-
A sophisticated, modern defense-in-depth architecture is essential for every enterprise in order to avoid catastrophic information security incidents. But it can be a significant challenge for an organization to understand how to assess its current security posture, identify technical gaps, choose the best technologies to fill those gaps and then finally ensure those pieces are all integrated and managed effectively. This lesson explores those concepts to enable an enterprise to ensure it has all the pieces in place for an effective layered defense that can successfully withstand a multitude of evolving threats.
About the expert:
Mike Chapple is an IT security professional with the University of Notre Dame and a technical editor for SearchSecurity.com.
Learn more: Reinventing defense in depth
-
In this lesson, explore effective deployment techniques and configurations to best detect and trace attacks, explain different use cases, and ensure the data your tool collects is accurate and doesn't drag down database performance.
About the expert:
Adrian Lane is CTO with independent consulting firm, Securosis, LLC.
Learn more: How DAM can help detect and trace attacks
-
In this lesson, learn about monitoring strategies for detection of insider threats and how to breakdown the myths surrounding insider threat detection.
About the expert:
Dawn Cappelli is a senior member of technical staff for the CERT Program at Carnegie Mellon University.
Learn more: Practical strategies to mitigate insider threats
-
The release of Windows Server 2008 included a number of significant security-related changes. This lesson will provide an overview of the features and enhancements, including read-only domain controllers, Network Access Protection and more.
About the expert:
Elizabeth Quinlan is the technical lead for HynesITe where she is a trainer/consultant.
Learn more: Windows Server 2008 security features
-
Attackers are more resourceful, determined and prolific than ever before. This lesson will help you know your enemy and understand how to respond to and defend against increasingly complex types of hacker attacks and techniques.
About the expert:
Dr. Markus Jakobsson is a principal scientist at Palo Alto Research Center.
Learn more: Anatomy of an attack: Types of hacker attacks and techniques
-
New In a matter of months, the threat landscape has changed dramatically. In this lesson, learn how to thwart sophisticated attacks featuring custom rootkits, Trojans and malware designed to exploit unknown vulnerabilities.
About the expert:
Lenny Zeltser is a SANS Institute instructor and noted author.
Learn more: Next-gen threats: Advanced malware, rootkit and Trojan defense
-
This lesson examines how Windows Vista services present unique intrusion defense challenges. Peter Gregory explains how well Windows Vista security features support and extend intelligent enterprise security management practices.
Learn more: Intrusion defense in the era of Windows Vista
-
In this lesson, learn how security information and event management can augment enterprise intrusion defense efforts.
About the expert:
Tom Bowers is principal with independent consulting firm Security Constructs.
Learn more: Security information and event management systems
-
In this lesson, learn about the basics of intrusion defense. Joel Snyder defines the network perimeter and the technologies crucial to success, including corporate intrusion detection systems and content filtering technologies.
Learn more: Network perimeter security
-
In this lesson, Joel Snyder explains how the latest antispyware and antivirus tools can secure the network edge.
Learn more: Network content security: Antivirus and antispyware tools
-
In this lesson, learn how to make cost-effective intrusion defense choices and explain to management the return on an intrusion defense or network security investment.
Learn more: ROI of intrusion defense: Finding the return on a security investment
-
In this lesson, learn how a world with no network perimeter can affect enterprise security management. Joel Snyder reviews unified threat management firewalls, intrusion detection systems and security information management tools.
Learn more: Defense beyond the network perimeter
-
Before diving into Intrusion Defense School, test your knowledge of the basics. Joel Snyder offers an introduction to unified threat management technologies, email security devices, the latest antispam strategies and the value of information security investments.
Learn more: Basics of network security intrusion defense
-
Web servers need constant hardening, testing and monitoring to prevent Web server attacks. In this lesson, learn tactics, policies and best practices for keeping enterprise Web servers safe and secure.
About the author:
Michael Cobb is the founder and managing director of Cobweb Applications Ltd.
Learn more: Preventing Web server attacks: Spyware and malware defense
-
In this Security School lesson, expert Lenny Zeltser provides a picture of the state of the malware landscape as it pertains to SMBs, as well as a run down of the most common types of malware. He explains how malware works, what it can do and what makes it unique and gives case study examples and key principles of a successful lean and mean antimalware program
About the expert:
Lenny Zeltser is a SANS Institute instructor and noted author.
Learn more: Developing a defense-in-depth strategy for malware defense
-
Most enterprises rely on swift development of Web applications that meet project deadlines and bring in new revenue. In order to succeed, Web app development processes often focus on features and functionality, ignoring security until it's too late. Thorough testing for vulnerabilities in Web applications is often bypassed, leaving sensitive data on the back end subject to attack.
This lesson details the myriad of Web application attacks in circulation today, providing detailed explanations of SQL injection attacks, clickjacking, cross-site scripting and cross-site request forgery attacks and other Web-based attacks that lead right to sensitive information stored in a backend database. We’ll also explain how to begin assessing your production Web apps for dangerous flaws and how to architect a software development process that can help you counter these threats in both QA and production.
About the expert:
Cory Scott is a director with security consultancy Matasano Security.
Learn more: Web application attacks: Building hardened apps
-
This Security School lesson will establish a baseline data breach prevention strategy every enterprise should have in place.
Nick Lewis (CISSP) is an information security architect at Saint Louis University.
Learn more: Data breach prevention strategies
-
Early antivirus products were host-based agents that used basic signature detection to scan hard drives for malicious code. Today’s antimalware is more sophisticated with enterprises operating not only within the network perimeter, but on mobile devices and in the cloud. Traditional antimalware deployments aren’t good enough anymore. You need to consider your company’s needs by user and location and protect assets accordingly. In this lesson, you’ll learn how to effectively architect antimalware solutions for your enterprise.
About the author:
Diana Kelley is a partner with Amherst, N.H.-based consulting firm SecurityCurve.
Learn more: Architectural considerations for enterprise antimalware deployments
Security Management Strategies for the CIO
Your organization's ability to fend off spyware, computer viruses and the latest breed of information security threats hinges on the strength and cohesion of your intrusion defense strategy.
