Home >
> Auditing |
 |
|
|
|
An Information Technology (IT) audit or information systems (IS) audit is an examination of the controls within an entity's Information technology infrastructure. These reviews may be performed in conjunction with a financial statement audit, internal audit, or other form of attestation engagement. |
 |
|
Results 1 - 25 of 59 matches |
Sort Results By : Published Date | Title | Company name |
|
|
Software Assurance - An Executive Discussion on Securing the Enterprise |
| By : Fortify |
Published Date: Nov 19, 2008 |
|
While investments to secure the enterprise continue to rise, breaches into company systems and data are skyrocketing. These cyber crimes are consistently debilitating organizations operations, reputations and ultimately, viability. Today’s CEOs are demanding aggressive strategies to protect their business. CIOs and CSOs are working together to employ proven Business Software Assurance approaches across the enterprise to stay ahead of constant threats.
Download Now
|
 |
|
|
|
|
|
4 Key Steps to Automate IT Security Compliance |
| By : Qualys |
Published Date: Oct 31, 2008 |
|
This paper provides a detailed discussion of the internal and external regulatory challenges now faced by organizations, the scope of these challenges, and 4 key ways in which they can be addressed through better business processes and automation.
Download Now
|
 |
|
|
|
Sending, Receiving, and Tracking Large Files Securely |
|
|
In this datasheet, discover how it’s now possible to send large files in a way that’s safer and more affordable than FTP, courier services, and email attachments. Learn how to beat the security challenges that come with global collaboration and data sharing; avoid crippling data transfer problems like partial file delivery or network delays; and know where your file is every step of the way, from sendoff to final destination. Download your copy now.
Download Now
|
 |
|
|
|
|
|
A CISO's Guide to Securing Open Source Software |
| By : Fortify |
Published Date: Aug 15, 2008 |
|
For a CISO, open source introduces a new source of risk and unique security challenge: how do you influence developers over whom you have no direct management control? Jennifer Bayuk, former CISO of Bear Stearns, provides insight on best practices for evaluating, deploying and managing open source code.
Download Now
|
|
|
|
|
The Best PCI Audit of Your Life: Are You Ready? |
|
|
This white paper will detail a strategy that enables companies to painlessly gain PCI compliance and ensure effective security. By mapping technical controls to PCI standards and by continuously monitoring, assessing and reporting the status of your environment, Lumension’s Security Suite will make your PCI audit the most efficient and actionable of your life.
Download Now
|
 |
|
|
|
CA Siteminder Web Access |
| By : CA |
Published Date: Jul 15, 2008 |
|
CA SiteMinder Web Access Manager provides policy based authentication and authorisation, supports multiple advanced authentication techniques, identity federation, and single sign on for Web applications. Traditionally, access management infrastructure has been developed separately for each Web application, leading to duplication and limited control and audit capability. SiteMinder provides centralised capabilities plus extensive additional facilities. Butler Group is impressed with its fine-grained authorisation capabilities, support for advanced authentication techniques, support for a good range of user directories, identity federation based on established standards, and the scalable architecture. Overall, SiteMinder is an impressive solution for mid-sized and large companies who use numerous Web applications to deliver sensitive or business critical data.
Download Now
|
 |
|
|
|
Server Resource Protection: A Critical Element of IT Security |
| By : CA |
Published Date: Jul 08, 2008 |
|
This white paper analyzes common vulnerabilities in protecting server resources and suggests a solution based on Server Access Management and Auditing. Working together, server access management and auditing can improve regulatory compliance and data privacy, provide greater IT accountability, partition access to superuser and root accounts, assign more granular responsibilities to individual IT people, monitor activities, and correlate actions across multiple systems.
Download Now
|
|
|
|
|
Optimizing Infrastructure Control |
| By : Tripwire |
Published Date: Jun 06, 2008 |
|
This paper outlines the nature of infrastructure integrity, change auditing, and compliance solutions. It describes how an investment in configuration assessment and change auditing solutions can stabilize IT operations, lowering the operational costs associated with the IT infrastructure; be a force multiplier; and provide a solid foundation that increases the effectiveness of the investment in information security.
Download Now
|
 |
|
|
|
Proving Compliance with McAfee Total Protection for Data |
| By : McAfee |
Published Date: May 01, 2008 |
|
Companies feel a sense of security from encrypting data stored on corporate systems on desktops, laptops and mobile devices. They believe this act will protect their intellectual property, and sensitive customer information will remain safe and secure from unauthorized access. But that is not enough. Simply encrypting this information doesn’t help you prove compliance with external regulations or internal controls during a financial audit or legal discovery process.
Download Now
|
 |
|
|
|
Patch Management 2.0- Evolving Your Patch Management Technology |
|
|
The realities of security and compliance have changed considerably since patch management faced its first big paradigm shift some years ago. At that time many organizations wrestled with the transition from manual patching and remediation to an automated process. Of course, nothing in security is ever static, so it is no surprise that patch management has continued to evolve since then. Though still automated, today’s best patch management tools and techniques are significantly different from their predecessors.
Download Now
|
|
|
|
|
Gene Kim's Practical Steps to Mitigate Virtualization Security Risks |
| By : Tripwire |
Published Date: Mar 28, 2008 |
|
Tripwire founder/CTO Gene Kim provides seven practical steps that IT organizations can take to mitigate the unique security challenges of virtualization. While some are directed specifically at virtualized environments, many of these steps are solid best practices that apply to both physical and virtualized environments.
Download Now
|
|
|
|
|
|
|
|
|
|
|
Ensure the Integrity of your Content: ProofMark System Technical Overview |
|
|
This paper details the processes by which ProofMark tags electronic records with a self-validating cryptographic seal that acts as a "tamper indicator" based on a true and provable time-reference datum. With this it is able to provide instantaneous and irrefutable proof of authenticity, no matter where the data resides or who has controlled it.
Download Now
|
 |
|
|
|
|
|
Meeting the PCI Application Security Requirements: Building Compliance In |
|
|
The PCI DSS is demonstrably becoming a de facto standard of due care for any organization responsible for the privacy and integrity of data. The increased focus on application security in the latest revisions of the PCI DSS can be traced directly to many of the recent high profile breaches, where insecure applications have proved to be the point of access for hackers, and the source of data loss.
Download Now
|
 |
|
|
|
A Guide to Proactively Managing Endpoint Risk |
|
|
In this whitepaper, Patrick Clawson, Chairman & CEO of Lumension Security, will outline the importance of adopting a Positive Security Model that combines the power of vulnerability management, automated remediation, and whitelist application and device control to eliminate the risk of the unknown threat.
Download Now
|
|
|
|
|
10 Reasons your RADIUS Server Needs a Refresh |
|
|
For over a decade now, RADIUS servers have been a mainstay of dial-up and VPN access control. The rather inconspicuous RADIUS server, perhaps better known as that beige, general-purpose PC collecting dust in the corner of your data center, has proved sufficient for performing basic duties like validating passwords and granting network access.
Download Now
|
 |
|
|
|
Host Access Management with CA Access Control |
| By : CA |
Published Date: Sep 13, 2007 |
|
Your organization relies on servers to store and access to your most critical information resources. CA Access Control is a product that centralizes control and distributed enforcement of appropriate role-based access to sensitive server resources.
Download Now
|
|
|
|
|
Secure Remote Vendor Access to the Enterprise Data Center |
|
|
Enabling IT equipment vendors to perform remote service on your data centers helps maximize uptime and lower TCO—but at what risk? Dial-up modems and VPNs introduce security vulnerabilities and lack sufficient auditing capabilities—making it virtually impossible to track external access and maintain data center security. Download this white paper to learn how you can manage security risks, lower service-related costs, achieve regulatory and internal compliance, and more.
Download Now
|
 |
|
|
|
|
|
Identifying Critical Change Control Failure Points |
|
|
Identifying critical change control failure points in your infrastructure can help reduce the threat of costly downtime, potential security breaches, and compliance weaknesses. Read this paper for guidelines on how to identify and categorize systems that have characteristics which heighten risk.
Download Now
|
 |
|
|
| |
|
|
|
Results 1 - 25 of 59 matches |
Sort Results By : Published Date | Title | Company name |
|
|
<< Start < Previous 1 2 3 Next > End >>
|
More Security Topics |
|
Access Control, Anti Spam, Anti Spyware, Anti Virus, Application Security, Auditing, Authentication, Biometrics, Business Continuity, Compliance, DDoS, Disaster Recovery, Email Security, Encryption, Firewalls, Hacker Detection, High Availability, Identity Management, Internet Security, Intrusion Detection, Intrusion Prevention, IPSec, Network Security Appliance, Password Management, Patch Management, Phishing, PKI, Policy Based Management, Security Management, Security Policies, Single Sign On, SSL, Secure Instant Messaging, Web Service Security |
|
 |
|
