Category


Latest Blogs

All Blogs »

March 16, 2017 | Embedded Systems and Internet of Things
By Aaron Turner, IANS Faculty

 Balancing Business Benefits with IoT Dangers

Some say IoT stands for Internet of Threats, but businesses and consumers are rushing headlong into the adoption of everything from wearables to smart buildings. In this report, IANS Faculty Aaron Turner examines the enterprise risks of IoT and explores defensive tactics to help build a short- and long-term strategy to effectively and securely employ IoT technology. 

Read More »


January 5, 2017 | Malware and Advanced Threats
By Dave Shackleford, IANS Faculty

 Information Security Trends for 2017

2016 was a challenging year for infosec, with the proliferation of ransomware, IoT botnets and more. What new attacks will surface in 2017, and what hot technologies are on the horizon to fight them? In this webinar and corresponding report, IANS Lead Faculty Dave Shackleford reveals major trends in store for IT security professionals in the coming year.

Read More »


November 28, 2016 | Embedded Systems and Internet of Things
By Chris Poulin, IANS Faculty

 Hidden Threats in Smart Buildings

In a quest to reduce energy consumption and make daily activities more convenient and pleasant for their occupants, smart buildings are becoming ever more interconnected, internet-connected and complex. In this report, IANS Faculty Chris Poulin details the latest advances in smart building technologies, the hidden threats they expose and key steps to take to ensure your smart building doesn’t become your latest threat vector.

Read More »


November 22, 2016 | Embedded Systems and Internet of Things
By Chris Poulin, IANS Faculty

 Mirai Defense: Detecting IoT Devices on the Network

The recent Mirai botnet that took down DNS provider Dyn underscored the risks associated with unmanaged, unsecured Internet-of-Things (IoT) devices. In this Ask-an-Expert live interaction, IANS Faculty Chris Poulin explains how to discover/detect rogue IoT devices on the network and track them over time

Read More »


November 14, 2016 | Endpoints
By Dave Shackleford, IANS Faculty

 Endpoint Protection: Burn and Churn

Malware containment has devolved into an arms race, with a steady stream of solutions and rapidly evolving new problems, leaving IT security struggling to keep up and make sense of it all. In this webinar, IANS Faculty Dave Shackleford examines the new players and techniques in the space, and reviews some of the tried-and-true strategies, including whitelisting, sandboxing, segmentation and configuration management.

Read More »


November 10, 2016 | Converged Infrastructure
By Aaron Turner, IANS Faculty

 Bluetooth Security Risks: An Overview

When it comes to evaluating Bluetooth security risks, it's important to divide up the technology into different sections and examine the potential risks of each. In this Ask-an-Expert written response, IANS Faculty Aaron Turner evaluates Bluetooth security from the perspectives of physical-layer, protocol implementation and application-layer vulnerabilities.

Read More »


October 18, 2016 | Mainframe and Legacy Systems
By Philip Young, IANS Faculty

 Mainframes, APIs and the False Sense of Security

Mainframes usually hold companies’ most sensitive, mission-critical data. As more organizations decide to open up their mainframe “crown jewels” to participate in today’s mobile/cloud world, however, is mainframe security keeping up? In this report, IANS Faculty Philip Young details the riskiest areas of the mainframe and explains how best to secure them against today’s threats.

Read More »


May 3, 2016 | Endpoints
By Bill Dean, IANS Faculty

 Designing the Ideal Endpoint Security Solution

The endpoint protection space has continued to evolve over the past few years. In this Ask-an-Expert written response, IANS Faculty Bill Dean offers recommendations for creating the optimal endpoint protection solution through a combination of prevention technologies and visibility tools.

Read More »


February 4, 2016 | Embedded Systems and Internet of Things
By Chris Poulin, IANS Faculty

 Security of Things: Billions of Reasons IoT Matters to You

IoT is more than just connected thermostats and Apple Watches; it’s expanding the security team’s jurisdiction to include HVAC and building controls, industrial-automation infrastructure and a growing list of products designed to integrate smart devices with legacy systems. In this report, we explain the landscape of IoT and present real-world policies and practices to protect sensitive corporate assets and data from "things," both sanctioned and rogue.

Read More »


January 6, 2016 | Endpoints
By Marcus Ranum, IANS Faculty

 Evaluating Application Whitelisting Solutions

Endpoint protection has evolved significantly over the last decade, and whitelisting has become an increasingly effective technique. In this Ask-an-Expert written response, IANS Faculty Marcus Ranum details the current state of the whitelisting market and explains the value of a strong configuration management process.

Read More »


November 24, 2015 | Endpoints
By Marcus Ranum, IANS Faculty

 Evaluating the Current State of Endpoint Security

Protecting the endpoint is one of the most difficult challenges security teams face. In this Ask-an-Expert written response, IANS Faculty Marcus Ranum outlines current approaches to containing malware and recommends that organizations focus on configuration management, rather than simply chasing the latest anti-malware technologies.

Read More »


November 10, 2015 | Endpoints
By John Strand, IANS Faculty

 The New Security Fundamentals: Kill Your Antivirus

As user needs and expectations evolve, security teams are faced with the challenge of effectively protecting these next-generation endpoints. In this Ask-an-Expert written response, IANS Faculty John Strand explains the benefits of implementing internal firewalls, offers a practical approach to Internet whitelisting and details a number of discrepancy analysis tools that security teams can use to identify deviations from the norm.

Read More »


September 18, 2015 | Endpoints
By Aaron Turner, IANS Faculty

 Detecting and Controlling Removable Media

While data security in the cloud may be top-of-mind for many CISOs, securing the endpoint and removable storage devices like USBs remains a critical task. In this Ask-an-Expert written response, IANS Faculty Aaron Turner details the tools available for controlling removable media, including commodity port and device controls, BIOS-based port and device controls and DLP USB/CD/DVD filters.

Read More »


August 26, 2015 | Endpoints
By Aaron Turner, IANS Faculty

 Key Considerations for Mitigating Browser Exploits

Browser protection has been at the forefront of information security professionals' minds for a long time, particularly with the traditionally widespread use of Internet Explorer. In this Ask-an-Expert written response, IANS Faculty Aaron Turner details various options available for mitigating browser security risks and explains the advantages of deploying a solution like Invincea.

Read More »


April 9, 2015 | Embedded Systems and Internet of Things
By Chris Poulin, IANS Faculty

 Exploring the Dark Side of IoT (Webinar Replay/Slides)

Regain Control: In this webinar, IANS Faculty Chris Poulin offers his take on how the Internet of Things (IoT) is creating a new class of devices that promise a richer life for individuals and optimized processes for business. We'll examine the real-world vulnerabilities posed by IoT and what can be done now to prepare for it.

Read More »