response times in the event of a cyberthreat. Finally, we’ll lay a vision for continuous network security, to explore how machine-to-machine automation may deliver an auto-securing and self-healing network.
Go to www.esgjrconsultinginc.com
Toward Continuous Cybersecurity With Network AutomationKen Flott
Network security is a dynamic art, with dangers appearing as
fast as black hats can exploit vulnerabilities. While there are
basic “golden rules” which can make life difficult for the bad
guys, it remains a challenge to keep networks secure. John
Chambers, Executive Chairman of Cisco, famously said “there
are two types of companies: those that have been hacked, and
those who don’t know they have been hacked”. The question
for most organizations isn’t if they’re going to be breached, but
how quickly they can isolate and mitigate the threat.
In this paper, we’ll examine best practices for effective
cybersecurity – from both a proactive (access hardening)
and reactive (threat isolation and mitigation) perspective.
We’ll address how network automation can help minimize
cyberattacks by closing vulnerability gaps and how it can
improve incident response times in the event of a cyberthreat.
Finally, we’ll lay a vision for continuous network security, to
explore how machine-to-machine automation may deliver an
auto-securing and self-healing network.
Cyber-Espionage: Understanding the Advanced Threat LandscapeAaron White
Cutting through the APT hype to help businesses prevent, detect and mitigate advanced threats.
Sophisticated cyber-espionage operations aimed at pilfering
trade secrets and other sensitive data from corporate networks currently present the biggest threat to businesses. Advanced threat actors ranging from nation-state adversaries to organized cyber-crime gangs are using zero-day exploits, customized malware toolkits and clever social engineering tricks to break into corporate networks, avoid detection,
and steal valuable information over an extended period
of time.
In this presentation, we will cut through some of the hype
surrounding Advanced Persistent Threats (APTs), explain the
intricacies of these attacks and present recommendations to
help you improve your security posture through prevention,
detection and mitigation.
Incident Response: Don't Mess It Up, Here's How To Get It RightResilient Systems
According to Gartner "75% of CISOs who experience publicly disclosed security breaches and lack documented, tested response plans will be fired." According to Forrester, "You can't afford ineffective incident response." Despite these stakes, the incident response capability at most organizations is immature.
Based on an anonymized breach scenario, this webinar will define a framework for the broader incident response (IR) process. By highlighting IR components that were handled well, and a few that weren't, attendees will gain practical experience to help them better prepare for the inevitable.
Our featured speakers for this webinar will be:
- Jim Goddard, Managing Principal, Security Intelligence and Operations Consulting, HP Enterprise Security
- Ted Julian, Chief Marketing Officer, Co3 Systems. Serial security and compliance entrepreneur.
Risk management is one of the main concepts that have been used by most of the organisations to protect their assets and data. One such example would be INSURANCE. Most of the insurance like Life, Health, and Auto etc have been formulated to help people protect their assets against losses. Risk management has also extended its roots to physical devices, such as locks and doors to protect homes and automobiles, password protected vaults to protect money and jewels, police, fire, security to protect against other physical risks. Dr. C. Umarani | Shriniketh D "Risk Management" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-5 | Issue-1 , December 2020, URL: https://www.ijtsrd.com/papers/ijtsrd37916.pdf Paper URL : https://www.ijtsrd.com/computer-science/computer-security/37916/risk-management/dr-c-umarani
Get The Information Here For Mobile Phone Investigation ToolsParaben Corporation
Mobile phone investigation tools are essential for uncovering crucial evidence stored within smartphones. These sophisticated software solutions meticulously analyze call logs, text messages, GPS data, and app usage, aiding law enforcement and corporate investigators alike in solving crimes and identifying security breaches. With their advanced capabilities, they ensure thorough scrutiny and effective resolution, contributing significantly to justice and security in the digital age.
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
"Impact of front-end architecture on development cost", Viktor TurskyiFwdays
I have heard many times that architecture is not important for the front-end. Also, many times I have seen how developers implement features on the front-end just following the standard rules for a framework and think that this is enough to successfully launch the project, and then the project fails. How to prevent this and what approach to choose? I have launched dozens of complex projects and during the talk we will analyze which approaches have worked for me and which have not.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Search and Society: Reimagining Information Access for Radical FuturesBhaskar Mitra
The field of Information retrieval (IR) is currently undergoing a transformative shift, at least partly due to the emerging applications of generative AI to information access. In this talk, we will deliberate on the sociotechnical implications of generative AI for information access. We will argue that there is both a critical necessity and an exciting opportunity for the IR community to re-center our research agendas on societal needs while dismantling the artificial separation between the work on fairness, accountability, transparency, and ethics in IR and the rest of IR research. Instead of adopting a reactionary strategy of trying to mitigate potential social harms from emerging technologies, the community should aim to proactively set the research agenda for the kinds of systems we should build inspired by diverse explicitly stated sociotechnical imaginaries. The sociotechnical imaginaries that underpin the design and development of information access technologies needs to be explicitly articulated, and we need to develop theories of change in context of these diverse perspectives. Our guiding future imaginaries must be informed by other academic fields, such as democratic theory and critical theory, and should be co-developed with social science scholars, legal scholars, civil rights and social justice activists, and artists, among others.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring.
Learn about:
• The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks.
• Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective.
• Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification.
• Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process.
Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.
PHP Frameworks: I want to break free (IPC Berlin 2024)Ralf Eggert
In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development.
This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
Neuro-symbolic is not enough, we need neuro-*semantic*
What's behind a cyber attack
1. IBM Software
Thought Leadership White Paper
April 2014
What’s behind a cyber attack?
Gaining insight and clarity into the what, when and how of an
enterprise security incident
2. 2 What’s behind a cyber attack?
Contents
2 Introduction
3 Attackers have an advantage—but they leave a
retraceable trail
4 Advanced forensics can increase the enterprise
advantage
4 Advanced forensics can enable a comprehensive
security approach
5 Creating searchable information with QRadar Security
Intelligence Platform
6 Investigations can be more comprehensive and
productive
7 Security investigations can be faster and easier
8 How security teams view information is important
to success
9 Building intelligence can help in navigating investigations
11 Conclusion
11 For more information
11 About IBM Security solutions
Introduction
Breaches happen. In today’s high-value, high-stakes enterprise
environments, many organizations rightly assume not only that
their data and computing systems will be attacked, but that a
certain number of attacks will succeed. One study found, in fact,
that 97 percent of organizations have experienced malware
attacks.1
But recognizing the problem is only the first step—because the
corollary to the assumption that future attacks are coming is the
recognition that past attacks have already gained entry. So now
what do you do? How do you learn the what, when and how of
a security incident—and what its potential damage could be?
The answers to these questions are critical to remediating
damage and improving defense.
When investigating a breach, organizations need better visibility
and clarity into network activity. And they need it fast. A recent
study by Verizon Communications found that in 66 percent of
cases, discovering a breach took months,2 during which time
organizations faced potential damage to business operations,
private data, intellectual property and brand image.
The challenge to avoiding damage stems from the complexity of
using existing solutions for security-related data collection and
breach investigation. With conventional solutions, gaining the
necessary information and insight has been time consuming
and difficult—if not impossible. Meanwhile, attackers employ
increasingly sophisticated techniques and find surprising ease
of success. Despite enterprise defenses, the Verizon study
described 78 percent of initial intrusions as “low difficulty.”2
This white paper will examine the shortcomings of conventional
breach investigation approaches and present IBM® Security
QRadar® Incident Forensics, a fast, simple and comprehensive
solution designed to help organizations defend against advanced
persistent and internal threats, including fraud and abuse.
3. 3IBM Software
Using QRadar Incident Forensics, organizations can reassemble
raw packet traffic data back into its original form for simplified
analysis, and retrace the step-by-step actions of a potential
attacker to help discover and remediate security incidents
and reduce the chances of data exfiltration or recurrence of
past breaches.
Attackers have an advantage—but they
leave a retraceable trail
Theories of warfare call it an “asymmetrical advantage”—when
the power, strategies or tactics of one army differ significantly
from the other’s. It’s an appropriate term for the state of enter-
prise security today. Enterprises and cyber attackers are at war.
And they are operating with vastly different requirements,
expertise and motivations in mind.
The typical enterprise infrastructure contains thousands of
devices and applications, an untold number of increasingly com-
plex connections, and an undetermined number of unprotected
vulnerabilities. To be successful, the external attacker or rogue
insider needs to exploit only one weakness. The enterprise must
address them all—and if the protection measures don’t work, it
must find, track and remediate exploits that could be anywhere.
As a result, enterprises face an enormous task. The tracking
database maintained by IBM X-Force® research and develop-
ment, which has collected data on 78,000 publicly disclosed
security vulnerabilities, added 8,330 new vulnerabilities in
2013 alone.3 In the one-year period ending March 2013, mal-
ware aimed at mobile platforms became a new attack vector that
grew 614 percent, nearly 450 percent faster than a year earlier.4
On the side of the defenders, every action on the network—
whether from inside or outside the organization, authorized or
unauthorized—can be captured and analyzed as part of a security
incident. Following these digital impressions can potentially
reveal vulnerabilities, the actions an attacker takes to exploit
them and the source of the attack. Many organizations have
deployed traditional solutions, such as log management and
security information and event management (SIEM) applica-
tions, that give them the basic capabilities for gathering log
source events and netflow data, but lack full packet captures
(PCAPs), which provide richer network context.
Yet SIEM applications yield mountains of data not only from
attackers but also from legitimate users—and most organizations
have neither the time nor the resources to sift through it all to
find specific strings of incriminating characters.
Conventional forensics solutions can be challenging to use
• Analysts must be skilled in network security investigations.
• Adding point security solutions with minimal integration
typically increases complexity and cost.
• Determining where and how to begin an investigation can
lead to lost productivity.
• Complex queries directed at packet capture repositories
can be time-intensive, consume processing and storage
resources, and fail to reveal the relationships necessary
for remediation.
4. 4 What’s behind a cyber attack?
Advanced forensics can increase the
enterprise advantage
In an enterprise attack, intrusions and defense are not the only
asymmetrical elements. Events in the attack timeline typically
weigh in favor of the attacker as well. Verizon has found that
nearly 85 percent of such events take place in seconds, minutes
or hours—with 68 percent of exfiltration occurring in the same
period. Yet 62 percent of discovery occurs only after months have
passed. And 77 percent of the remediation effort—including
patching, configuration changes and intrusion blocking—
requires days, weeks or months, all of it occurring after the
initial discovery.2
Clearly, greater speed is a necessity in responding to a cyber
attack. It can be critical to know immediately how widespread
any related breach becomes. Discovering which devices or
applications are affected and constructing an event timeline can
tell administrators exactly where and when to apply their reme-
diation efforts. For example: if physical devices were compro-
mised by a person on site, locating the devices and tracking
breach events can point investigators to security cameras that
could identify the suspect.
These defense operations are complex, however, and cannot
be undertaken manually. Instead, organizations need compre-
hensive, automated tools for converting their network packet
captures into indexed, searchable information. Security teams
can then use this information to rapidly determine threats and
their characteristics, distinguish true attacks from false positives,
and formulate proactive best practices for future actions based
on a clearer understanding of the attack.
Using an advanced network forensics solution, investigators can
have a fuller view of the trail of events in an attack, with identify-
ing components such as IP and MAC addresses, application
protocols, webhosts, user queries and SSL certificates. They can
identify stolen data, such as Social Security or credit card num-
bers. And they can gather information that can help identify the
source of the breach—whether an external attacker or an insider
using proper authority for malicious purposes.
Emerging threats require clarity to detect and resolve
An advanced network forensics solution can give security
analysts clarity of content, relationships and event sequence
to resolve incidents. For example:
• Network security—A retailer needed to detect unauthorized
duplication of customer payment data from point-of-sale
(POS) systems to compromised internal systems.
• Fraud and abuse—A financial firm needed to uncover a
sophisticated money-laundering scheme involving multiple
seemingly unconnected interactions.
• Insider threat—A manufacturing firm needed to find the
perpetrator, identify collaborators, and pinpoint the systems
and data involved in stolen intellectual property.
• Evidence gathering—A security research firm needed to
compile evidence against a malicious entity involved in
breaching a secure system and stealing data.
Advanced forensics can enable a
comprehensive security approach
In an effort to stop attacks and breaches, as well as comply with
government and industry security regulations, many organiza-
tions have deployed network forensics solutions. In many cases,
however, the security solutions they choose are point products
that provide insights and responses that are dependent upon the
skills of technically trained analysts.
5. 5IBM Software
Such an approach treats network forensics as a job for simple
PCAP searches. But the serial deployments that result—layering
one point solution on top of another as new capabilities become
necessary—can obscure the organization’s true network security
posture with unnecessary complexity. A better approach is to
deploy a comprehensive forensics solution that can investigate
not only PCAP data in motion, but also documents, databases
and other data at rest.
Using the advanced, comprehensive network forensics solution
from IBM, QRadar Incident Forensics, investigators can not
only gather network information, they can also proactively
search for possible breaches based on alerts issued by the
X-Force threat intelligence feed. They can find network rela-
tionships and help identify incident sources. Then, using security
incident-related network data and insights to understand why
certain attacks succeeded, they can more effectively eradicate
malicious activities associated with a breach. Administrators can
facilitate the production of evidence to support legal actions or
fulfill compliance audits.
Ultimately, the IT security team can use information and
insights from QRadar Incident Forensics to help develop
effective countermeasures and security best practices—updating
perimeter defenses such as firewalls, endpoint patches and
applications, frequently tuning anomaly detection capabilities,
and writing multilevel SIEM correlation rules and proactive
measures that reduce false positives and better identify attacks.
Creating searchable information with
QRadar Security Intelligence Platform
So how does QRadar Incident Forensics work? In a nutshell:
It begins after a security incident when a security analyst defines
a search or a case, retrieving all associated PCAP data, recon-
structing each embedded file, and then creating multiple indexes
using the file contents and metadata. These steps produce
searchable information that security teams can retain for
long-term investigations of the incident.
Creating searchable information with an Internet search engine
Data source
Security devices
Unlimited data collection, storage
and analysis
Rapid reduction in time to resolution
through intuitive forensic workflow
Ability of users to leverage intuition
more than technical training
Support for determining root
cause and preventing recurrences
Automatic asset, service and user
discovery and profiling
Real-time correlation and threat
intelligence
Activity baselining and anomaly
detection
A t ti t i d
Built-in data classification
Out-of-the-box incident detection
Network and virtual activity
Servers and mainframes
Data activity
Configuration information
Application activity
Users and identities
Vulnerabilities and threats
Global threat intelligence
Automated offense
identification
Directed forensics
investigationsU
a
BB
AA
d
A
RR
in
AAA
d
OO
R
AAA
SSS
6. 6 What’s behind a cyber attack?
Based on its core extraction and correlation capabilities, QRadar
Incident Forensics can support the three principal operations of
network security investigations:
Security incident response
Once a security breach is discovered, QRadar Incident
Forensics can enable investigators to follow the attacker’s
step-by-step actions in real time and develop a profile known as
a digital impression—which traces a threat actor’s previous and
current activity. The resulting insights can help the security team
quickly remediate the incident and develop countermeasures
against further damage.
Alert triage
SIEM solutions normally generate a limited number of
suspected security offenses and then correlate them with other
available security data. QRadar Incident Forensics, however,
enables the security team to further investigate each potential
offense to determine whether it is an actual attack or a false
positive result. With conventional forensics solutions, these
investigations can take weeks to resolve, depending upon analyst
skill levels and responses from identified users. But by automati-
cally combining information from the SIEM reports with
historical information from the investigation and resolution of
previous incidents, QRadar Incident Forensics can help dramati-
cally reduce the time required to complete each investigation.
Proactive, defensive data exploration
From time to time, security teams search their network to deter-
mine its security posture. These searches could be based on an
alert received from a threat intelligence organization such as
X-Force or an internal policy of planned security activities. In
any case, a search can be streamlined and made more effective
with the advanced QRadar Incident Forensics solution’s simpli-
fied, search engine-like interface; categorization and filtering
capabilities to reduce the volume of data returned; and pivot
capabilities that enable a variety of search views.
Investigations can be more
comprehensive and productive
QRadar Incident Forensics is designed to help organizations
rapidly and thoroughly investigate malicious network activity by
providing visibility and clarity into network security incidents.
Available either as software or as a hardware appliance with
software built in, the solution integrates seamlessly with
IBM Security QRadar SIEM and IBM QRadar Security
Intelligence Platform, as well as with most available third-party
packet capture formats. The comprehensive approach gives
IT security teams the ability to more easily and productively
conduct investigations; make smarter, faster decisions by
analyzing security data in the network context; and support
effective remediation.
Using a search engine-like interface to handle data within
or flowing through the network, QRadar Incident Forensics
supports both incident-driven and threat intelligence-directed
investigations to provide security teams with the underlying
evidence that retraces digital impressions, categorizes external
content and labels suspect content.
QRadar Incident Forensics indexes everything contained
within the captured network traffic—ranging from documents
to website images, and including the metadata and contents of
both structured and unstructured data—to help reduce the time
required to investigate offenses, in many cases from days to
hours or even minutes. To enhance data intelligence and
insights, the solution enables a powerful data pivoting capability
for discovering and displaying extended relationships for search-
able variables such as IP addresses, MAC addresses, email
addresses, application protocols, SSL certificates and more.
7. 7IBM Software
The result is a richer, big-data view of network data, application
and malicious user relationships than is provided by traditional
network forensic tools that can use only processed PCAPs. With
the help of electronic breadcrumbs, investigators can follow the
path of malware or attackers and retrace the chronological inter-
actions of incident events, helping investigators understand how
to remediate breaches to reverse actions and prevent recur-
rences. Organizations can also document regulatory compliance.
Security investigations can be faster
and easier
Conventional security solutions require extensive training—in
some cases, even the ability to write code—to navigate collected
PCAP data, understand the data’s meaning, and know what to
do with it in order to remediate an attack and prevent future
incursions.
QRadar Incident Forensics, on the other hand, gives virtually
any member of the security team—even junior members without
extensive knowledge of security data—the ability to determine
the full network context of a security incident.
An intuitive, free-form query interface built into QRadar
Incident Forensics means that a search for network security inci-
dents is as easy to formulate as looking for sports memorabilia
using any popular Internet search engine. With the forensics
solution integrated into the single-console management interface
of QRadar Security Intelligence Platform, access to the full
set of forensics capabilities is only a point and click away. And
full network searches, in many cases, take only minutes or hours
due to extensive indexing, rather than the days or weeks required
by other solutions.
In many cases, QRadar Incident Forensics searches can make
investigations faster and more comprehensive—helping identify
data that may have been missed. Once the solution has retrieved
and processed the raw PCAPs into rich document files, its search
Discovery
Investigating security incidents with IBM Security QRadar solutions
IBM Security
QRadar
IBM Security QRadar SIEM discovers an offense.
Administrators can use this data to construct digital
impressions leading them to the incident location.
IT security teams can then assess the credibility of a
true threat and use appropriate means to block the
communication, patch the vulnerabilities, contain critical
data in the event of an incident and remediate malicious
actions to prevent a recurrence.
IBM Security QRadar Incident Forensics reassembles
and indexes the data.
Locate breach
Remediate
and contain
Collect
and process
8. 8 What’s behind a cyber attack?
engine uses network, file and personal metadata indexes to
return fast keyword searches of structured and unstructured data.
It can even search stored network documents. The solution’s
ability to provide information in context helps reveal threat
levels and vulnerabilities. It generates multiple views of data that
show relationships, timelines, and source and threat categories.
And it enables users to refine searches with intelligent filtering
for information such as IP and MAC addresses, application
protocols or email addresses.
How security teams view information is
important to success
Significantly, nothing on the network escapes the view of a
directed QRadar Incident Forensics search case. A simple search
for the word “confidential,” for example, can not only locate all
documents labeled as such, but it can also uncover all events
that involve an externally leaked document, identify paths where
a copy may have been sent, and reveal the individual who initi-
ated those actions. Equally important, the solution can present
information in a number of ways, allowing investigators to create
the view that is best suited for the insights they need.
The interface allows security staff to simply click on metadata to
locate related information. It further enables investigators to
pivot searchable variables and change the metadata field to see
extended and perhaps unsuspected relationships. Beginning
with an email address, for example, an investigator can discover
the associated IP address and Internet login ID, then use the
combined information to achieve clarity on who the attacker
is and the trail of the attacker’s actions on the network.
Via IBM Security QRadar Incident Forensics, security teams can easily visualize relationships between suspect entities using IP addresses, email addresses,
chat IDs and more.
9. 9IBM Software
The visibility and clarity provided by QRadar Incident Forensics
is fundamental to an organization’s efforts to eliminate and
remediate security incidents. With more limited solutions,
attacks can recur and malware can re-infect the infrastructure—
because the security team missed an artifact of the attack.
Anatomy of an attack—and an intelligent response
Arriving at work, the enterprise security team discovers
that its SIEM application found a number of new offenses
overnight. Instead of working their way through the SIEM data
manually, however, the team launches a QRadar Incident
Forensics session with a simple click on the solution’s tab
on the QRadar Security Intelligence Platform console,
which assembles all the relevant packet captures, performs
extensive indexing, and returns detailed, multi-level search
results quickly, in most cases in minutes—if not seconds.
From an extensive array of data, ranging from the IP address
that originated the incident to a mailbox ID and a MAC
address, the solution reveals metadata categories that provide
identifying data for the attacker and the trail of events that the
attack left on the enterprise network. Utilizing elements of the
larger network context, the security team is able to determine
whether the SIEM data reveals an actual attack or whether it is
a false positive for an explainable event mistaken as an attack.
If the event is a false positive, the team knows to tune its
SIEM correlation rules so similar incorrect results are not
returned in the future. If the attack is real, the team can take
immediate actions to remediate the threat and help avoid
future incidents that use the same source or the same
techniques.
Building intelligence can help in
navigating investigations
Attackers and breaches grow smarter and more sophisticated
daily. Organizations, in response, need smart defenses, made
even smarter by the intelligence in their networks.
By finding and reconstructing security incidents on the network
and presenting them in ways that support deeper interpretations,
insight into root causes and support for remediation, QRadar
Incident Forensics builds new intelligence for the defense orga-
nizations need. The solution follows electronic breadcrumbs
left by attackers, identifies code injections or rogue asset addi-
tions, sees device configuration and firewall rule changes—and
more. It achieves these defenses with three principal techniques:
creation of digital impressions, identification of suspect content
and categorization of network content.
Digital impressions
A digital impression is a powerful index of metadata that can
help an organization identify suspected attackers or rogue insid-
ers by following malicious user trails. In building these relation-
ships, QRadar Incident Forensics can draw data from network
sources such as IP addresses, MAC addresses and TCP ports
and protocols. It can find information such as chat IDs, and it
can read information such as author identification from word
processing or spreadsheet applications.
A digital impression can not only help the organization discover
the identity of an entity who attacked the network one time,
but it can also help uncover associations by linking the entity’s
identity to identifying information for other users or entities,
potentially revealing additional attacks.
10. 10 What’s behind a cyber attack?
Content categorization
Categorizing where network traffic comes from and distinguish-
ing between legitimate and malicious sources is key to protecting
against breaches. Security research organizations such as
X-Force maintain databases of URLs that track a location’s
reputation so that organizations can tell whether it might be
the source of an attack it has suffered—or of a potential attack in
the future.
Filtering and labeling data by category—for example, asking
whether an attempt at network access is coming from a trusted
business or a criminal organization—as well as limiting access
based on metadata and correlating relationships between organi-
zations can all play a role in keeping malware and harmful
actions from breaching the network.
IBM Security QRadar solutions are the centerpiece for visibility, clarity and protection
IBM Security Access Manager
IBM Security zSecure
IBM Security
Privileged Identity
Manager
IBM Security Identity Manager
IBM InfoSphere Guardium
Trusteer Apex
IBM Security Network
Protection XGS
IBM Endpoint Manager
IBM Security AppScanIBM Security Directory Server
IBM Security Directory Integrator
User activity
protection IBM QRadar
Security Intelligence
Platform
Data
protection
Advanced fraud
protection
Infrastructure
protection
Application
security
Suspect content
A data breach typically targets specific types of information—
Social Security numbers, credit card numbers, medical IDs or
intellectual property labeled “confidential,” for example.
QRadar Incident Forensics can help recognize those patterns of
information (simply query “confidential” in the search engine)
to quickly reveal theft, malicious damage or other activities that
can harm the organization. The security team can then remedi-
ate the action and put into place measures designed to prevent
its recurrence.
11. 11IBM Software
Conclusion
Today’s sophisticated cyber attacks require a rapid and effective
response based on all available intelligence about the what, when
and how of the attack. The comprehensive and easy-to-use capa-
bilities of IBM Security QRadar Incident Forensics can provide
the visibility and clarity into a network security incident as well
as insight into the extent of breach activities that the security
team needs in order to remediate and prevent recurrences.
Using QRadar Incident Forensics, organizations can also
strengthen their documentation of regulatory compliance.
With insights gained through QRadar Incident Forensics, an IT
security team can be well positioned to craft an action plan that
leverages network intelligence and the organization’s full security
resources for a next-generation approach to security incident
forensics that supports network security, insider threat analysis—
including fraud and abuse—and the documentation of incident-
related evidence.
For more information
To learn more about IBM Security QRadar Incident
Forensics, please contact your IBM representative or
IBM Business Partner, or visit:
ibm.com/services/us/en/it-services/security-intelligence.html
About IBM Security solutions
IBM Security offers one of the most advanced and integrated
portfolios of enterprise security products and services. The
portfolio, supported by world-renowned X-Force research and
development, provides security intelligence to help organizations
holistically protect their people, infrastructures, data and applica-
tions, offering solutions for identity and access management,
database security, application development, risk management,
endpoint management, network security and more. These
solutions enable organizations to effectively manage risk and
implement integrated security for mobile, cloud, social media
and other enterprise business architectures. IBM operates one of
the world’s broadest security research, development and delivery
organizations, monitors 15 billion security events per day in
more than 130 countries, and holds more than 3,000 security
patents.
Additionally, IBM Global Financing can help you acquire
the software capabilities that your business needs in the most
cost-effective and strategic way possible. We’ll partner with
credit-qualified clients to customize a financing solution to
suit your business and development goals, enable effective cash
management, and improve your total cost of ownership. Fund
your critical IT investment and propel your business forward
with IBM Global Financing. For more information, visit:
ibm.com/financing
12.
1 Ponemon Institute, “2013 Cost of Cyber Crime Study: United States,”
October 2013. http://media.scmagazine.com/documents/54/
2013_us_ccc_report_final_6-1_13455.pdf
2 Verizon RISK Team, “2013 Data Breach Investigations Report,” Verizon
Communications, April 2013. http://www.verizonenterprise.com/DBIR/2013/
3 IBM X-Force, “IBM X-Force Threat Intelligence Quarterly – 1Q 2014,”
IBM Security Systems, February 2014. https://www14.software.ibm.com/
webapp/iwm/web/signup.do?source=swg-WW_Security_Organic&
S_PKG=ov21294
4 Juniper Networks Mobile Threat Center, “Third Annual Mobile Threats
Report: March 2012 through March 2013,” Juniper Networks, 2013.
http://www.juniper.net/us/en/local/pdf/additional-resources/
3rd-jnpr-mobile-threats-report-exec-summary.pdf
Please Recycle
WGW03056-USEN-00