Identity & Access Management

Non-malware Penetration Techniques of an Advanced Attacker – Podcast #246

Written on May 16, 2013 by SOS Podcast

Comments

The level and sophistication of advanced threats is a constantly moving target pitting the advantages of smart and patient attackers against security teams that often times can’t possibly know what to look for when an attacker employs specialized techniques and tools designed to cloak their movements. What happens when an attacker doesn’t have to rely on malware to infiltrate their target or when an attacker is able to successfully blend in like a legitimate insider? In this edition of the Speaking of Security Podcast, Tom Chmielarski, Practice Lead in RSA’s Advanced Cyber Defense Services shares some of the attack techniques he’s seen used in real breach cases, along with best practices used in the detection and defense of these advanced attacks.

Adaptive IAM: On the Front Lines of Cyber Security

Written on May 13, 2013 by Sam Curry

Comments

Like most technologies, Identity and Access Management (IAM) has been challenged by new business and IT trends that are causing serious disruptions in how we approach information security. The exponential growth of digital identities coupled with the increasing use of software as a service and mobile and cloud platforms have made the traditional perimeter all but disappear. As a result, legacy IAM tools that have been a security mainstay for decades are simply failing to keep up.

The Sea of Trust: Cloud, Big Data and Security at EMC World

Written on May 9, 2013 by Bob Griffin

Comments

In his #EMCworld keynote on Tuesday morning, Joe Tucci used the phrase “the sea of trust” to capture the pervasive role that security has to have in the success of the “third platform” of mobile, cloud and big data. It’s a great metaphor, reflecting not only the pervasiveness that security has to have, but also the dynamism and power that it needs to embrace.

What else is happening in infosec and fraud these days?

Written on March 12, 2013 by Identity and Data Protection Beat

Comments (One)

I have mostly written about mobile apps; specifically on apps becoming an integral part of our daily lives. This is a fact that can be proven by the increase in the number of apps available and downloaded via public app stores. So what else is happening in the information security world? We are bombarded with news articles each day. The key is to identify the combined impacts of these seemingly disparate trends ̶ or news and see the big picture and may be even predict the future.