Security Management Strategies for the CIO
Email Alerts
-
Enterprise network security visibility: Beyond traditional defenses
Organizations have implemented various network security technologies to gain better visibility into their networks. However, these security technologies place an increased demand on the network. This TechGuide explores how to improve network security... E-Handbook
-
Essentials: Threat detection
Antivirus and intrusion prevention aren’t the threat detection stalwarts they used to be. With mobile endpoints and new attack dynamics, enterprises have to be nimble on the security front in order to keep data safe and attackers at bay. This Essenti... E-Zine
-
Network security best practices and essentials
Your network security is increasingly complex and the ostensibly simple matter of just keeping track of its components has spawned a slew of network discovery tools. But if that complexity weren’t enough, the attacks that chew at your network every d... E-Handbook
-
IDSes takes aim: Emerging "target-based" systems improve intrusion defense
Network intrusion detection systems (NIDSes) generate a lot of false positives, false alerts and false alarms. They've driven many frustrated security managers to simply pull the plug on their NIDSes. "Target-based IDS" is a new technology that corre... E-Zine
-
Defense-in-Depth: Securing the network from the perimeter to the core
Enterprise networks are no longer a "crunchy shell around a soft, chewy center" and hence network defenses must be deployed inside the perimeter. But are network security vendors capable securing the network from the inside out? Also: Andrew Briney's... E-Zine
-
Trustworthy yet? An inside look at what's changed after a year of Microsoft Trustworthy Computing
When Bill Gates launched Trustworthy Computing at Microsoft, it was meant to fundamentally change the way the software giant operates. But has anything really changed? This month, we examine what's happened in the past 12 months, and the work left to... E-Zine
-
Intrusion detection and prevention: IDS/IPS security guide
This guide is a compilation of SearchSecurity.com's best resources on intrusion detection and prevention. It covers not only the basics of what they are and how they work, but also discusses several other important areas of IDS and IPS security, incl... Learning Guide
-
Wireless intrusion detection systems: WLAN security and protection guide
In this mini learning guide, which is a part of the SearchSecurity.com IDS/IPS Security Guide, security managers and staff will learn more about wireless intrusion detection systems and WLAN security, including how to use a WIPS to monitor wireless t... guide
-
IPS IDS best practices: Implementation and deployment
In this mini learning guide, which is a part of the SearchSecurity.com IDS/IPS Security Guide, security pros will learn more about IPS/IDS best practices for deployment and implementation in the enterprise. guide
-
Intrusion detection: How to use IDS IPS tools to secure the enterprise
In this mini learning guide, security managers and professionals will learn about the features and capabilities of some of the most popular IDS/IPS tools available today, and well has how to use them. guide
-
Introduction to IDS IPS: Network intrusion detection system basics
This one-page guide, which is a part of the SearchSecurity.com IDS/IPS Security Guide, acts as an introduction to both IDS and network intrusion prevention system (IPS) technology. Here, security professionals will learn how to determine which IDS/IP... guide
-
Quiz: Network content monitoring must-haves
See if you know the essentials of network content monitoring in this SearchSecurity.com Security School quiz. Quiz
-
Best Intrusion Detection/Prevention Products 2011
Readers vote on the best intrusion prevention/detection products, including network-based intrusion detection and prevention appliances, using signature-, behavior-, anomaly- and rate-based detection. Guide
-
Readers' Choice Awards 2011
Best Security Information and Event Management Products 2011 Guide
-
Quiz: How IDS/IPS can enable business objectives
How much have you learned about integrating IDS/IPS with your enterprise's business goals? Find out with this short quiz. Quiz
-
Rogue AP containment methods
Wireless network monitoring systems are quickly moving from detection alone to detection and prevention. In particular, many now provide options to "block" rogue devices, preventing wireless or wired network access. This tip explores how these contai... Security School
- See more Essential Knowledge on Network Intrusion Detection (IDS)
-
Marty Roesch pushes collective analysis, underscores cyberthreat intelligence
Sourcefire CTO Marty Roesch introduced cloud-based analysis for threat intelligence gathering. Network security monitoring platforms like RSA NetWitness may be headed in a similar direction. News | 08 Feb 2012
-
Qualys buys Nemean Networks for behavior-aware malware detection
The acquisition expands Qualys' IDS signatures and increases its threat data. News | 06 Oct 2010
-
Snort creator remains guiding force behind network detection system
Martin Roesch remains the guiding force behind nearly all of the improvements made to Snort, which is at the heart of Sourcefire's network detection s... Interview | 08 Sep 2010
-
Researchers uncover Cisco firewall vulnerabilities, McAfee console flaws
While the vendors have released patches, SecureWorks researchers told Black Hat 2010 attendees that many enterprises place too much trust in their security systems and fail to check them for basic vulnerabilities. Article | 28 Jul 2010
-
Network forensics tools increasingly aid security response teams
As malware continues to evade signature-based antivirus and intrusion prevention systems some organizations are turning to network capturing and analysis tools to detect anomalies and respond to security threats as they happen. One such vendor, Hernd... Interview | 02 Jun 2010
-
New Zealand firm, Endace, making next generation IDS a reality
Until now some experts have signaled the slow demise of intrusion defense systems, but one firm is having success in the government sector with an IDS appliance that can capture 100% of network traffic. News | 24 May 2010
-
White House declassifies CNCI summary, lifts veil on security initiatives
Summary document outlines ongoing initiatives to improve cybersecurity at the federal level as well as the security of the supply chain and private networks of critical infrastructure facilities. Article | 02 Mar 2010
-
New product aims to control rogue applications that avoid firewalls
Palo Alto Networks Inc. was sporting the slogan "Fix the Firewall" at its first Infosecurity Europe exhibition in London, and showing off its range of firewall appliances that attempt to control applications that avoid firewall detection. News | 29 Apr 2009
-
RSA 2008: Sourcefire founder Roesch previews Snort 3
In this video interview, Sourcefire founder and Snort creater Martin Roesch talks about the sudden departure of the company's CEO and the future of intrusion defense. News | 11 Apr 2008
-
Juniper UAC to deliver Shavlik patch management technology
Patch management vendor Shavlik Technologies announced that its tools will now be enabled via Juniper Networks' Unified Access Control (UAC) product. Article | 11 Oct 2007
- See more News on Network Intrusion Detection (IDS)
-
Opinion: 2003 Gartner Hype Cycle for infosec is wrong on IDS
Et tu, Gartner? The research firm's pronouncement that IDS is dead is just the latest Hype Cycle gone awry. Opinion
-
To improve breach detection, revisit intrusion detection techniques
To solve the breach-detection issues highlighted in the 2013 Verizon DBIR, several intrusion detection techniques are needed, says expert Nick Lewis. Tip
-
The evolution of threat detection and management
Enterprises must understand the latest threat detection options to keep up with advanced cybercriminals who can bypass enterprise security defenses. Tip
-
Top five free enterprise network intrusion-detection tools
Snort is one of the industry's top network intrusion-detection tools, but there are plenty of free alternatives. Matthew Pascucci discusses. Tip
-
IPS/IDS technologies: Innovations and changes
Haven’t shopped for an IDS/IPS in a while? Karen Scarfone details important recent innovations to IDS/IPS technologies. Tip
-
Social engineering penetration testing: Four effective techniques
Social engineering penetration testing is now a must for enterprises. Learn about the four methods your pen tests should use. Tip
-
Security in virtualization: IDS/IPS implementation strategy
Considering virtualization? Take into account that your IDS or IPS may not work the same way in a virtualized environment as it does in a physical one. Expert Dave Shackleford explains how to address this potential problem. Tip
-
Video: OSSEC screenshots show how to use the free IDS
An intrusion detection system has become necessary for most enterprises, but they can be both expensive and difficult to configure. In part two of this screencast, learn how to use the free IDS OSSEC. Tip
-
IDS vs. IPS: How to know when you need the technology
IDS and IPS are useful security technologies, but how do you know whether your enterprise can benefit from one? In this tip, infosec pro Jennifer Jabbusch offers a few specific use cases to help you know when to consider IDS/IPS. Tip
-
How to install an OSSEC server on Linux and an OSSEC Windows agent
Learn how to install the free, host-based intrusion detection system OSSEC, with step-by-step instructions on setting up an OSSEC Linux server with an OSSEC Windows agent. Tip
-
Scapy tutorial: How to use Scapy to test Snort rules
When creating Snort rules, it's often difficult to test them before they go live. In this Scapy tutorial, Judy Novak explains how to use Scapy, a tool that simplifies packet crafting, to test new Snort rules. Tip
- See more Tips on Network Intrusion Detection (IDS)
-
Defend against iPad exploit, rogue access point attacks
An iPad exploit that attacks a rogue access point is dangerous for enterprises and home users. Expert Nick Lewis explains how to defend against it. Answer
-
RTP attacks: How to prevent enterprise data exfiltration
How big of an issue are RTP attacks in the context of all attacks via covert channels? Nick Lewis looks at tunneling for enterprise data exfiltration. Answer
-
Will host-based intrusion detection software replace signature IDS?
As signature-based IDS becomes less effective, is host-based IDS the best option to replace it? Expert Anand Sastry weighs in. Answer
-
IPS and IDS deployment strategies
Deploying an IDS and an IPS system may seem like two different tasks, but really the two are closely related. Mike Chapple weighs in on the similarities of the deployment strategies. Ask the Expert
-
How to perform a network forensic analysis and investigation
Situation: A breach has occurred at your enterprise, and you need to gather relevant data, fast. What tools can you use to get the job done? In this expert response, Mike Chapple gives pointers on which network forensic analysis tools can help. Ask the Expert
-
What is the cause of an 'intrusion attempt' message?
Have you ever received a message from your endpoint security product stating that an intrusion attempt has been blocked? Mike Chapple gives three possibilities for the alert's likely cause. Ask the Expert
-
Intrusion detection vs. intrusion prevention
Both IPS and IDS tools are designed to monitor the network for signs of unusual activity. Network security expert Mike Chapple explain how each technology differs in its approach. Ask the Expert
-
Best practices for IDS creation and signature database maintenance
Mike Chapple offers an alternative to creating an intrusion detection system as well as advice on maintaining a signature database. Ask the Expert
-
What is the best possible IDS deployment for an Enterprise Resource Planning (ERP) system?
Deploying an IDS can be a complex process. But are there specific requirements for an IDS in an ERP system? Network security expert Mike Chapple explains. Ask the Expert
-
Should an intrusion detection system (IDS) be written using Java?
There's no reason that you couldn't implement intrusion detection functionality in any higher-level programming language, Java included. Network security expert Mike Chapple, however, explains why Java may not be the best choice. Ask the Expert
- See more Expert Advice on Network Intrusion Detection (IDS)
-
computer forensics (cyber forensics)
Computer forensics is the application of investigation and analysis techniques to gather and preserve evidence from a particular computing device in a way that is suitable for presentation in a court of law. Definition
-
network behavior analysis (NBA)
Network behavior analysis (NBA) is a method of enhancing the security of a proprietary network by monitoring traffic and noting unusual actions or departures from normal operation... (Continued) Definition
-
HIDS/NIDS (host intrusion detection systems and network intrusion detection systems)
Host intrusion detection systems (HIDS) and network intrusion detection systems (NIDS) are methods of security management for computers and networks... (Continued) Definition
-
Diffie-Hellman key exchange (exponential key exchange)
Diffie-Hellman key exchange, also called exponential key exchange, is a method of digital encryption that uses a number raised to specific powers to produce decryption keys that are never directly transmitted, making the task of a would-be code break... Definition
-
ultrasound
Ultrasound is acoustic (sound) energy in the form of waves having a frequency above the human hearing range. Definition
-
In 2013, Cisco network security product strategy to key on integration
Video: Cisco SVP Chris Young details the vendor's 2013 network security product strategy, specifically combining more features into its line of ASA firewalls. Video
-
Sourcefire's Roesch: How Snort can normalize JavaScript, model rules
Video: Snort creator Martin Roesch discusses new Snort features like JavaScript normalization and rule modeling, and looks ahead to Snort's future. Video
-
Malware detection and prevention fundamentals
Learn about the state of the malware landscape as it pertains to small and medium sized businesses and get a rundown on the most common types of malware. Video
-
Countdown: Top 5 ways to tune IDS/IPS to meet business needs
In this podcast, we'll count down the top five ways to tune an IDS/IPS to make sure it's meeting the business requirements you purchased it to meet. Podcast
-
Countdown: Top 5 ways to tune IDS/IPS to meet business needs
In this podcast, we'll count down the top five ways to tune an IDS/IPS to make sure it's meeting the business requirements you purchased it to meet. Podcast
-
Meeting business goals with network security technologies
This video will discuss how moving from primary business functions to more detailed business tasks can help identify goals that network security can assist in meeting. Video
-
SIMs tools and tactics for business intelligence
Security information management systems (SIMs) automate the process of looking through logs to help produce effective reports, issue alerts and do forensics. In the era of regulation, organizations also need added visibility into their networks and a... Video
-
Webcast: The business case for intrusion, perimeter defense security
In this presentation, Joel Snyder explains how to secure the necessary funds to implement intrusion defense and perimeter defense security tactics. Webcast
-
To improve breach detection, revisit intrusion detection techniques
To solve the breach-detection issues highlighted in the 2013 Verizon DBIR, several intrusion detection techniques are needed, says expert Nick Lewis. Tip
-
Enterprise network security visibility: Beyond traditional defenses
Organizations have implemented various network security technologies to gain better visibility into their networks. However, these security technologies place an increased demand on the network. This TechGuide explores how to improve network security... E-Handbook
-
The evolution of threat detection and management
Enterprises must understand the latest threat detection options to keep up with advanced cybercriminals who can bypass enterprise security defenses. Tip
-
computer forensics (cyber forensics)
Computer forensics is the application of investigation and analysis techniques to gather and preserve evidence from a particular computing device in a way that is suitable for presentation in a court of law. Definition
-
Essentials: Threat detection
Antivirus and intrusion prevention aren’t the threat detection stalwarts they used to be. With mobile endpoints and new attack dynamics, enterprises have to be nimble on the security front in order to keep data safe and attackers at bay. This Essenti... E-Zine
-
In 2013, Cisco network security product strategy to key on integration
Video: Cisco SVP Chris Young details the vendor's 2013 network security product strategy, specifically combining more features into its line of ASA firewalls. Video
-
Sourcefire's Roesch: How Snort can normalize JavaScript, model rules
Video: Snort creator Martin Roesch discusses new Snort features like JavaScript normalization and rule modeling, and looks ahead to Snort's future. Video
-
Network security best practices and essentials
Your network security is increasingly complex and the ostensibly simple matter of just keeping track of its components has spawned a slew of network discovery tools. But if that complexity weren’t enough, the attacks that chew at your network every d... E-Handbook
-
Top five free enterprise network intrusion-detection tools
Snort is one of the industry's top network intrusion-detection tools, but there are plenty of free alternatives. Matthew Pascucci discusses. Tip
-
Defend against iPad exploit, rogue access point attacks
An iPad exploit that attacks a rogue access point is dangerous for enterprises and home users. Expert Nick Lewis explains how to defend against it. Answer
- See more All on Network Intrusion Detection (IDS)
About Network Intrusion Detection (IDS)
Find intrusion systems, tools and tactics, such as Snort and Nessus, designed to help you manage host-based and network-based IDSes, minimize false positives, and learn how to use intrusion detection methods and devices to create a solid and secure network foundation.