Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.
Security Community Blog
Showing posts tagged with Symantec Security Information Manager
Showing posts in English
vgtero | 02 May 2014 | 0 comments

A new report from the Ponemon Institute, “Exposing the Cybersecurity Cracks: A Global Perspective,” concludes that global security professionals find themselves “deficient, disconnected, and in the dark” in combating cyber threats.

Despite the fatalistic tone in this report, I don’t believe that as security pros, you are the type who would just shrug your shoulders, say “cie la vie”, continue with business-as-usual, and hope for the best. As security professionals, you are excellent at problem solving and thrive at these challenges! You are probably in the midst of figuring out strategies or executing plans to address these deficiencies and remove these feelings of “security inadequacies”.  Many of you are multi-taskers, shoring up your organization’s security and risk management capabilities; at the same time, executing transformative activities such as migrating applications to a software-defined environment. 

At Symantec, we continue to develop solutions...

smartblogger | 28 Jan 2014 | 0 comments

An SSL certificate is a mode of authenticating a website and securing the transactions, as well as the data communicated through the website by users. It is, therefore, a critical tool for any website that is involved in e-commerce or similar ventures. Any responsible webmaster understands the indispensable value of this tool to the success of their website.

The first step to have your website SSL certified involves acquiring an SSL certificate from the companies that deal in internet based security. These companies will create the certificate for the website as well as a private key. The private key is what enables the webmaster to use the certificate that they have acquired. Many times SSL certificate India providers, in order to boost the security of the certificate; will delete all copies of the key from their server. This means that a webmaster must store his or her copy of the key quite securely to prevent it from getting lost. The webmaster will need to sign the...

captain jack sparrow | 03 Dec 2013 | 0 comments

can transmit information between computers using high-frequency sound waves inaudible to the human ear. The duo successfully sent passwords and more between non-networked Lenovo T400 laptops via the notebooks’ built-in microphones and speakers. Freaky-deaky!
The infected victim sends all recorded keystrokes to the covert acoustical mesh network. Infected drones forward the keystroke information inside the covert network till the attacker is reached.

ref:
http://www.pcworld.com/article/2068525/researchers...

smartblogger | 04 Jul 2013 | 0 comments

SSL certificate has been used to secure credit card transactions, login and transfer of data. It has recently been used to secure browsing in social media sites. This certificate binds together domain, server, and host names. They are also used to bind company name and location. It is advisable for a company or organization to install this certificate in order to have secure sessions during browsing. SSL is the abbreviation for Secure Socket Layer. It is a protocol used to ensure safety of transactions between web servers and browsers. A website with this certificate ensures all participants in that space are secure, including the end users. There are different types of certificates. They include single, multiple domain, extended validation single domain, extended multi domain, UCC Exchange and Wildcard.

Purpose of SSL Certificate

This certificate is essential for online businesses and organizations. When running an online business, your...

James Hanlon | 10 Jun 2013 | 1 comment

You must have been taking a long (and probably well deserved) holiday if you have not noticed the increasing use of the term “cyber” in the press recently.

Anything security related is now a cyber risk, a cyber incident or a cyber attack. Governments are driving cyber strategies, citizens need to be cyber aware, businesses are tabling cyber projects, companies are building cyber capabilities, vendors are creating cyber solutions and consultancies are creating cyber practices to help you enhance your cyber resilience.

With all this hype, the key question is - what is different from the infrastructure and information security we have been doing for years and this new cyber approach? This is a good question because everyone seems to have a different perspective on cyber. And for very good reasons.

At Symantec, we get the opportunity to discuss the different interpretations of cyber with many types of users and businesses – consumers, small and...

MFox70 | 31 May 2013 | 1 comment

Does your customer have a requirement for monitoring servers or for Intrusion Detection? Are they asking about Real-time File Integrity Monitoring (FIM)? Have they recently failed an IT compliance or regulatory audit?

Usually a request to monitor server activity, or user and administrative access to a server, is driven by a few business needs.

It could be a Compliance or Audit requirement, it could be to pass information to a Security Incident and Event Management tool (SIEM) or Security Operations Centre (SOC) team, but more typically it is deemed to be good IT behaviour to keep an eye on how your servers are being used on a daily basis.

Let’s think about the rationale for those points.

Firstly if you are being audited, or someone in a risk and compliance role is scrutinising your environment, the process of generating incidents which are then analysed and potentially acted upon is actually the housekeeping role that many engineers in IT...

Milan_T | 09 May 2013 | 0 comments

IT is tagged as a burden on business with huge annual expenses.

On the other hand businesses today face a considerable challenge to deliver ever-improving service levels to meet and exceed the expectations of their business users for service quality, availability, and security while optimizing resources and operations costs to manage and maintain the IT infrastructure. Monitoring and managing these increasingly complex infrastructures is a growing problem.

IT professional’s main challenge is to secure the increasingly time-intensive task of infrastructure and device management, increasing the overall availability of network resources to support broader use of converged technologies.

About ISMS:

Information Security Management System (ISMS) can foster efficient security cost management, compliance with laws and regulations, and a comfortable level of interoperability due to a common set of guidelines followed by the partner...

Vikram Kumar-SAV to SEP | 04 Feb 2013 | 0 comments

Symantec keeps tab on the changing Threat Landscape and incorporates relevant security on its products.Same is the story with SAV to SEP to now SEP 12..

When we had SAV in the market what our customer needed was just a Antivirus to protect their system from downtime..here antivirus was looked more as a Availability facilitator than a core security product..till early 2000.

Even though we had SCS (firewall and IPS) seclected people used the other features.

Starting from 2006-2007 that was a high rise in malware being created and vulnerabilities being exploited..slowly the trend changed and it all came down to money making malwares..

FakeAntivirus, Downadup, Various Blackmailing Trojans etc..here the audience was not high profile..and SEP 11 very well detect and blocks and does whatever it can..Slowly people started using IPS, ADC and found much more can be done with SEP and they are doing it..

However in last few years there has been targetted...

Al Cooley - DeepSight Product Management | 29 Jan 2013 | 0 comments

There has been a data explosion within security teams, as organisations everywhere seek to increase their effectiveness in preventing breaches of defences through improved correlation and data sharing. You have probably seen this happening within your own working environment, too.

In the quest to achieve this sought-after level of ‘good enough’ security, the findings of new research from the Enterprise Strategy Group, ‘Big Data Intersection with Security Analytics’, partially sponsored by Symantec, are encouraging.

You won’t be too surprised to hear that, in our ‘Big Data’ world, we are collecting a lot more data than we used to two years ago. There is only one direction in which that arrow is going to be pointing from now on. What is interesting here, though, is that lots of people are vested in this information to do their job – and that is likely to envelop even more people, across a wide range of roles over the next...

Deb Banerjee | 16 Nov 2012 | 0 comments

Amazon Web Services (AWS) clouds offer a variety networking security controls for segmenting and isolating EC2 instances running in that cloud. These controls address the following use cases

  1. Isolate EC2 instance from the public internet. E.g make those instances unaccessible from the public internet.
  2. Isolate EC2 instance belonging to an Enterprise from other EC2 instances belonging to other tenants.
  3. Within a tenant, isolate applications and departments from one another. This can be also be used to isolate application tiers from one another.
  4. Isolate applications and application tiers from one another within a tenants AWS network..

AWS Network Security Constructs

AWS offers a variety of networking constructs to implement these controls. These include VPC's, Gateways(Internet and VPN), NAT, Subnets, Routes, Security Groups and Elastic IP's.  These objects would be used to implement the above controls as...