Premium Content

searchSecurity E-Handbooks

Featured E-Handbooks

  • Devising a security strategy for the modern network

    The network of today's enterprise is larger and more diverse than ever, which means there's more for hackers to attack. So as enterprises update their network security strategy to take into account the latest devices coming online, they must also prepare for the future, too. This TechGuide looks at the options for network defense today and in the near future, including how to spot vulnerabilities and how to rank them, too, so infosec pros can respond to inevitable attacks quickly and efficiently.

    Download Now

  • Unified threat management aspires to the enterprise class

    Unified threat management (UTM) long focused on small and medium-sized businesses, but now it's climbing the ladder and attempting to become enterprise-class technology. This Technical Guide shows IT pros how to determine whether a vendor's UTM is truly an enterprise-grade security appliance and, if so, how to integrate and manage it into existing infrastructure.

    Download Now

Other E-Handbooks available for free to our members

    • Page 1 of 3
      • How to respond to the latest distributed denial-of-service attacks

        All indications show that DDoS attacks are increasing in variety, number and size. No network system is immune and information security pros can't put off learning about the threat and means available for defense. Fortunately, techniques and technology do exist for thwarting DDoS attacks or at least limiting the damage done.

        This handbook gathers the latest information on DDoS prevention methods, using the 2013 Spamhaus attack as a case study that serves as a warning of what's ahead if enterprises don't act now. It closes with call to action and, even better, actionable advice InfoSec pros can use today.

        View E-Handbook
      • Secure file transfer: Send large files fast, but keep your system safe

        FTP gets big files to colleagues and clients fast, but as the headlines remind us, the threat of electronic break-ins is real. This guide to secure file transfer shows how best to cure that sense of FTP insecurity.

        View E-Handbook
      • What's the best focus for MDM strategy now?

        This Technical Guide examines the necessary elements of, and how to implement, a sound mobile device management strategy. Devices will be lost, stolen or hacked. That's a given. This guide outlines the basic tenets of sound strategy for mobile devices and explains why that strategy must focus first on the protection of mobile device data, rather than the devices themselves. It also provides a thorough review of the essential MDM tools and how best to integrate them into your system.

        View E-Handbook
      • Strategies to make your SIEM system sing

        Using and maintaining a security information and event management (SIEM) system can be a challenge for InfoSec professionals, but the effort is worthwhile if the system enables faster, better security data analysis and response. This TechGuide examines the policies and enhanced monitoring needed from a SIEM to make smarter decisions and respond faster to incidents.

        View E-Handbook
      • Vulnerability management programs: A handbook for security pros

        Information security professionals need a multifaceted approach for managing and responding to known vulnerabilities, one that recognizes enterprises' finite resources for vulnerability remediation. This TechGuide will help you both identify and prioritize vulnerabilities based on sound risk-management principles, ensuring a vulnerability management program that is effective and aligned with broader risk-management goals.

        View E-Handbook
      • PCI DSS 3.0: What you must know now about the new guidance

        The new iteration of Payment Card Industry Data Security Standards issued in November 2013, and known as PCI DSS 3.0, gives merchants and payment processors crucial new guidance on meeting threats to information security. But there are also key areas PCI DSS 3.0 fails to address, including mobile devices. This handbook is an overview of the major changes, outlines the areas where procedures and policies remain unclear, and closes with a practical list of how PCI DSS 3.0 affects merchants.

        View E-Handbook
      Page 1 of 3
    • Page 1 of 1
      • Unified threat management aspires to the enterprise class

        Unified threat management (UTM) long focused on small and medium-sized businesses, but now it's climbing the ladder and attempting to become enterprise-class technology. This Technical Guide shows IT pros how to determine whether a vendor's UTM is truly an enterprise-grade security appliance and, if so, how to integrate and manage it into existing infrastructure.

        View E-Handbook
      •  
      Page 1 of 1
    • Page 1 of 1
      Page 1 of 1
    • Page 1 of 1
      • Developing your endpoint security management transition plan

        This TechGuide will help you develop your endpoint security management transition plan. Articles focus on overcoming the challenges of Web-based malware defense and signature-based antivirus with new malware-detection technologies, ensuring Web security gateways provide an effective additional content-filtering layer to serve as endpoints’ first line of defense and deciding whether whitelisting is a viable technology to deploy at the endpoint.

        View E-Handbook
      •  
      Page 1 of 1
    • Page 1 of 1
      • Next-generation authentication technologies emerge to restore balance

        Cloud and mobility in the enterprise has caused a heightened need for organizations to take a closer look at next generation authentication technologies. This handbook discusses emerging authentication technologies that reduce organizational risk while limiting user inconvenience.

        View E-Handbook
      • Identity and access management solutions: The basics and issues

        With the surge of disruptive technologies like cloud-based systems, mobile apps and BYOD, identity and access management (IAM) has become unruly and complex for organizations. This TechGuide covers the fundamentals of and issues associated with the business concept and technology of IAM -- management of all users’ access to an organization’s assets and facilities. Additionally, we discuss the critical IAM issue of privilege creep and how to identify the risks and remedies to stop it. Finally, we cover the importance of aligning IAM services and plans with the business initiatives of the organization’s CIO.

        View E-Handbook
      Page 1 of 1
    • Page 1 of 1
      • Strategies to make your SIEM system sing

        Using and maintaining a security information and event management (SIEM) system can be a challenge for InfoSec professionals, but the effort is worthwhile if the system enables faster, better security data analysis and response. This TechGuide examines the policies and enhanced monitoring needed from a SIEM to make smarter decisions and respond faster to incidents.

        View E-Handbook
      •  
      Page 1 of 1
    • Page 1 of 1
      • Network security best practices and essentials

        Your network security is increasingly complex and the ostensibly simple matter of just keeping track of its components has spawned a slew of network discovery tools. But if that complexity weren’t enough, the attacks that chew at your network every day are also growing in complexity and stealth at breakneck speed. So you need a correspondingly complex set of network security tools. And more than that, you need strategy. The increasing complexity of network attack methods has made it necessary to implement equally complex security tools and - more importantly - strategies. Read this Essential Guide on information security to learn more about key elements of a well-coordinated security strategy.

        View E-Handbook
      •  
      Page 1 of 1
    • Page 1 of 1
      • Enterprise network security visibility: Beyond traditional defenses

        Organizations have implemented various network security technologies to gain better visibility into their networks. However, these security technologies place an increased demand on the network. This TechGuide explores how to improve network security visibility with network flow analysis tools, cloud security monitoring solutions and anomaly-based monitoring technology.

        View E-Handbook
      •  
      Page 1 of 1
    • Page 1 of 1
      • Devising a security strategy for the modern network

        The network of today's enterprise is larger and more diverse than ever, which means there's more for hackers to attack. So as enterprises update their network security strategy to take into account the latest devices coming online, they must also prepare for the future, too. This TechGuide looks at the options for network defense today and in the near future, including how to spot vulnerabilities and how to rank them, too, so infosec pros can respond to inevitable attacks quickly and efficiently.

        View E-Handbook
      •  
      Page 1 of 1
    • Page 1 of 1
      • PCI DSS 3.0: What you must know now about the new guidance

        The new iteration of Payment Card Industry Data Security Standards issued in November 2013, and known as PCI DSS 3.0, gives merchants and payment processors crucial new guidance on meeting threats to information security. But there are also key areas PCI DSS 3.0 fails to address, including mobile devices. This handbook is an overview of the major changes, outlines the areas where procedures and policies remain unclear, and closes with a practical list of how PCI DSS 3.0 affects merchants.

        View E-Handbook
      •  
      Page 1 of 1
    • Page 1 of 1
      • What's the best focus for MDM strategy now?

        This Technical Guide examines the necessary elements of, and how to implement, a sound mobile device management strategy. Devices will be lost, stolen or hacked. That's a given. This guide outlines the basic tenets of sound strategy for mobile devices and explains why that strategy must focus first on the protection of mobile device data, rather than the devices themselves. It also provides a thorough review of the essential MDM tools and how best to integrate them into your system.

        View E-Handbook
      • Strategies for tackling BYOD: How to ensure mobile security

        Bring your own device (BYOD) and the consumerization of IT are realities of the modern workplace that cannot be ignored. When employees are empowered with the choice of using their own consumer-based devices in the workplace, it is imperative to counter the move in IT to ensure security and control. This information security handbook offers advice on controlling the onslaught of employee-owned devices in the workplace, mitigating the risks of mobile applications, and changing your thought process when it comes to securing the consumerization of IT. Read now for expert advice on tackling the issues BYOD brings and ensuring security in a mobile world.

        View E-Handbook
      • An inside look at network security technologies

        Finding malware, or worse, attackers pivoting from server to server on your network, is a difficult proposition. Persistent, motivated hackers are adept at developing code that evades detection from signature-based network security devices. And more often than not, attackers are penetrating enterprise networks using legitimate credentials stolen via social engineering scams. This informative handbook outlines how to better safeguard your network. Get the latest tips on network security technologies, and advice from our experts.

        View E-Handbook
      Page 1 of 1
    • Page 1 of 1
      • How to respond to the latest distributed denial-of-service attacks

        All indications show that DDoS attacks are increasing in variety, number and size. No network system is immune and information security pros can't put off learning about the threat and means available for defense. Fortunately, techniques and technology do exist for thwarting DDoS attacks or at least limiting the damage done.

        This handbook gathers the latest information on DDoS prevention methods, using the 2013 Spamhaus attack as a case study that serves as a warning of what's ahead if enterprises don't act now. It closes with call to action and, even better, actionable advice InfoSec pros can use today.

        View E-Handbook
      •  
      Page 1 of 1
    • Page 1 of 1
      • Application hardening: Evolving techniques for proactive enterprise application security

        Enterprises are now running more and more applications to meet the demands of employees and users. This makes developing a threat and vulnerability management program to secure applications increasingly important. This TechGuide covers proactive techniques that enterprises can execute for creating an effective threat and vulnerability management program, the importance of an internal security pen testing program and utilizing software patching 2.0 to cut costs with virtual patching and automation.

        View E-Handbook
      •  
      Page 1 of 1
    • Page 1 of 1
      Page 1 of 1