Video Screencast Help
Search Video Help Close Back
to help

Security Community Blog

Showing posts in English
Cyber Security Trends and Threats
tiffany_jones | 03 May 2013 | 0 comments

Recently, I had the opportunity to speak to an esteemed group of people at the Fordham Law Center on National Security.  My topic revolved around the latest Cyber Security Trends and Threats, relying on stats from Symantec's latest Internet Security Threat Report (just released last month).  The link to the report is here: http://www.symantec.com/security_response/publications/threatreport.jsp

Areas of discussion included the rise in highly targeted attacks, increased threat to small businesses, ransom ware, and the Elderwood Project. Attendees ranged from venture capitalists, law firm partners, law enforcement officials, business consultants, policy analysts, among others.  This was a great opportunity to raise awareness about the importance of cybersecurity and stress the importance of "shared responsibility".  We each have a role to play...

Read more
The importance of security certifications
Philip Routley | 02 May 2013 | 0 comments

Outsourcing your company’s security demands a supplier that is big enough, resilient enough and secure enough to do the job properly. This is why Symantec.cloud invests so heavily in its infrastructure. Our global footprint includes 18 data centres across four continents, two network operating centres and thousands of servers handling email, Web, and instant messaging traffic.

We apply the highest standards to our data centres because our customers demand the highest levels of confidentiality, data integrity and reliability. Certifications like ISO 27001 and audit report standards like SSAE 16 are vital external instruments to demonstrate the quality and security of our cloud services. 

This post will provide an overview of the various certifications and why they are important

What is ISO 27001?

ISO 27001 is a security management standard to guide the development and implementation of an Information Security Management...

Read more
Slides and Notes form Midwest DLP User Group Meeting - Apr. 24, 2013
Vicky P | 02 May 2013 | 0 comments

Minutes and Upgrade presentation are attached.

Read more
A question of Trust
MFox70 | 01 May 2013 | 0 comments

Whitelisting has been a buzzword used in the industry for the past 18 months or so, and is seen by some as a Panacea to beat Malware spreading within organisations and control threats inside your environment. Indeed, some of Symantec’s products use Whitelisting as an additional method of controlling software behaviour and limiting the applications that employees can or cannot use.

 

Whitelisting generally involves a process of learning exactly which applications, operating system components and hardware drivers are installed on a server or workstation, collating that information centrally, and then allowing an administrator to approve or deny the use of these tools.

Once this process has initially completed, enforcement of this list of applications is then applied to the target machines. Theoretically, this has given control back to the organisation in relation to what software is allowed to run on the corporate computers.

 ...

Read more
The Big Reveal: State Government’s 2013 Cyber Threat Levels Explained
Mike Maxwell | 01 May 2013 | 0 comments

* This article originally ran on StateScoop on April 30, 2013.

 

Each year, Symantec releases its Internet Security Threat Report (ISTR), which recounts—in exhaustive detail—a summation of the previous year’s cybersecurity actions, trends, threats, and opportunities.

(How do we get all this data? By leveraging Symantec’s Global Intelligence Network, which is comprised of more than 69 million attack sensors, and records thousands of events per second.)

Historically, the ISTR’s annual unveiling has always been (as Vice President Biden might say) a “big bleeping deal” for government stakeholders. But this year, it’s even more important, thanks to two additional factors:

  1. More than ever, governments this year are treating quantitative data as the key ingredient...
Read more
SEPM 12.1 and DLO 7.5 8443 port conflict
bartolomeu | 29 Apr 2013 | 0 comments

When you have installed both Symantec Endpoint Protection Manager and DLO Server 7.5 you can meet a port conflict. Both application use tomcat with default https port 8443.

i.e. if you have installed SEPM 12.1 and upgrade DLO to 7.5 you may encounter problems with logging to SEPM console like:

- Server Certificate is not present in your trusted store

- Unexpected server Error

Problem disappears after service Mindtree StoreSmart Dedupe Server (tomcat7.exe) is stopped.

DLO 7.5 have new feature: Dedupe Server, which uses tomcat on https port 8443, the same port that uses tomcat in SEPM.

I solved the problem by change DLO dedupe server port to 8443. I've edited "C:\Program Files\Symantec\Symantec DLO\Dedupe\Tomcat\conf\server.xml" file in notepad. I've updated all entries of "8443" to i.e. "8449".

Other possible solution is change the SEPM port. You can do it by "...

Read more
Antivirus benchmark and comparison result as at February 2013
John Santana | 28 Apr 2013 | 0 comments

Hi People,

I'm sharing the white paper that I have read over the weekend regarding the independent testing that benchmark the most common Anti Virus implementation in the industry.

The paper clearly indicates that Symantec Endpoint Protection outshines the competition due to the experience and the maturity in the Computer Security Industry.

Hope this article can be a helpful reference for you all.

https://www-secure.symantec.com/connect/sites/default/files/DennisLabs_EnterpriseAntiVirusProtectionReport_Feb2013.pdf

Cheers !

Read more
W32.Inabot - Support Perspective and Battle Plan
Brandon Noble | 25 Apr 2013 | 2 comments

I. BACKGROUND:
We have been receiving a few scattered cases of outbreaks from a file labeled snkb00ptz.exe or snkb0ptz.exe, but it seems to be on the rise.

It's normally considered poor troubleshooting to use the file name for any type of identification of a threat, but recent examples have made this practical. Even though these files were detected as many different threat names and families (Trojan.gen, w32.IRCBot.NG, Downloader, etc), the cases all reported the same behavior and symptoms.

After some additional investigation, Symantec Security Response has broken out detection for W32.Inabot. That's short for the Insomnia IRC bot. More information is available from the makers of this threat in their manual, here: http://pastebin.com/dvpu8Zwb

For those of you familiar with W32.Changeup, much of this...

Read more
Configuring Symantec Endpoint Protection 11.x for Maximum Protection
Mithun Sanghavi | 23 Apr 2013 | 0 comments

Hello,

The following general best practices document for configuring and managing SEP 11.0 was prepared by the Symantec product team.

It is always recommended to have the Latest version of SEP 11.x on your Client machines. Check this Article:

About Maintaining Consistency of Software Versions throughout a SEP 11 Organization

http://www.symantec.com/business/support/index?page=content&id=TECH131660

See the attached files for additional documents.

Here is a general outline for configuring SEP to maximize protection from today's emerging threats:

(This outline is in order of easiest to implement first)

  1. Implement recommendations from Symantec Security Response: http://www.symantec.com/docs/TECH122943
  2. Validate...
Read more
Symantec Collaborates with National Cybersecurity Center of Excellence
gschumm | 18 Apr 2013 | 0 comments

Recently a few of my colleagues and I had the opportunity to participate in the National Cybersecurity Excellence Partnership (NCEP) partner signing ceremony for the National Cybersecurity Center of Excellence (NCCoE).

Established in 2012 through a partnership between NIST, the State of Maryland and Montgomery County, the NCCoE is dedicated to furthering innovation through the rapid identification, integration and adoption of practical cybersecurity solutions. The approach taken by the NCCoE is to integrate commercially available technologies to build practical cybersecurity solutions that can be rapidly applied to the challenges that businesses face each day. 

The NCEP partner signing ceremony was held at the NCCoE in Rockville, MD and included speeches from:

  • NIST Director Patrick Gallagher
  • U.S. Senator Barbara Mikulski
  • Maryland Governor Martin O'Malley
  • Montgomery County Executive Ike Leggett
  • National Security...
Read more