Results ordered by term relevance.

November 14, 2016 | Endpoints
By Dave Shackleford, IANS Faculty

 Endpoint Protection: Burn and Churn

Malware containment has devolved into an arms race, with a steady stream of solutions and rapidly evolving new problems, leaving IT security struggling to keep up and make sense of it all. In this webinar, IANS Faculty Dave Shackleford examines the new players and techniques in the space, and reviews some of the tried-and-true strategies, including whitelisting, sandboxing, segmentation and configuration management.

Read More »


November 18, 2016 | Team Structure and Management
By Dave Shackleford, IANS Faculty

 Security Operations Maturity Chart

For security organizations, understanding where you stand from a maturity perspective can offer valuable insight into which processes and procedures need to be improved. In this Ask-an-Expert written response, IANS Faculty Dave Shackleford charts benchmarks for certain aspects within information security, from event detection and incident management to metrics and data visualization

Read More »


October 20, 2016 | Encryption, Digital Signatures, Certificates, Tokenization
By Dave Shackleford, IANS Faculty

 Assessing Key Management Services Within AWS

There are a number of key management tools and services that organizations can use within the AWS cloud. In this Ask-an-Expert written response, IANS Faculty Dave Shackleford breaks down some of the major players in the space, including Amazon's own key management service, HyTrust DataControl and Vault.

Read More »


October 20, 2016 | Cloud Network and Host Controls
By Dave Shackleford, IANS Faculty

 Securing Hybrid Clouds

Hybrid clouds offer organizations the ultimate in flexibility, enabling IT to keep sensitive workloads in-house while taking advantage of the efficiencies and scalability of public clouds for everything else. But how secure is the setup? In this report, IANS Faculty Dave Shackleford steps you through the challenges of securing hybrid clouds and provides advice to ensure workloads remain secure, no matter where they are run.

Read More »


October 3, 2016 | Cloud Network and Host Controls
By Dave Shackleford, IANS Faculty

 IANS Cloud Security Update: Q3 2016

As more organizations move services and computing assets into cloud service provider environments, the need for adequate security controls grows as well. In this quarterly research report, IANS Faculty Dave Shackleford updates IANS’ clients on the new developments occurring in the cloud security arena.

Read More »


September 29, 2016 | Cloud Application and Data Controls
By Dave Shackleford, IANS Faculty

 Detailing Security Controls For Office 365

When deploying Office 365, organizations need to take a number of steps to ensure they are implementing the proper security controls as well. In this Ask-an-Expert written response, IANS Faculty Dave Shackleford explains the core security controls and settings that should be implemented, including configuring TLS encryption connectors for mail and enabling content searches for e-discovery.

Read More »


August 22, 2016 | Security Analytics and Visualization
By Dave Shackleford, IANS Faculty

 Assessing Tools for Data Lineage Visualization

Most tools for performing data lineage visualization fall into one of two categories: data analytics processing or fraud analytics. In this Ask-an-Expert written response, IANS Faculty Dave Shackleford details the top analytics processing and visualization tools, including some open-source options that can be used to analyze large quantities of logs and events.

Read More »


August 9, 2016 | Security Analytics and Visualization
By Dave Shackleford, IANS Faculty

 User Behavior Analytics: A Tools Overview

Over the past few years, a number of organizations have begun to implement a user behavior analytics program in an effort to combat things like insider threats. In this live Ask-an-Expert interaction with the security team at a large financial services organization, IANS Faculty Dave Shackleford assesses the current landscape of user behavior analytics tools and offers tips and pitfalls to consider when implementing such a program.

Read More »


January 6, 2017 | Cloud Application and Data Controls
By Dave Shackleford, IANS Faculty

 IANS Cloud Security Update: Q4 2016

As more organizations move services and computing assets into cloud service provider environments, the need for adequate security controls grows as well. In this quarterly research report, IANS Faculty Dave Shackleford updates IANS’ clients on the new developments occurring in the cloud security arena.

Read More »


January 5, 2017 | Malware and Advanced Threats
By Dave Shackleford, IANS Faculty

 Information Security Trends for 2017

2016 was a challenging year for infosec, with the proliferation of ransomware, IoT botnets and more. What new attacks will surface in 2017, and what hot technologies are on the horizon to fight them? In this webinar and corresponding report, IANS Lead Faculty Dave Shackleford reveals major trends in store for IT security professionals in the coming year.

Read More »


February 15, 2017 | Virtual Private Networks
By Dave Shackleford, IANS Faculty

 DirectAccess: Understanding the Pros and Cons

Microsoft's DirectAccess offers some clear operational and cost advantages for organizations, but it also brings with it some potential drawbacks from a security perspective. In this Ask-an-Expert written response, IANS Faculty Dave Shackleford assesses these pros and cons and details some of the security considerations organizations need to take into account when deciding to implement DirectAccess. 

Read More »


April 7, 2017 | Endpoints
By Dave Shackleford, IANS Faculty

 Choosing the Right Endpoint Security Solution for a Virtualized Environment

When it comes to protecting endpoints in a virtualized environment, how important is antivirus (AV) at the hypervisor and host level? In this Ask-an-Expert written response, IANS Faculty Dave Shackleford provides an overview of the virtualization-ready endpoint security solution market and suggests focusing on next-generation capabilities vs. AV going forward.

Read More »


April 7, 2017 | Cloud Network and Host Controls
By Dave Shackleford, IANS Faculty

 IANS Cloud Security Update: Q1 2017

As more organizations move services and computing assets into cloud service provider environments, the need for adequate security controls grows as well. In this quarterly research report, IANS Faculty Dave Shackleford updates IANS’ clients on the new developments occurring in the cloud security arena.

Read More »


January 4, 2017 | Regulations & Legislation
By Daniel Maloof, IANS Managing Editor

 Trump and Security: What to Expect in the New Administration

We all know incoming U.S. President Donald Trump is focused on physical security and building the wall, but what about cybersecurity policy? In this report, a handful of IANS Faculty detail what they believe we should expect from the new Donald Trump administration in terms of digital privacy, consumer protections, the EU-U.S. Privacy Shield, the U.S. Cybersecurity Framework and more.

Read More »


April 3, 2017 | Malware and Advanced Threats
By Mike Saurbaugh, IANS Faculty

 IANS Vulnerability and Breach Update: Q1 2017

A new vulnerability or breach seems to be discovered daily, but which should be taken more seriously and which are overhyped? In this report, IANS Faculty Mike Saurbaugh looks back over the major breaches and vulnerabilities of the past three months, explains them and provides real-world context and perspective.

Read More »


April 18, 2017 | Penetration Testing and Red Teaming
By Dave Kennedy, IANS Faculty

 Adversarial Simulations - Evolving Penetration Testing

Penetration testing has been given quite a few names over the past few years, including everything from “vulnerability scanning” all the way to “targeted and direct attacks” against organizations. This comes as attacker techniques themselves are shifting based on organizations adding more detection capabilities into their environments. In this webinar, IANS Faculty Dave Kennedy dives into some of the latest attack vectors and discusses why adversarial simulations are some of the most effective methods for building defenses within your organization. 

Read More »


August 23, 2016 | Intrusion Prevention/Detection (IPS/IDS)
By Dave Kennedy, IANS Faculty

 Detailing the Benefits of Network- and Host-Based IDS/IPS Solutions

Both network- and host-based IDS solutions are critical for organizations when it comes to quickly identifying threats. In this Ask-an-Expert written response, IANS Faculty Dave Kennedy breaks down the advantages and limitations of each and offers recommendations for organizations to get the most out of their IDS/IPS solutions.

Read More »