White Papers

Implementing Cloud Native Security: Shift-Left to Increase Effectiveness

Cloud security trends like “shift-left security” and “DevSecOps” refer to new strategies and paradigms that help organizations keep workloads secure in the age of cloud-based, scale-out, constantly changing applications and infrastructure. Many in IT, security, and development probably understand what these...

Cloud Security Blind Spots: Detecting and Fixing Cloud Misconfigurations

Identifying and fixing security gaps in a cloud architecture may not appear very different from doing the same for on-premises environments. But there are a variety of nuanced differences that can be easy to overlook. If you fail to appreciate and account for them, these misconfigurations can cause security blind...

Simplify to Secure

Stuck on the cybersecurity treadmill? Download Cisco's report, Simplify to Secure, to find out why your organization should strive for integrated cybersecurity and learn practical steps you can take to accomplish it.

Using the MITRE ATT&CK Knowledge Base to Improve Threat Hunting and Incident Response

Threat hunting and incident response are critical roles of security operations center (SOC) analysts. With the ever-rising sophistication of new and emerging attacks, analysts need an edge to stay ahead of adversaries. This paper describes the MITRE ATT&CK framework including: What the model offers to SOC...

Top 10 Use Cases for User and Entity Behavior Analytics

Attacks have become increasingly sophisticated, and often are invisible and undetectable by legacy security solutions. You read about these successful data breaches almost on a daily basis. Security analysts do what they can with legacy tools, but these tend to swamp analysts with alerts that are difficult to...

Definitive Guide to Google Kubernetes Engine (GKE) Security

Kubernetes brings some specific security requirements to the table. For a managed Kubernetes service like GKE, users have three main layers that require action: the workloads running on the cluster, the cluster and its components, and the underlying GCP services on which the cluster depends, and more. Lack of...

Sponsored by VMware

Blueprint for a Future Ready Workforce: A 3-Stage Approach

It's not news that the digital economy is changing all the rules for IT, which has to deliver the infrastructure and apps that business stakeholders demand. And they have to do it fast without compromising security. That's why it so important to have a modern data center. Learn what defines a modern data center and...

Sponsored by VMware

Forrester: Tension Between IT and Security Professionals Reinforcing Siloes and Security Strain

Although IT and Security teams shoulder the responsibility of many mission-critical tasks in organizations, they often are not aligned under a unified strategy. To assess how a common IT and security strategy can break down silos across the two teams, VMware commissioned Forrester to survey 1,400+ manager level and...

Sponsored by VMware

Replace AV Buyer’s Guide

Today’s businesses face a unique set of security challenges. You need security that works and is easy to implement and manage, but you’re working with a limited budget and resources. Many organizations know their current antivirus solution has gaps but don’t know where to begin in the search for something...

Sponsored by VMware

COVID-19 Continues to Create a Larger Surface Area for Cyberattacks

COVID-19 has exacerbated preexisting cyberthreats, from counter incident response and island hopping to lateral movement and destructive attacks. These attacks are ratcheting up existing geopolitical tensions. Organizations, most of which depend on VPNs and other traditional network security infrastructure, may not...

13 Email Threat Types to Know About Right Now

According to Gartner, “Through 2023, BEC attacks will continue to double each year to over $5 billion and lead to large financial losses for enterprises.” In today’s rapidly evolving environment, traditional email security solutions aren’t enough to protect businesses anymore. You must also effectively...

Sponsored by VMware

Intrinsic Security: How to Unify and Accelerate Endpoint Security Across the Enterprise

As most executives come to realize, the cloud is truly the only viable way for businesses to thrive. In fact, no matter what captures our attention today or next year, the path forward hangs on the promise of the cloud. Yet, with opportunities come risks. Especially when moves are made without considering likely...

Securing the Future of Work

Today’s hybrid workforce of both remote and in-office employees is the new normal as the world adapts to the COVID-19 pandemic. IT security teams are struggling to support this new global digital workforce that needs reliable, secure, and fast access to the Internet. Cyberattackers are also taking advantage of this...

Isolation Best Practices Financial Services Institution

Financial services institutions, or FSIs, are high-value targets for cyberattacks because of the capital they control, the personal information on customers they maintain, and the fear an attack on a bank generates in the public. Phishing attacks on FSIs have risen steadily, especially employee credential theft -...

Menlo Security Protecting Against Email-Based Threats

Email filtering often misses malicious sites because detection-based techniques find it difficult to continuously build defenses against the large number of phishing sites created daily. Yet, while email phishing attacks are highly successful, they are also entirely avoidable. Email Isolation provides organizations...