Category: Product

The framework consists of five steps that begin with data ownership and classification and end with a clear and effective data protection program that enables incidents and breaches to be properly handled.

“The first step of Accuvant’s Data-Centric Security Framework is to understand and inventory our clients’ sensitive data handling and critical system ownership.

From this, we can determine the effectiveness of the current security program and system controls, and recommend the services and technologies that should be implemented to close the gap to get them where they need to be,” said Doug Landoll, director for Accuvant’s Risk and Compliance Management team.

“Defining what sensitive information exists, where it resides and how it must be protected is the underlying principle of Accuvant’s Data-Centric Security Framework, and ensures that our clients can make the most efficient use of their security dollars.”

Accuvant’s Data-Centric Security Framework is a departure from traditional DLP projects in that most are centered on the technology and assume that the organization has already defined its data, developed policies and put critical controls in place. Accuvant’s Data-Centric Security Framework turns this concept on its head and instead focuses on the sensitive data first, with a review of the existing controls and pragmatic use of available DLP tools and technology thereafter.

Step 2 – Locate: This step is for organizations that want to discover the location of all in-scope sensitive data assets, such as credit card data.

http://www.darkreading.com/security/management/showArticle.jhtml?articleID=224900104

Chris King, director of product marketing at Palo Alto, explained that it is building on key themes on the threat landscape and realising that there is a lot of applications that have a value but are fraught with risk.

It explained that its next generation firewalls combine three identification technologies to provide the necessary visibility and control over applications, users and content.

René Bonvanie, vice president of worldwide marketing at Palo Alto Networks, said that he believed that the market is ready for this, and he was happy with what was coming along.

http://www.scmagazineuk.com/next-generation-firewall-software-introduced-by-palo-alto-networks/article/164251/

The tools also work with NitroSecurity’s database application monitoring and IPS tools: “We work at Layer 7, so if someone tries to get into the database who shouldn’t,” the security team is alerted, says Jerry Skurla, executive vice president of marketing for NitroSecurity.

Eric Knapp, vice president of technology marketing for NitroSecurity, says SIEM and log management integration has been slow to emerge because of the heavy volume of logs.

http://www.darkreading.com/security/management/showArticle.jhtml?articleID=222300869&subSection=Security+administration/management

By adding support for digital signing and encryption, netForensics has employed the strongest security measures currently available to safeguard sensitive log data.

The nFX Cinxi One family of appliances processes the industry’s highest volume of events per second (EPS).

“With nFX Cinxi One, organizations operating on tight budgets no longer have to choose between a log management solution that demonstrates that proper security measures were in place after an attack and proactive threat management capabilities that would prevent an attack in the first place,” said Tracy Hulver, Vice President of Product Management and Marketing, netForensics.

http://news.thomasnet.com/fullstory/570881

The new framework provides more concise and actionable guidance for secure adoption of cloud computing, and encompasses knowledge gained from real world deployments.

“Sun’s technologies, best practices and work with leading industry organizations like the Cloud Security Alliance help provide our customers and partners with a framework for securing data in cloud environments,” said Lew Tucker, CTO, Cloud Computing, Sun Microsystems. “Security remains one of the major concerns for enterprise customers moving to the cloud,” said Glenn Brunette, Distinguished Engineer and Chief Security Architect, Sun Microsystems. “Sun’s new security tools will help address several of these fundamental issues and enable customers to realize the benefits of cloud computing while also managing risk and safeguarding critical assets.”

The OpenSolaris VPC Gateway software enables customers to quickly and easily create a redundant, secure communications channel to a Virtual Private Cloud without the need for proprietary networking equipment. Incorporating many of the security features of the OpenSolaris Operating System, including Solaris ZFS, Solaris Containers, and Solaris IP Filter and Auditing, the ISC architecture leverages service compartmentalization and improved integration techniques to create virtual machines with significantly improved security protection and monitoring capabilities. Security Enhanced Virtual Machine Images (VMIs): Using many of the techniques developed for the Immutable Service Container project, Sun created several security-enhanced VMIs for the Amazon Elastic Compute Cloud (EC2).

Using a simple Amazon S3-like interface, the Cloud Safety Box automates the compression, encryption and splitting of content being stored in the cloud on any supported operating system including Solaris, OpenSolaris, Linux and Mac OS X.

http://linux.sys-con.com/node/1225058

Gary Hemminger, vice president of product management at LogLogic, said: “With LogLogic 4.9, LogLogic continues to set the pace for the log management market.”

As evidenced by our recently granted patent for the storage of raw log data, LogLogic strives to continually innovate and deliver log management solutions that meet the changing IT environments that handle big data and new cloud computing architectures.”

http://www.scmagazineuk.com/loglogic-releases-version-49-of-its-log-management-software/article/159703/