John Sawyer, Apr 11, 2013
While there‘s some debate about the level of threat mobile devices pose, there ‘s no question that the threat is growing. With readily available information about the devices in use, and often few corporate safeguards in place, mobile devices are turning out to be a lucrative vector for attackers looking for an in to enterprise networks. In this Dark Reading report, we explain how the threat is growing, what attackers are targeting and why you need to be concerned.
John Sawyer, Mar 4, 2013
Protect the most fragile part of your IT infrastructure -- the endpoints and the unpredictable users who control them.
| Read Report » | 942 KB
John Sawyer, May 21, 2012
As malware gets increasingly sophisticated, so, too, must the technology and strategies we use to detect and eradicate it (or, better yet, stop it before it ever makes it onto network systems). There is no one product or product category that can do the job alone. Instead, security professionals must become familiar with—and adept at using—a combination of technologies. Security pros must also become skilled at connecting the dots among sometimes innocuous-seeming events to root out trouble. In this report, we examine the tools, technologies and strategies that can ease some of the burden.
John Sawyer, Apr 23, 2012
Data can find its way out through accidents or malice. Here are some tips for keeping your essential information from walking out the door.
| Read Report » | 938 KB
John Sawyer, Feb 13, 2012
iPhones, iPads and Android devices are making their way into your company—like it or not. These devices are opening a new gateway for malware that old security tools and procedures can’t completely close. Security professionals must combine education, policy development, and the use of existing tools and new mobile device management systems to effectively balance mobile device risk with productivity rewards.
| Read Report » | 971 KB
John Sawyer, Jan 23, 2012
The right forensic tools in the right hands are just a start. Here's how to best apply the lessons they teach to bolster your defenses.
| Read Report » | 490 KB
John Sawyer, Oct 3, 2011
The application layer has long topped the attacker hit list, and we continue to hear about data breaches exploiting software vulnerabilities. Yet secure application development remains a low priority in most enterprises. In this report, we provide a blueprint for making security an integral part of the software development life cycle.
| Read Report » | 663 KB
John Sawyer, Jun 7, 2011
Security monitoring, incident response and forensics are essential, even in the cloud. But the cloud by definition implies relinquishing at least some control, which can make these practices problematic. In this report, we identify the challenges of detecting and responding to security issues in the cloud and discuss the most effective ways to address them.
John Sawyer, Sep 11, 2010
We explain how your security and network teams can cooperate and use common tools to detect threats before your databases are compromised.
| Read Report » | 639 KB
John Sawyer, Jul 26, 2010
A complex maze of heterogeneous IT systems are being exposed to a world of sophisticated and aggressive criminal attacks. Today, passwords may not be enough to protect your critical services and sensitive data -- or your customers' privacy and credentials. In this Dark Reading Tech Center report, we explain how to choose the right authentication technologies based on risk management, overhead and cost.
| Read Report » | 2 MB