Access "Big data security analytics: Harnessing new tools for better security"
This article is part of the July/August 2012 issue of Establishing an effective internal security pen testing methodology
Among all the things that would benefit security and improve defenses, insight must rank among the first. We need it to identify when, where and how attacks occur -- and succeed. With insight, we could see how access privileges are being misused or abused, or when what looks like legitimate access is actually fraud. We could also understand how and where investments can be better applied to strengthen security and mitigate risks. However, this kind of insight is highly elusive. The reality is most organizations struggle with making use of the security information they already gather. In a recent Enterprise Management Associates (EMA) study of 200 organizations of 1,000 personnel or more worldwide, 58 percent of those knowledgeable about security log and event management say they collect more than 50 gigabytes of this data each day. Fifteen percent say they collect a terabyte or more. If each event is averaged at 300 bytes apiece, that’s more than three billion log events daily. The sheer volume of security data is not the only problem; the pace of ... Access >>>
Premium Content for Free.
How to pen test: Why you need an internal security pen testing program
by Dave Shackleford
Learn pen testing best practices and how to build an internal pen testing team.
Securing SharePoint: SharePoint security best practices
by Marcia Savage
SharePoint has become ubiquitous in the enterprise, but organizations can overlook security. Learn SharePoint security best practices in this article.
Talk of cyberwarfare threats heats up with Flame malware
by Robert Westervelt
Experts say malware toolkit isn’t unique, but warn of cyberweapons falling into the wrong hands.
- How to pen test: Why you need an internal security pen testing program by Dave Shackleford
Big data security analytics: Harnessing new tools for better security
by Scott Crawford, Contributor
New techniques are emerging to help organizations analyze security data and improve security defenses.
Three steps for securing SharePoint
by Brien Posey
Restricting user permissions, server hardening and dedicated service accounts are critical.
- Big data security analytics: Harnessing new tools for better security by Scott Crawford, Contributor
Gary McGraw on mobile security: It’s all about mobile software security
by Gary McGraw, Contributor
Mobile systems have a lot of moving parts, but securing them is as simple as practicing software security.
Cyberspace protection requires government collaboration with industry
by Riley Repko, Contributor
Government and private sector collaboration is critical to surviving in cybespace.
LinkedIn password leak: Lessons to be learned from LinkedIn breach
by Marcia Savage
Breach at the professional networking site highlights password practices, storage procedures.
- Gary McGraw on mobile security: It’s all about mobile software security by Gary McGraw, Contributor
More Premium Content Accessible For Free
For many security teams, "continuous monitoring" is a vague concept associated with FISMA compliance. A continuous monitoring program can be simple ...
The variety and sheer number of network endpoints, users and devices in the enterprise today is driving IT's demands for enhanced security features ...
Enterprises leverage open source software for the perceived quality of the code, but the Heartbleed flaw has made many question their use of ...