Article
With Public Cloud OS Instances Growing, Security Challenges Grow, Too
Tue, 03/13/2018
“Some cloud vendors tout that systems deployed within their framework require little or no administration: You create an image with the software and applications that you want it to provide services for, spin it up in a management console, and Voila! you have an entirely new system online; with minimal cost, no hassle, little work. However, even with newer models for virtualization appearing on...
Quote
Event Manager Pricing
Event Manager manages potential vulnerabilities proactively using centralized security management and real-time information, making this SIEM solution a vital tool in avoiding devastating data breaches caused by both insider risks and external threat actors. Whether these threats come from internal or external sources, Event Manager is able to send a prioritized alert notifying your team of a...
Demo
Event Manager Demo
Having trouble prioritizing critical security events and responding to security threats quickly? You’re not alone. Event Manager is a real-time cybersecurity insight and response platform, designed to help your existing staff respond to critical security threats faster. What do I get with Event Manager? Real-time threat detection Normalization of disparate data sources Translation of data into...
Trial
Event Manager Trial
Having trouble prioritizing critical security events and responding to security threats quickly? You’re not alone. Event Manager is a real-time cybersecurity insight and response platform, designed to help your existing staff respond to critical security threats faster. Event Manager can effectively: Detect potential threats in real-time Separate critical events from the noise Translate data into...
Blog
When Security Becomes a DevOps Blind Spot
By Bob Erdman on Mon, 02/05/2018
One question is often left unasked in DevOps strategy meetings: what about security?
On-Demand Webinar
Create Your Cloud Security Strategy
By Bob Erdman
Public, private, and hybrid cloud architectures are rapidly transforming the landscape of traditional data centers and your security strategies must transform with them. Watch this on-demand webianr to learn cloud security best practices.
Datasheet
Event Manager
Event Manager is a cybersecurity insight and response platform that ensures critical events get the attention they require. Schedule a demo today.
Article
Audit Tested & Audit Approved Instant Authority!
By Robin Tatam on Fri, 03/24/2017
Introduced by IBM to support TCP/IP services, a profile swap allows a job to change midstream and run under a different profile than the one that started it.
Guide
Controlling SSH for Security and Compliance
SSH is nearly ubiquitous in today’s enterprises, and is the predominant tool for managing unix and linux servers, and the applications and data that they host. Poor practices around the deployment and management of the SSH infrastructure could easily leave your enterprise vulnerable to a breach. Are you in control? SSH, Secure Shell protocol, is now nineteen years old and broadly deployed across...
Guide
Essentials for Privileged Access Management
Learn how you can effectively and efficiently control privileged UNIX and Linux accounts from accessing data or executing any application by using centralized access management.
Guide
Our Privileged Access Management Solution - Your Sudo Replacement
Learn how to reduce the risk of insider fraud, streamline regulatory compliance, and greatly reduce administration efforts with an effective privileged access management solution.
Article
Managing IT Access Privileges
Mon, 03/13/2017
THE UNSOLVED PROBLEM Secure, private, effective use of computers by a company (including hosted, cloud and other services as well as the company’s own systems) relies on managing access privileges. The problem isn’t unique to computers. Office buildings, hotels, apartments and college dorms, for example, typically have “master keys” (or smart ID badges) that can open many-toall of the locks in the...
Article
New Approaches to the SWIFT and PCI-DSS Framework
Mon, 03/13/2017
THE WORLD OF COMPLIANCE At the official start of summertime 2016 in Britain we are starting to consume the labour of last autumn, five gallons of alcoholic homemade cider (yum!) made from eight apple varieties grown in mine and my neighbors’ gardens. I’m very VERY careful sterilizing glassware, containers, and buckets: there was this unfortunate incident three years ago (no, you don’t want to hear...
Article
Pros and Cons for Puppet's Configuration Management & Security
Mon, 03/13/2017
THE GOOD, THE BAD AND THE UGLY I was at the Red Hat Summit in Boston at the end of June. We had a lot of activity at our exhibitor stand, and a lot of discussions being passed on to me by our sales team I continued to have the same conversation again and again over the three days. This seems to be the year people have finished bedding down Puppet in their server/VM infrastructure, and are looking...
Article
Solving Healthcare Security Concerns
Mon, 03/13/2017
According to a recent KPMG report, four-fifths of executives at healthcare providers and payers say their information technology has been compromised by cyberattacks. That same report presents how the increased risk to healthcare organizations relates to the richness and uniqueness of the information that health plans, doctors and hospitals handle. Apart from typical financial fraud, there is also...
Article
Sudo or SuDon't: Manage Your Privileged Command Execution and Sudo Policies
Mon, 03/13/2017
System admins need root level authority at all times, system operations staff needs periodic database and application account authority, and security admins needing to protect the environment are some of the few of the challenges of managing privilege in the enterprise server infrastructure. Read this article to learn more about Sudo alternatives.
Blog
How “Smash and Grab” Compromises IBM i
By Robin Tatam on Wed, 03/08/2017
During an audit a few years ago, I revealed to the client’s security team that corporate payroll information on every employee, including the CEO, was being archived in an output queue (called PAYROLL) for weeks at a time. Due to poor configuration, this information was accessible to every employee.
Article
The Modern Alternative to Authority Adoption
By Robin Tatam on Wed, 03/08/2017
There are several considerations with authority adoption. Each is important but can usually be accommodated. But what is the effect if the program owner has the same or less privileges than the user that called the program?