Why conventional protection fails against web threats

White paper trail

Wed 28 Jan 2009 // 12:42 UTC

And so to the Reg whitepaper library to inspect some security pitches. Here's a couple we thought deserved a wider airing.

Web threats: Why conventional protection doesn't work

This white paper from Trend Micro describes web threats, how they function, and their impacts. The paper argues that conventional security practices cannot cope with today's "blended techniques, an explosion of variants, and targeted regional attacks often based on social engineering to defraud users".

Trend calls for a "multi-layered, comprehensive set of techniques" - to ensure security, regulatory compliance, and business continuity. Sure enough, the IT security firm has its own version of this, the Trend Micro Smart Protection Network,. This is a "new type of security model that marries a lightweight desktop agent to Trend’s vast network-based resources in the cloud". An interesting read, nevertheless.

Seven essential steps to achieve, measure and prove optimal security risk reduction

This Qualys white paper also bangs on the security and the regulatory compliance drum. Rapid technology changes, new server and software deployments, and more sophisticated attack methods create the "greatest set of challenges faced by security and IT administrators trying to keep their systems secure and within regulatory compliance".

Sound similar to the Trend pitch? Qualys has a different take on how to keep the barbarian hordes at the gates. Noting that it is "impossible to secure what isn’t measured", the company advocates that organisation adopt sustainable vulnerability and risk management programs. These can identify real-world security threats and evaluate your organization’s ability to respond and quantify security progress to maintain the confidentiality, integrity and availability of business data and networks. Without an accurate depiction of your network, there’s "no way to improve, let alone understand, the true security posture of your infrastructure".

In case you are wondering, "posture" is computer industry jargon for "strategy" or "plan". ®

Topics

Special Features

Vendor Voice

Resources

Security

Why conventional protection fails against web threats

White paper trail

More about

More about

Narrower topics

More about

More about

More about

Narrower topics

TIP US OFF

Other stories you might like

Beijing-backed cyberspies attacked 70+ orgs across 23 countries

March Patch Tuesday sees Hyper-V join the guest-host escape club

Row breaks out over true severity of two DNSSEC flaws

Protecting distributed branch office environments from ransomware

Microsoft Copilot for Security prepares for April liftoff

In the rush to build AI apps, please, please don't leave security behind

More than 133,000 Fortinet appliances still vulnerable to month-old critical bug

Miscreants are exploiting enterprise tech zero days more and more, Google warns

US critical infrastructure cyberattack reporting rules inch closer to reality

Uncle Sam's had it up to here with 'unforgivable' SQL injection flaws

Mozilla fixes $100,000 Firefox zero-days following two-day hackathon

Microsoft confirms memory leak in March Windows Server security update

About Us

Our Websites

Your Privacy