loading content...

Application Security

  • Securing Enterprise Applications
  • Secure Agile Development
  • Pragmatic WAF Management: Giving Web Apps a Fighting Chance
  • 2014 Open Source Development and Application Security Survey Analysis
  • Security Analytics with Big Data
  • Defending Against Application Denial of Service Attacks
  • API Gateways: Where Security Enables Innovation
  • Securing Big Data: Recommendations for Securing Hadoop and NoSQL
  • Building a Web Application Security Program

Cloud and Virtualization

  • The Security Pro’s Guide to Cloud File Storage and Collaboration
  • The Future of Security: The Trends and Technologies Transforming Security
  • What CISOs Need to Know about Cloud Computing
  • A Practical Example of Software Defined Security
  • Defending Cloud Data with Infrastructure Encryption


  • Tokenization vs. Encryption: Options for Compliance
  • Tokenization Guidance
  • Data Encryption 101: A Pragmatic Approach to PCI

Data Security

  • Cracking the Confusion: Encryption and Tokenization for Data Centers, Servers, and Applications
  • Trends in Data Centric Security White Paper
  • Defending Data on iOS 7
  • Dealing with Database Denial of Service
  • Understanding and Selecting a Key Management Solution
  • Pragmatic Key Management for Data Encryption
  • Understanding and Selecting Data Masking Solutions
  • Implementing and Managing a Data Loss Prevention Solution
  • Understanding and Selecting a Database Security Platform
  • Understanding and Selecting a File Activity Monitoring Solution
  • Database Activity Monitoring: Software vs. Appliance
  • The Securosis 2010 Data Security Survey
  • Understanding and Selecting a DLP Solution
  • Understanding and Selecting a Tokenization Solution
  • Understanding and Selecting a Database Encryption or Tokenization Solution
  • Low Hanging Fruit: Quick Wins with Data Loss Prevention (V2.0)
  • Database Assessment
  • Selecting a Database Activity Monitoring Solution
  • Report: Content Discovery Whitepaper

Endpoint Security

  • Endpoint Defense: Essential Practices
  • The 2015 Endpoint and Mobile Security Buyer’s Guide
  • Advanced Endpoint and Server Protection
  • Reducing Attack Surface with Application Control
  • The 2014 Endpoint Security Buyer’s Guide
  • The Endpoint Security Management Buyer’s Guide
  • Evolving Endpoint Malware Detection: Dealing with Advanced and Targeted Attacks
  • White Paper: Endpoint Security Fundamentals
  • Best Practices for Endpoint DLP

Identity and Access Management

  • Identity and Access Management for Cloud Services

Network Security

  • Network-based Threat Detection
  • Security and Privacy on the Encrypted Network
  • Defending Against Network-based Distributed Denial of Service (DDoS) Attacks
  • Firewall Management Essentials
  • Network-based Malware Detection 2.0: Assessing Scale, Accuracy and Deployment
  • Network-based Threat Intelligence: Searching for the Smoking Gun
  • Defending Against Denial of Service (DoS) Attacks
  • Network-Based Malware Detection: Filling the Gaps of AV
  • Applied Network Security Analysis: Moving from Data to Information
  • Fact-Based Network Security: Metrics and the Pursuit of Prioritization
  • Network Security in the Age of *Any* Computing
  • Understanding and Selecting an Enterprise Firewall

Project Quant

  • Malware Analysis Quant
  • Measuring and Optimizing Database Security Operations (DBQuant)
  • Network Security Ops Quant Metrics Model
  • Network Security Operations Quant Report
  • Project Quant Survey Results and Analysis
  • Project Quant Metrics Model Report

Security Management

  • Applied Threat Intelligence
  • Monitoring the Hybrid Cloud: Evolving to the CloudSOC
  • Leveraging Threat Intelligence in Incident Response/Management
  • Leveraging Threat Intelligence in Security Monitoring
  • Security Management 2.5: Replacing Your SIEM Yet?
  • Eliminate Surprises with Security Assurance and Testing
  • Security Awareness Training Evolution
  • Continuous Security Monitoring
  • Threat Intelligence for Ecosystem Risk Management
  • The CISO’s Guide to Advanced Attackers
  • Building an Early Warning System
  • Implementing and Managing Patch and Configuration Management
  • Vulnerability Management Evolution: From Tactical Scanner to Strategic Platform
  • Watching the Watchers: Guarding the Keys to the Kingdom (Privileged User Management)
  • Security Management 2.0: Time to Replace Your SIEM?
  • Security Benchmarking: Going Beyond Metrics
  • React Faster and Better: New Approaches for Advanced Incident Response
  • Monitoring up the Stack: Adding Value to SIEM
  • Understanding and Selecting SIEM/Log Management
  • The Business Justification for Data Security

Web and Email Security

  • Quick Wins with Website Protection Services
  • Email-based Threat Intelligence: To Catch a Phish
Featured Article

The more things change, the more they stay the same. We’ve been talking about Reacting Faster and Better for years and will continue to do so, since trying to prevent every attack remains futile. So the best path forward is to continue advancing the ability to prevent attacks, but to spend as much time focused on detecting attacks that successfully compromised your defenses. This detection-centric view of the world has been a central theme in our research and consists of a variety of areas to focus on, including the network, endpoints and applications.

We know many organizations have already spent a bunch of money on detection — particularly intrusion detection, its big brother intrusion prevention, and SIEM. But these techniques haven’t worked effectively either, so now is time to approach the issue with fresh eyes. By taking a new forward look at detection, not from the standpoint of what we have already done and implemented (IDS and SIEM), but instead in terms of what we need to do to isolate and identify adversary activity, we will be able to look at the kinds of technologies needed right now to deal with modern attacks. Times have changed and attackers have advanced, so our detection techniques need to evolve as well.

  • Application Security

  • Cloud and Virtualization

  • Compliance

  • Data Security

  • Cracking the Confusion: Encryption and Tokenization for Data Centers, Servers, and Applications
  • Endpoint Security

  • Endpoint Defense: Essential Practices
  • Identity and Access Management

  • Network Security

  • Network-based Threat Detection
  • Project Quant

  • Security Management

  • Applied Threat Intelligence
  • Web and Email Security