Security Management Strategies for the CIOAccess "Honeyclients bring new twist to honeypots"
This article is part of the November 2007 issue of Comparing seven top integrated endpoint security suites
Honeyclients are creating a buzz in the security world, giving malicious Web sites the sharp end. The desktop Web browser has long been a security sinkhole. It's grown deeper, despite emphasis on secure coding, greater user awareness, improvements to Internet Explorer and the use of alternatives like Firefox and Opera. Criminals lure users to thousands of malicious or compromised Web sites to scam their identity information or drop some nasty code on their computers. Detecting these sites and collecting and countering exploits has been somewhat like playing Whack-A-Mole, but security researchers are finding effective ways to fight back. Microsoft and open source advocates are pursuing two of the more promising initiatives, aggressively hunting for exploits using honeyclients, an active variation of honeynet techniques. While honeynets have been around for some time, they are passive collectors, sitting on some random network on the Internet, waiting for a hacker to connect to and leave evidence. Typically, they consist of a Web server and a stripped-down ... Access >>>
Access TechTarget
Premium Content for Free.
What's Inside
Features
-
-
Honeyclients bring new twist to honeypots
Honeyclients are unpatched web browsers that actively seek malicous websites.
-
Product review: LogLogic LX
Learn about LogLogic's LX event log management product installation, configuration and reporting features in this review.
-
Lumigent Audit DB 6.0 product review
Lumigent Audit DB 6.0 is evaluated on its configuration, installation, monitoring and reporting capabilities.
-
Product review: Seven integrated endpoint security products
Information Security magazine evaluates seven integrated endpoint security suites on their management capabilities, reporting, ability to detect and block malware, detecting and thwarting exploit attempts, and integration of the various desktop security capabilities in one package.
-
Web 2.0 application development techniques introduce new information security risks
Ajax, Java and other dynamic application coding methods have pulled computing power over to the client, introducing new risks and resurrecting old ones.
-
Product review: Paraben's P2 Enterprise Shuttle
Paraben's P2 Enterprise Shuttle
-
Honeyclients bring new twist to honeypots
-
-
Everdream 7.5 product review: Data encryption, malware protection
In this product review, learn how Everdream 7.5 can improve your desktop security strategy with Everdream Software as a Service (SaaS), desktop data encryption and antimalware coverage features.
-
ZENworks Endpoint Security Management 3.5 product review
Novell's ZENworks Endpoint Security Management 3.5 is evaluated on its configuration and management, policy control and reporting capabilities. It offers the ability to control applications, protocols and removable storage devices. It also delivers encryption to files and folders, and network access control to ensure protection levels are current.
-
SIEM market, log management tools need a standardized log format
Security information and event management (SIEM) systems and log management tools would benefit from standardized log formats.
-
Remote computer access to files and systems must secure
Organizations are overhauling strategies to meet the challenges of the mobile workforce. Companies need to be strategic when evaluating the best secure remote computer access technology they deploy.
-
Product review: Workshare Professional 5
Workshare's Workshare Professional is a document lifecycle management platform that allows an organization to control where documents are sent, manages changes and provides audit capabilities. It also integrates with Microsoft Office 2007 but is tied to specific email platforms.
-
Everdream 7.5 product review: Data encryption, malware protection
-
Columns
-
E-discovery forces security organizations to prepare for eventual litigation
The updated Federal Rules of Civil Procedure elevates understanding of e-discovery requirements to a high priority.
-
Bruce Schneier, Marcus Ranum debate the realities of cyberwar
Cyberwar: Myth or Reality?
-
Interview: CISO builds information security program from scratch
Commonwealth of Pennsylvania CISO Bob Maley built his information security program from scratch.
-
Information security officers need to sharpen their risk management skills
Information security managers should adopt a risk management skill set and move their career paths toward a strategic position, rather than strictly an operational one.
- Viewpoint: Don't blame generation gaps for poor home security
-
E-discovery forces security organizations to prepare for eventual litigation
More Premium Content Accessible For Free
Next-generation firewalls play by new rules
E-Zine
Firewalls started their journey to the next generation at about the same time as the Star Trek TV series. While the products have advanced with ...
Developing your endpoint security management transition plan
E-Handbook
This TechGuide will help you develop your endpoint security management transition plan. Articles focus on overcoming the challenges of Web-based ...
Unlock new pathways to network security architecture
E-Zine
Network security architecture is showing its age at many organizations. With new technology, different data types, and use of multi-generations of ...