Video Screencast Help
Protect Your POS Environment Against Retail Data Breaches. Learn More.
Security Community Blog
Showing posts tagged with Critical System Protection
Showing posts in English
Richard Harsell | 20 Aug 2014 | 0 comments

We are looking to hire a CSP resident in the Raleigh, NC area.  The req can be found at:

http://www.symantec.com/about/careers/careers.jsp?areq=%2021145BR

Please contact Ryan Alves at ryan_alves@symantec.com.

Responsibilities

This Resident Consultant will be the trusted advisor in Symantec Data Center Security (DCS) - formerly Critical System Protection (CSP) - for a customer located in Raleigh, NC.  The successful candidate will be part of a team of onsite Consultants that support multiple Symantec technologies for this customer.  The primary responsibilities include:

  • Prevention and Detection policy testing, tuning, and automation
  • Customized reporting and analytics
  • Upgrade testing and deployment
  • Assist with daily administration and optimization of the DCS/CSP...
ryanschoenherr | 08 Jul 2014 | 0 comments

Need complete visibility into your environment?  Do you find yourself reactive to breaches or always behind intrusions?  MetriX dashboards can provide complete visibility into your security environment and give you the power to be proactive!

 

Check out MetriXdashboards for more information and ways to utilize MetriX to increase your efficiency.

 

EP dashboard.png

DLP dashboard.png

 

For more information or to schedule a demo please contact:

Ryan Schoenherr

810-877-1743

...

vgtero | 02 May 2014 | 0 comments

A new report from the Ponemon Institute, “Exposing the Cybersecurity Cracks: A Global Perspective,” concludes that global security professionals find themselves “deficient, disconnected, and in the dark” in combating cyber threats.

Despite the fatalistic tone in this report, I don’t believe that as security pros, you are the type who would just shrug your shoulders, say “cie la vie”, continue with business-as-usual, and hope for the best. As security professionals, you are excellent at problem solving and thrive at these challenges! You are probably in the midst of figuring out strategies or executing plans to address these deficiencies and remove these feelings of “security inadequacies”.  Many of you are multi-taskers, shoring up your organization’s security and risk management capabilities; at the same time, executing transformative activities such as migrating applications to a software-defined environment. 

At Symantec, we continue to develop solutions...

vgtero | 24 Apr 2014 | 0 comments

With the recently discovered Heartbleed vulnerability, information security professionals and end users are feeling the pressure and impact to better protect their information. The task of securing your organization and information can seem overwhelming.

Don’t miss out on this webcast to get step-by-step instructions on how to protect your business and information, and keep your communications secure. 

Join Us To Learn About:

  • What is Heartbleed and the impact it has
  • Understand how the vulnerability is exploited and how you can detect it
  • Steps you need to take to secure information now and going forward

Register at:  https://symantecevents.verite.com/31175/241406

A L Johnson | 08 Apr 2014 | 2 comments

Symantec launched its 2014 Internet Security Threat Report (ISTR), Volume 19, which highlights how cybercriminals unleashed the most damaging series of cyberattacks in history – ushering in the era of the “Mega Breach.” Please visit the ISTR landing page for this year’s report and supplemental assets.

 

SebastianZ | 11 Feb 2014 | 0 comments

Microsoft Security Bulletin

On Tuesday the 11th of February Microsoft released the monthly Security Bulletin Summary for February 2014. The summary includes 7 Security Bulletins - 4 are classified as critical; 3 as important:

 

  • MS14-010    Cumulative Security Update for Internet Explorer (2909921)

Vulnerability impact: Critical - Remote Code Execution
Affected Software:
Microsoft Windows, Internet ExplorerSumamry

  • MS14-011    Vulnerability in VBScript Scripting Engine Could Allow Remote Code Execution (2928390)

Vulnerability impact: Critical - Remote Code Execution
Affected Software: Microsoft Windows

  • MS14-007    Vulnerability in Direct2D Could Allow Remote Code Execution...
Brandon Noble | 30 Dec 2013 | 2 comments

I guess we need to face it. Sality is here to stay.

We have been dealing with new Sality variants for more than 8 years and the Sality.AE family for a little over 5…the variants keep coming. It has become one of the most common file infectors reported by Enterprise customers. With its ability to move through shares and disable AV, it’s one of the most destructive and tricky threats we have out there. That said, it’s not too hard to stop, provided you have two things. The first is an understanding of how it spreads and infects, the second is a willingness to mount the proper defense while you seek out the hidden pockets of this threat and eradicate it.

So, first things first. How does it spread?

This is a file infector and it can only spread through shares. Its uses two methods, I refer to as a “Push” and a “Pull” to infect. Managing these attacks will keep the threat from spreading to more computers.

 

...

captain jack sparrow | 03 Dec 2013 | 0 comments

can transmit information between computers using high-frequency sound waves inaudible to the human ear. The duo successfully sent passwords and more between non-networked Lenovo T400 laptops via the notebooks’ built-in microphones and speakers. Freaky-deaky!
The infected victim sends all recorded keystrokes to the covert acoustical mesh network. Infected drones forward the keystroke information inside the covert network till the attacker is reached.

ref:
http://www.pcworld.com/article/2068525/researchers...

darci_hunt | 14 Aug 2013 | 0 comments

Today, nearly all of an agency’s mission-critical functions depend on safe and secure information technology systems. With cyber threats ever evolving and growing at an exponential rate, and increased reliance on technology to deliver core services in government, a robust cyber defense is needed by agencies.

Continuous Monitoring is certainly not a new term, but if you were to ask 10 people how they would define this term, you’re likely to get 10 different responses. Ken Durbin, Cyber & Continuous Monitoring Practice Manager, Symantec, provided expert insights on Symantec’s view of Continuous Monitoring and how agencies are adopting continuous monitoring programs as a means to protect government data and infrastructure. Durbin also highlights the benefits, best practices and challenges to adopting a continuous monitoring program.

Continuous monitoring is one part of a six-step process in the NIST Risk Management Framework (RMF), from NIST...

MFox70 | 23 Jul 2013 | 0 comments

I attended a webinar recently which was talking about the move from physical to virtual servers in large corporations. The analogy used was that today, approximately 70% of all servers can be virtualised very quickly, but the remaining 30% can take several years of effort. Hypervisor vendors are working hard to sort this problem out, but the interesting finding was that a large section of that problematic 30% of servers are running legacy applications or are indeed legacy operating systems.

This is odd as you would think that any IT operations person would want to migrate a legacy server from physical to virtual hardware as soon as humanly possible.

 

Legacy systems are still around for a few reasons.

1 Laziness

2 Applications cannot be modified to work on newer OS platforms

3 Software Developers have long since left the company ( relates to point 2)

4 Legacy systems are connected to business critical servers, with little or no...