ArcSight Logger is a turnkey appliance for collection, efficient storage, and high-performance search and reporting of all enterprise log data. Read this paper to learn more details. 

Using OS lock down scripts can be time consuming and error prone. Keeping those scripts up-to-date as new guidelines are published requires a continuous cycle of research, interpretation, and script revision. Do you really have time for this? Security Blanket automates the process of locking down Linux and Solaris operating systems. 

Read this paper to learn about a new approach to compliance that seeks to move beyond the short-term goal of passing an audit and to incorporate compliance into an organization's operations in a more proactive sense utilizing the Capability Maturity Model. 

McAfee PCI Pro provides a comprehensive file integrity monitoring (FIM), audit trail and network configuration audit solution designed to help merchants and service providers quickly, easily and cost-effectively meet the following requirements of v 1.2 of the Payment Card Industry Data Security Standard (PCI DSS). 

On the surface, virtualized datacenters appear to have all of the same vulnerabilities and security challenges as conventional datacenters. With virtual machines, new challenges minimize the effectiveness of traditional protections. Read on to learn what it takes to secure today’s virtualized data centers. 

In a typical healthcare organization, hundreds to thousands of medical and support staff need to access patient data to do their job. How do you effectively enforce access controls to hospital information systems without hampering medical care efficiency and effectiveness? Read this paper and learn how. 

Authored by database security expert Ron Ben Natan, Ph.D., "HOWTO Secure and Audit Oracle 10g and 11g" (CRC Press) is the definitive 454-page guide for both security pros and DBAs. Chapter 2, presented here, covers topics central to hardening the database. 

CodePro AnalytiX provides you with the metrics you need to incorporate self-improvement and optimization into the software process. Thus, CodePro AnalytiX is a full set of tools to support your organization in its quest for sustainable high levels of software quality, security and productivity 

Entraction has no reservations about the effectiveness and efficiencies that are possible using device fingerprinting paired with device reputation; this is real data pulled from the user's computer, coupled with fact-based evidence of fraud from that computer's past. Read this case study to learn about how Entraction is fighting fraud. 

Read this chapter from "HOWTO Secure and Audit Oracle 10g and 11g" (CRC Press, 2009) and learn how to secure Oracle by checking for weak passwords, configuring failed login policies, preventing DoS attacks with resource limits, and auditing user profiles. 

Building security into the software development lifecycle takes more than just a plan. You need the support of both the development and security/audit organizations to make it work. This podcast, featuring Diana Kelley, presents a plan for selling the value of security to all of the constituencies who matter in your organization.