Ready, Set, Authenticate: Why You Need RSA SecurID® Access to Win the Race

There are times when trying to put together an effective authentication strategy feels like competing in track-and-field events. Business and IT are supposed to be on the same team, but far too often seem to be racing toward completely different goals. Sure, it’s important to get to the finish line fast, but not at the…

Breach Response: Mitigating an Outbreak

By Azeem Aleem, Gareth Pritchard and David Gray, RSA Advanced Cyber Defense It’s mid-2017 and the news is alight with yet another alarming cybersecurity attack. A new strain of a malware variant, which on first analysis looks very similar to a previously reported malware strain called “Petya” (ransomware armed with the EternalBlue exploit amongst other…

Detecting “Petya/NotPetya” with RSA NetWitness® Endpoint and RSA NetWitness® Packets

By Alex Cox, Christopher Elisan and Erik Heuser, RSA Research A Ransomware variant known as “Petya/NotPetya” began making the rounds on June 27, 2017. This ransomware takes a different approach to denying access to the victim’s files. Instead of the usual displaying of a message and letting the victim browse to really see that the…

YIN AND YANG: TWO VIEWS ON IAM – Global Risk Standards or States & Nations Policies

By Steve Mowll and Chris Williams POINT: Chris Williams – Advisory Architect, RSA Identity In our last blog, I stated the following about why we most commonly engage in security practices. And these two items were represented: We embrace identity projects because we need to satisfy compulsory mandates. We need to provide competitive protective services…

Key Considerations for Selecting a Consumer Authentication Vendor

The EU’s Payment Services Directive II (PSD2) has generated many questions from the financial services and payments industry. So much so we have found some in the industry turning to RSA for advice and guidance on the key considerations they need to put forth as they prepare to issue requests for proposals from potential consumer…

Protecting PingFederate® Users with RSA SecurID® Access

It’s 10 o’clock. Do you know where your users are? Believe it or not, there was once a time when this question was easy to answer. If “Steve” was logged into the corporate network, there was a very high-level of certainty you would find him sitting in his cube, on the 4th floor of building…

Blank Slate: A Tale of Two Malware Servers

In March 2017, Palo Alto Networks Unit 42 published research on a new malicious spam campaign dubbed “Blank Slate.” Named as such because the malspam message is empty. Only the malicious attachment is present, as seen in Figure 1. Figure 1: Blank Slate malspam e-mail Recently, Blank Slate struck deploying Cerber ransomware once again, affording…

Protecting VMware Workspace™ ONE™ Users with RSA SecurID® Access

While 1999 brought us the Breitling Orbiter 3, Warner Bros. sci-fi thriller “The Matrix,” and Britney Spears mega-hit “Baby One More Time,” it was also a banner year in cybersecurity. During the last twelve months of the millennium, we witnessed the advent of Microsoft’s Windows 98 release, the arrival of the American Express “Blue” card…

Yin and Yang: Two Views on IAM – Active Directory Automation, Success or Failure?

By Steve Mowll and Chris Williams Point: Effective identity management strategies are business-based, and should rise above technical limitations. Steve Mowll, Identity Architect, RSA True point, but in order to have effective strategies, they must be directed towards a desired outcome. Let’s take a look at this idea using Active Directory (AD) projects as an…

Completing the Puzzle

In a previous blog I reviewed the real world pay back for being a risk leader.  Let’s say your company gets it, they know that good risk management increases the likelihood objectives will be fulfilled and profits improved, and now you’ve been given the assignment to start the risk management program to make your organization a…