Latest news
The ideal solution would be able to track routine network usage by every employee, identify when and how critical servers are being accessed, harden and segment networks to proactively prevent unauthorized access to confidential information, and prevent attacks from compromising legitimate access to critical information. This new network security solution should perform the following functions to address PCI compliance:
- Assess: The solution should be able to learn the behaviors of networked applications and users and use this model to identify the presence of latent vulnerabilities.
- Monitor: The solution should collect real-time flow information from switches, routers, and packet capture devices on internal networks; it then would be able to evaluate each individual flow and detect deviations from normal network behavior.
- Enforce: The solution must be able to apply network access control and allow network security managers to deploy “virtual perimeters,” a new security technology that allows enterprises to generate and simulate the impact of internal switch or firewall rules.
- Report: The solution should provide details on security events, create policies, and implement procedures for protecting critical assets.
A solution that takes sophisticated network performance technology and applies it to the complex problem of internal network security finally will allow IT managers to control the entire networked landscape – maintaining control on the interior of the network while patrolling the perimeter. By providing visibility into the vulnerable areas of the interior and the normal behavior of its users, this new solution eliminates exposure to internal attack, facilitates the immediate detection of unauthorized data access, and ensures business continuity.
Spotlight
Ransomware adds password stealing to its arsenal
Posted on 17 May 2013. | Microsoft researchers are warning about a new variant of the well-known Reveton ransomware doing rounds.
Application vulnerabilities still a top security concern
Posted on 16 May 2013. | Respondents to a new (ISC)2 study identified application vulnerabilities as their top security concern. A significant gap persists between software developers’ priorities and security professionals’ concerns.
IT security jobs: What's in demand and how to meet it
Posted on 15 May 2013. | Let's say you want a career in information security, where do you start? What credentials do you need? What are employers looking for? Read on to find some answers.
Hacking charge stations for electric cars
Posted on 15 May 2013. | Ofer Shezaf talks about what charge stations really are, why they have to be ‘smart’ and the potential risks created to the grid, to the car and most importantly to its owner’s privacy and safety.
Is Microsoft is reading your Skype communications?
Posted on 15 May 2013. | The question of whether Skype allows U.S. intelligence and law enforcement agencies to access the communications exchanged by its users has still not been adequately answered by Microsoft.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.
 |
