IT research and advisory firm Gartner, Inc. has evaluated different vendors in the Magic Quadrant for Security Awareness Computer-Based Training (CBT). Gartner’s evaluation criteria includes market understanding, marketing strategy, sales strategy, product strategy and offering, business model, vertical/industry and geographic strategy, and innovation. What is security awareness computer-based training? End-user-focused security education and training is a rapidly growing market. Demand is…
Posts published in “Security”
IBM Security Guardium is designed to help safeguard critical data. Guardium is a comprehensive data protection platform that enables security teams to automatically analyze what is happening in sensitive-data environments (databases, data warehouses, big data platforms, cloud environments, files systems, and so on) to help minimize risk, protect sensitive data from internal and external threats, and seamlessly adapt to IT…
Here are some collections from Internet about Threat Hunting tools, information and resources. 1. Kansa GitHub – Davehull/Kansa http://trustedsignal.blogspot.com/search/label/Kansa http://www.powershellmagazine.com/2014/07/18/kansa-a-powershell-based-incident-response-framework/ Kansa: A PowerShell-based incident response framework
World’s Biggest Data Breaches Thanks to Lewis Morgan, social media manager at IT Governance. He has compiled this list by month and year since 2014, might be earlier. What I did is to put his month or year list into my this post and count the numbers for leaked records which some of them were missing from original post. Here are…
This post is to collect Internet resources regarding threat modeling. There are some other similar posts regarding Threat Intelligence and Threat hunting. Search my blog you will find more. Threat Modeling Methodologies for IT Purposes Conceptually a threat modeling practice flows from a methodology. Numerous threat modeling methodologies are available for implementation. Based on volume of published online content, the…
The Qualys Cloud Platform and its integrated apps can simplify security operations and lower the cost of compliance by delivering critical security intelligence on demand and automating the full spectrum of auditing, compliance and protection for IT systems and web applications. Qualys Scanner Appliance is an option with the Qualys Cloud Platform. With the Qualys Scanner Appliance, you can easily…
One of the top scams happening in Canada is CRA Scam, also called Income Tax Scams. Over $5 million was lost to income tax scams in 2017. The Canada Revenue Agency (CRA) is warning Canadians to be careful of emails, voice mails, even mail claiming to be from the CRA. These are phishing scams that could result in identity thefts. Email…
Gartner Magic Quadrant for Intrusion Detection and Prevention Systems (2018, 2017, 2015, 2013, 2012, 2010 …)
0
According to Gartner, “The network intrusion prevention system market has undergone dynamic evolution, increasingly being absorbed by next-generation firewall placements. Nextgeneration IPSs are available for the best protection, but the IPS market is being pressured by the uptake of advanced threat defense solutions. This Magic Quadrant focuses on the market for stand-alone IDPS (IDP / IPS) appliances; however, IDPS capabilities…
A web application firewall (WAF) is an application firewall for HTTP applications. It applies a set of rules to an HTTP conversation. Generally, these rules cover common attacks such as cross-site scripting (XSS) and SQL injection. While proxies generally protect clients, WAFs protect servers. A WAF is deployed to protect a specific web application or set of web applications. A…