Security Management Strategies for the CIOEmail Alerts
-
Intrusion detection and prevention: IDS/IPS security guide
This guide is a compilation of SearchSecurity.com's best resources on intrusion detection and prevention. It covers not only the basics of what they are and how they work, but also discusses several other important areas of IDS and IPS security, incl... Learning Guide
-
Wireless intrusion detection systems: WLAN security and protection guide
In this mini learning guide, which is a part of the SearchSecurity.com IDS/IPS Security Guide, security managers and staff will learn more about wireless intrusion detection systems and WLAN security, including how to use a WIPS to monitor wireless t... guide
-
IPS IDS best practices: Implementation and deployment
In this mini learning guide, which is a part of the SearchSecurity.com IDS/IPS Security Guide, security pros will learn more about IPS/IDS best practices for deployment and implementation in the enterprise. guide
-
Intrusion detection: How to use IDS IPS tools to secure the enterprise
In this mini learning guide, security managers and professionals will learn about the features and capabilities of some of the most popular IDS/IPS tools available today, and well has how to use them. guide
-
Introduction to IDS IPS: Network intrusion detection system basics
This one-page guide, which is a part of the SearchSecurity.com IDS/IPS Security Guide, acts as an introduction to both IDS and network intrusion prevention system (IPS) technology. Here, security professionals will learn how to determine which IDS/IP... guide
-
Quiz: Network content monitoring must-haves
See if you know the essentials of network content monitoring in this SearchSecurity.com Security School quiz. Quiz
-
Best Intrusion Detection/Prevention Products 2011
null
-
Readers' Choice Awards 2011
Best Security Information and Event Management Products 2011 null
-
Quiz: How IDS/IPS can enable business objectives
How much have you learned about integrating IDS/IPS with your enterprise's business goals? Find out with this short quiz. Quiz
-
Rogue AP containment methods
Wireless network monitoring systems are quickly moving from detection alone to detection and prevention. In particular, many now provide options to "block" rogue devices, preventing wireless or wired network access. This tip explores how these contai... Security School
- See More: Essential Knowledge on Network Intrusion Detection (IDS)
-
Marty Roesch pushes collective analysis, underscores cyberthreat intelligence
Sourcefire CTO Marty Roesch introduced cloud-based analysis for threat intelligence gathering. Network security monitoring platforms like RSA NetWitness may be headed in a similar direction. News | 08 Feb 2012
-
Qualys buys Nemean Networks for behavior-aware malware detection
The acquisition expands Qualys' IDS signatures and increases its threat data. News | 06 Oct 2010
-
Snort creator remains guiding force behind network detection system
Martin Roesch remains the guiding force behind nearly all of the improvements made to Snort, which is at the heart of Sourcefire's network detection system. Despite business pressures that could potentially sidetrack any vendor's technology improveme... Interview | 08 Sep 2010
-
Researchers uncover Cisco firewall vulnerabilities, McAfee console flaws
While the vendors have released patches, SecureWorks researchers told Black Hat 2010 attendees that many enterprises place too much trust in their security systems and fail to check them for basic vulnerabilities. Article | 28 Jul 2010
-
Network forensics tools increasingly aid security response teams
As malware continues to evade signature-based antivirus and intrusion prevention systems some organizations are turning to network capturing and analysis tools to detect anomalies and respond to security threats as they happen. One such vendor, Hernd... Interview | 02 Jun 2010
-
New Zealand firm, Endace, making next generation IDS a reality
Until now some experts have signaled the slow demise of intrusion defense systems, but one firm is having success in the government sector with an IDS appliance that can capture 100% of network traffic. News | 24 May 2010
-
White House declassifies CNCI summary, lifts veil on security initiatives
Summary document outlines ongoing initiatives to improve cybersecurity at the federal level as well as the security of the supply chain and private networks of critical infrastructure facilities. Article | 02 Mar 2010
-
New product aims to control rogue applications that avoid firewalls
Palo Alto Networks Inc. was sporting the slogan "Fix the Firewall" at its first Infosecurity Europe exhibition in London, and showing off its range of firewall appliances that attempt to control applications that avoid firewall detection. News | 29 Apr 2009
-
RSA 2008: Sourcefire founder Roesch previews Snort 3
In this video interview, Sourcefire founder and Snort creater Martin Roesch talks about the sudden departure of the company's CEO and the future of intrusion defense. News | 11 Apr 2008
-
Juniper UAC to deliver Shavlik patch management technology
Patch management vendor Shavlik Technologies announced that its tools will now be enabled via Juniper Networks' Unified Access Control (UAC) product. Article | 11 Oct 2007
- See More: News on Network Intrusion Detection (IDS)
-
Security in virtualization: IDS/IPS implementation strategy
Considering virtualization? Take into account that your IDS or IPS may not work the same way in a virtualized environment as it does in a physical one. Expert Dave Shackleford explains how to address this potential problem. Tip
-
Video: OSSEC screenshots show how to use the free IDS
An intrusion detection system has become necessary for most enterprises, but they can be both expensive and difficult to configure. In part two of this screencast, learn how to use the free IDS OSSEC. Tip
-
IDS vs. IPS: How to know when you need the technology
IDS and IPS are useful security technologies, but how do you know whether your enterprise can benefit from one? In this tip, infosec pro Jennifer Jabbusch offers a few specific use cases to help you know when to consider IDS/IPS. Tip
-
How to install an OSSEC server on Linux and an OSSEC Windows agent
Learn how to install the free, host-based intrusion detection system OSSEC, with step-by-step instructions on setting up an OSSEC Linux server with an OSSEC Windows agent. Tip
-
Scapy tutorial: How to use Scapy to test Snort rules
When creating Snort rules, it's often difficult to test them before they go live. In this Scapy tutorial, Judy Novak explains how to use Scapy, a tool that simplifies packet crafting, to test new Snort rules. Tip
-
Preventing SQL injection attacks: A network admin's perspective
Your database administrators and application developers should certainly be following best practices to avoid SQL injections, but Michael Cobb explains how network admins can do their part to fight those security exploits. Tip
-
Lifecycle of a network security vulnerability
In a chapter excerpt from Practical Intrusion Analysis: Prevention and Detection for the Twenty-First Century,author Ryan Trost reveals the full process of providing intrusion detection system coverage for a security vulnerability. Tip
-
Network intrusion prevention systems: Should enterprises deploy now?
After a few years of growing pains, today's IPS vendors are touting the maturity of their products. Not so fast, says Mike Chapple. The network security expert explains why the more IPSes "change," the more they stay the same. Tip
-
Intrusion detection system deployment recommendations
Before you take the time and effort to deploy an IDS, consider this advice. Tip
-
Screencast: Opening up the Network Security Toolkit
Tom Bowers reviews the basics of the browser-based Network Security toolkit, including proper configurations, tool selection and general usage. Tip
- See More: Tips on Network Intrusion Detection (IDS)
-
RTP attacks: How to prevent enterprise data exfiltration
How big of an issue are RTP attacks in the context of all attacks via covert channels? Nick Lewis looks at tunneling for enterprise data exfiltration. Answer
-
Will host-based intrusion detection software replace signature IDS?
As signature-based IDS becomes less effective, is host-based IDS the best option to replace it? Expert Anand Sastry weighs in. Answer
-
IPS and IDS deployment strategies
Deploying an IDS and an IPS system may seem like two different tasks, but really the two are closely related. Mike Chapple weighs in on the similarities of the deployment strategies. Ask the Expert
-
How to perform a network forensic analysis and investigation
Situation: A breach has occurred at your enterprise, and you need to gather relevant data, fast. What tools can you use to get the job done? In this expert response, Mike Chapple gives pointers on which network forensic analysis tools can help. Ask the Expert
-
What is the cause of an 'intrusion attempt' message?
Have you ever received a message from your endpoint security product stating that an intrusion attempt has been blocked? Mike Chapple gives three possibilities for the alert's likely cause. Ask the Expert
-
Intrusion detection vs. intrusion prevention
Both IPS and IDS tools are designed to monitor the network for signs of unusual activity. Network security expert Mike Chapple explain how each technology differs in its approach. Ask the Expert
-
Best practices for IDS creation and signature database maintenance
Mike Chapple offers an alternative to creating an intrusion detection system as well as advice on maintaining a signature database. Ask the Expert
-
What is the best possible IDS deployment for an Enterprise Resource Planning (ERP) system?
Deploying an IDS can be a complex process. But are there specific requirements for an IDS in an ERP system? Network security expert Mike Chapple explains. Ask the Expert
-
Can a firewall alone effectively block port-scanning activity?
In this expert response, Mike Chapple reveals which product is the best line of defense against port scanning threats. Ask the Expert
-
Should an intrusion detection system (IDS) be written using Java?
There's no reason that you couldn't implement intrusion detection functionality in any higher-level programming language, Java included. Network security expert Mike Chapple, however, explains why Java may not be the best choice. Ask the Expert
- See More: Expert Advice on Network Intrusion Detection (IDS)
-
network behavior analysis (NBA)
Network behavior analysis (NBA) is a method of enhancing the security of a proprietary network by monitoring traffic and noting unusual actions or departures from normal operation... (Continued) Definition
-
HIDS/NIDS (host intrusion detection systems and network intrusion detection systems)
Host intrusion detection systems (HIDS) and network intrusion detection systems (NIDS) are methods of security management for computers and networks... (Continued) Definition
-
Diffie-Hellman key exchange (exponential key exchange)
Diffie-Hellman key exchange, also called exponential key exchange, is a method of digital encryption that uses a number raised to specific powers to produce decryption keys that are never directly transmitted, making the task of a would-be code break... Definition
-
computer forensics (cyberforensics)
Computer forensics, also called cyberforensics, is the application of computer investigation and analysis techniques to gather evidence suitable for presentation in a court of law. Definition
-
ultrasound
Ultrasound is acoustic (sound) energy in the form of waves having a frequency above the human hearing range. Definition
-
Countdown: Top 5 ways to tune IDS/IPS to meet business needs
In this podcast, we'll count down the top five ways to tune an IDS/IPS to make sure it's meeting the business requirements you purchased it to meet. Podcast
-
Meeting business goals with network security technologies
This video will discuss how moving from primary business functions to more detailed business tasks can help identify goals that network security can assist in meeting. Video
-
Countdown: Top 5 ways to tune IDS/IPS to meet business needs
In this podcast, we'll count down the top five ways to tune an IDS/IPS to make sure it's meeting the business requirements you purchased it to meet. Podcast
-
SIMs tools and tactics for business intelligence
Security information management systems (SIMs) automate the process of looking through logs to help produce effective reports, issue alerts and do forensics. In the era of regulation, organizations also need added visibility into their networks and a... Video
-
Webcast: The business case for intrusion, perimeter defense security
In this presentation, Joel Snyder explains how to secure the necessary funds to implement intrusion defense and perimeter defense security tactics. Webcast
-
Intrusion detection and prevention: IDS/IPS security guide
This guide is a compilation of SearchSecurity.com's best resources on intrusion detection and prevention. It covers not only the basics of what they are and how they work, but also discusses several other important areas of IDS and IPS security, incl... Learning Guide
-
Wireless intrusion detection systems: WLAN security and protection guide
In this mini learning guide, which is a part of the SearchSecurity.com IDS/IPS Security Guide, security managers and staff will learn more about wireless intrusion detection systems and WLAN security, including how to use a WIPS to monitor wireless t... guide
-
IPS IDS best practices: Implementation and deployment
In this mini learning guide, which is a part of the SearchSecurity.com IDS/IPS Security Guide, security pros will learn more about IPS/IDS best practices for deployment and implementation in the enterprise. guide
-
Intrusion detection: How to use IDS IPS tools to secure the enterprise
In this mini learning guide, security managers and professionals will learn about the features and capabilities of some of the most popular IDS/IPS tools available today, and well has how to use them. guide
-
Introduction to IDS IPS: Network intrusion detection system basics
This one-page guide, which is a part of the SearchSecurity.com IDS/IPS Security Guide, acts as an introduction to both IDS and network intrusion prevention system (IPS) technology. Here, security professionals will learn how to determine which IDS/IP... guide
-
RTP attacks: How to prevent enterprise data exfiltration
How big of an issue are RTP attacks in the context of all attacks via covert channels? Nick Lewis looks at tunneling for enterprise data exfiltration. Answer
-
Marty Roesch pushes collective analysis, underscores cyberthreat intelligence
Sourcefire CTO Marty Roesch introduced cloud-based analysis for threat intelligence gathering. Network security monitoring platforms like RSA NetWitness may be headed in a similar direction. News
-
Quiz: Network content monitoring must-haves
See if you know the essentials of network content monitoring in this SearchSecurity.com Security School quiz. Quiz
-
Best Intrusion Detection/Prevention Products 2011
null
-
Readers' Choice Awards 2011
Best Security Information and Event Management Products 2011 null
- See More: All on Network Intrusion Detection (IDS)
About Network Intrusion Detection (IDS)
Find intrusion systems, tools and tactics, such as Snort and Nessus, designed to help you manage host-based and network-based IDSes, minimize false positives, and learn how to use intrusion detection methods and devices to create a solid and secure network foundation.