Social Network For Security Executives: Network, Learn & Collaborate
Advanced Threat Protection (ATP) is used to protect against sophisticated, highly skilled, well funded and motivated threat actor . The solution uncovers advance threats across Endpoints, Network, Email and Cloud. These solutions are used to detect advanced persistent threats that existing controls are not able to detect or are simply not capable of doing it.
Advance threat protection is not about a single security solution, It is about a combination of security…
Added by Denise on November 29, 2019 at 4:30pm — No Comments
A Next-Generation Firewall (NGFW) is an integrated network platform that combines a traditional firewall with application specific granular controls to help them detect application specific attacks. They help detect attacks through application specific protocols such as HTTP, HTTPS, SMTP and so on. It also incorporates various network device filtering functionalities such as an intrusion prevention system (IPS), Web filtering and Email security. They also features functionalities such…
ContinueAdded by Denise on November 29, 2019 at 4:30pm — No Comments
Security Operations, Analysis and Reporting (SOAR) technologies support workflow management and automation by enabling the security operations teams to automate and prioritize activities for good business decision making.
1.Current Anti-Malware Coverage :
The goal of this metric is to provide an indicator of the…
Added by Denise on November 29, 2019 at 4:30pm — No Comments
Distributed denial-of-service (DDoS) attack is one in which a multiple sources attack a single target causing denial of service for legitimate users of the targeted system. The flood of incoming traffic totally overwhelms the system, hence denying service to legitimate users.
Key Program Metrics:
Loss percentage :
number of…
Added by Denise on November 29, 2019 at 4:00pm — No Comments
The scope of the project encompassing Business Units, Support Functions, 200+ Processes and 8500+ employees. The project was an outcome of the data pilferage risk envisaged in terms of sensitive customer information and financial data. The risk assessment took inputs from various avenues such as internal audits, external audits, risk event, control committees conducted with the Top Management, business requirement were driven by the…
ContinueAdded by Denise on November 29, 2019 at 3:30pm — No Comments
RSA conference is one of the leading security conference worldwide. It creates tremendous opportunity for vendors, users and practitioners to innovate, educate and discuss around the current security landscape.
Application security testing are tools and services that helps you discover security vulnerabilities in all kinds of applications. Current application security practices/tools available broadly falls into following…
ContinueAdded by Denise on November 29, 2019 at 3:30pm — No Comments
RSA conference is one of the leading security conference worldwide. It creates a tremendous opportunity for vendors, users and practitioners to innovate, educate and discuss around the current security landscape.
Deception Technology market is rapidly evolving with more & more vendors coming up with their unique offerings. Deception technology basically plants number of decoys which are indistinguishable with the…
ContinueAdded by Denise on November 29, 2019 at 3:30pm — No Comments
RSA conference is one of the leading security conference worldwide. It creates tremendous opportunity for vendors, users and practitioners to innovate, educate and discuss around the current security landscape.
User behavior analytics technology is in a way similar to SIEM technology but with certain subtle differences:
Added by Denise on November 29, 2019 at 3:30pm — No Comments
RSA conference is one of the leading security conference worldwide. It creates tremendous opportunity for vendors, users and practitioners to innovate, educate and discuss around the current security landscape.
The EDR market has emerged to satisfy the need for faster detection and response to Advance malwares attacks that bypass perimeter and other traditional security controls. An EDR tool has the capability to detect security incidents, either via…
ContinueAdded by Denise on November 29, 2019 at 3:30pm — No Comments
RSA conference is one of the leading security conference worldwide. It creates tremendous opportunity for vendors, users and practitioners to innovate, educate and discuss around the current security landscape.
A SIEM tool enables an organization to aggregate structured (logs from hosts, devices, applications, network etc.) and unstructured (News feed, Threat intelligence, articles etc) data and apply advance analytics onto it to detect security…
ContinueAdded by Denise on November 29, 2019 at 3:00pm — No Comments
RSA conference is one of the leading security conference worldwide. It creates a tremendous opportunity for vendors, users, and practitioners to innovate, educate and discuss around the current security landscape. Cloud Access Security Brokers (CASB) market has seen tremendous growth over past couple of years. Significant number of CASB vendors are already acquired by large security organizations and the trend will likely continue in future.
CASB is now a…
ContinueAdded by Denise on November 29, 2019 at 3:00pm — No Comments
RSA conference is one of the leading security conference worldwide. It creates tremendous opportunity for vendors, users and practitioners to innovate, educate and discuss around the current security landscape. The following blog enlists the top DLP vendors at RSAC 2017.
DLP is a set of security controls that helps organization protect their sensitive data, throughout its life cycle, across all platforms, from getting disclosed to unauthorized…
ContinueAdded by Denise on November 29, 2019 at 3:00pm — No Comments
RSA conference is one of the leading security conference worldwide. It creates tremendous opportunity for firewall vendors, users and practitioners to innovate, educate and discuss around the current security landscape.
A Next-Generation Firewall (NGFW) is an integrated network platform that combines a traditional firewall with application specific granular controls to help them detect application specific attacks. They help detect attacks through application…
Added by Denise on November 29, 2019 at 2:30pm — No Comments
IT-GRC solutions allows organizations to effectively manage IT and Security risks while reducing the cost and complexity of compliance. IT and Security GRC management solution are focused on leveraging near-real time information on IT and Security assets – application, data and infrastructure – that are increasingly virtual, mobile and in the cloud – and correlating that information in the context of business processes, policies, controls, as well as partners, supply chain and customers to…
ContinueAdded by Denise on November 29, 2019 at 2:00pm — No Comments
RSA Conference is one of the leading security conference worldwide. It creates tremendous opportunity for Enterprise mobility management vendors, users, and practitioners to innovate, educate and discuss around the current security landscape.
Enterprise mobility management (EMM) is a suite of products which allows you to safely enable the use of mobile devices in your organization. Employees today want to use their personal devices for checking corporate…
Added by Denise on November 29, 2019 at 2:00pm — No Comments
Here are some Tips To Evaluate Your Readiness Before Implementing Data Loss Prevention (DLP) Solution:
To draw true value from any DLP deployment an organization must first come up with a Data Loss Prevention specific policy to start with. The policy should clearly talk about…
Added by Denise on November 29, 2019 at 2:00pm — No Comments
Myth: – DLP is for IT and it is an IT Project | Truth: – DLP is for Business and it is a Business Project
DLP Solution is implemented by IT for the business with the close association of various business departments; DLP implementation requires strong upper management commitment and support, in-depth involvement of middle management, IT operation and business/data owners of various…
ContinueAdded by Denise on November 29, 2019 at 2:00pm — No Comments
WAF is specialized firewall designed to protect web applications (HTTP applications) from attacks such as cross-site scripting (XSS), SQL injection and other vulnerabilities that may exist. A WAF is able to detect and prevent unknown attacks by inspecting every HTML, HTTP/HTTPS, SOAP and XML-RPC data packet. Using WAF you can monitor the Input/Output traffic to your web applications. A WAF can also monitor access to web applications and can send access log data to other security tools…
ContinueAdded by Denise on November 29, 2019 at 2:00pm — No Comments
The term Security Information and Event Management (SIEM) finds its origin from the combination of Security Information Management (SIM) and Security Event Management (SEM). Where SIM focuses on the collection and long-term storage of log files, SEM focuses on real-time monitoring of (suspicious) behaviour. SEM does this by aggregating and identifying interesting log entries (events), often collected by a SIM implementation. A SIEM collects log files and security information from internal-…
ContinueAdded by Denise on November 29, 2019 at 2:00pm — No Comments
Threat Intelligence Program is a set of people, process and technology which enables you to proactively Identify, collect, enrich and analyze threat information, strategic and tactical, so that your organization is ever ready to defend and respond to any kind of cyber attacks. Threat intelligence as applied in conventional security is any information that helps you tune your security defenses, build an effective response program for any…
ContinueAdded by Denise on November 29, 2019 at 2:00pm — No Comments
2019
Started by Maheshkumar Vagadiya Jul 30, 2020. 0 Replies 0 Likes
Share the instances where you were able to convince the Executive management /board that CISO function is enabler rather then a hindrance.Thanks youMaheshContinue
Started by CISO Platform. Last reply by Yogesh Nov 19, 2020. 2 Replies 0 Likes
(question posted on behalf of a CISO member)Has anyone evaluated digital signature (like Docusign), any specific risk/ security areas to be looked into while finalising a vendor? Any and all inputs will be very much appreciated.Continue
Started by CISO Platform. Last reply by ANAND SHRIMALI May 20, 2020. 4 Replies 0 Likes
(question posted on behalf of a CISO member)What are your strategies for using Zoom in your organization after recent vulnerabilities in news about Zoom platform?Related Question: …Continue
Started by CISO Platform. Last reply by Bhushan Deo Mar 20, 2020. 12 Replies 0 Likes
(question posted on behalf of a CISO member)Due to CORONA virus most of the organizations are allowing their employees to work form home.Has any one issued security advisory for work from home ?Continue
Tags: #COVID19
# Manageengine Adaudit Plus -vs- Netwrix Auditor
# Rapid7 Nexpose -vs- Tenable Network Security Nessus
# Algosec Firewall Analyzer -vs- Tufin Orchestration Suite
# Hp Arcsight Siem Solutionarcsight Express -vs- Splunk Enterprise Splunk Cloud Splunk Light
# Cisco Meraki Mx Appliances -vs- Fortinet Fortigate
# Cloud Access Security Broker
# Distributed Denial of Service
# Network Advanced Threat Protection
Follow us
© 2021 Created by CISO Platform.
Powered by
Badges | Report an Issue | Privacy Policy | Terms of Service