Arxan Technologies has posted to their blog about the recent OWASP fnding that lack of binary protection is a "Mobile Top 10 Risk for 2014." Mobile environments are especially susceptible to binary integrity attacks and mobile specific countermeasures are necessary for this growing problem.  In their blog post, Arxan shines more light on this problem and the types of strategies a company can put in place to address them.

You might also be interested in....

Defending against malware: A holistic approach to one of today’s biggest IT risks

This white paper will examine the changing strategies that malware has employed in recent years, explain the typical sequence of events that occurs during an attack, and describe how an integrated defense can help keep the enterprise safe from these advanced persistent threats.

Download Defending against malware: A holistic approach to one of today’s biggest IT risks.

Marcações:  owasp mobile arxan security

If you want see a concise history of the past three years of IT Security incidents, you need to download the IBM X-Force Threat Intelligence Quarterly for 1Q 2014 as soon as possible. The team at X-Force has done a fantastic job of distilling the mountains of incident data they analyze into an amazing graphic that captures the trends over time.  Here is the headline graphic:

As you can tell by the change in colors as you scan the graphic from left to right, the industry is starting to get a handle on DDoS atacks and SQL injection attacks, while attack types based on physical access to machines and distribution of malware are becoming more common. As noted in the report:

"The declines in vulnerabilities demonstrated at the end of 2013 in both XSS and SQL injection could indicate that developers are doing a better job at writing secure web applications, or possibly that traditional targets like content management systems (CMSs) and plug-ins are maturing as older vulnerabilities have been patched. As noted, XSS and SQL injection exploitation continue to be observed in high numbers, indicating there are still legacy systems or other unpatched web applications that remain vulnerable. This is expected, considering there are many thousands of blogs and other websites run by individuals who may not have the skills or awareness to update to later versions of their platform or framework."

The other thing to note in the graphic is that the overall number of incidents overall impact of IT security incidents aren't exactly going down, so it seems there is still plenty of job security in the IT security arena in 2013.

Marcações:  threat-intelligence risk-management #security security ibmxforce threat-assessment security-intelligence

How much does a data breach cost your company? That's one of the toughest questions an IT security professional can be asked. The effects of a data breach are potentially catastrophic for a company, but it's a difficult task to quantify the risk.

That's why IBM has sponsored the Ponemon Institute's 2014 Study on the Cost of Data Breaches.  This far reaching study is based on 1690 interviews across 10 countries and 16 sectors and is based on actual experiences of companies instead of could-have-happened theoretical discussions.

The Ponemon Institute has released both a global report and 10 country specific reports:

Country	Report Link
Global aggregate	Report
United States	Report
United Kingdom	Report
Germany	Report
France	Report
Australia	Report
India	Report
Italy	Report
Japan	Report
Brazil	Report
United Arab Emirates/Saudi Arabia	Report

One of the most eye-popping charts in the report analyzes the reported data to show the clear relationship between the size of the breach and its cost: Keep in mind that this is not some hypothetical computer model. This is a regression based on the actual interviews and their reported data.

 

 

 

The 2014 Ponemon Cost Of Data Breach study is must reading for anyone needing to build a business case for protecting against data breaches.

Marcações:  security data-protection ponemon data-breach #security data

Short URL for this post:  http://ibm.biz/Bd4YXg

Connect with us on:

Resources

Support Lifecycle Announcements

Support Lifecycle FAQs

Support Lifecycle Information

---

End of Support (EOS) Announcements

IBM provides advance notification of End Of Support (EOS) dates allowing customers reasonable time to complete software upgrades or to refresh appliance products.  To view upcoming EOS dates by product segment, click a link in the list below.

Application security

Data security and protection

Endpoint security

Infrastructure security (Network and Mainframe security)

Mobile security

Identity and access management (People security)

Intelligence analysis (i2)

Security intelligence and analytics

 

View all IBM Software EOS announcements for 2017 and 2018.

IBM Software End of Support (EOS)

---

Support Lifecycle FAQs

Q: What are the major Support Lifecycle milestones?

A: The major Support Lifecycle milestones are:

• General availability (GA) - Refers to the date that a new version or release of the product is available to all users.  A product version/release is not published to the Support Lifecycle web site until the GA date.
• End of Marketing (EOM) - Refers to the effective date on which a version/release (and associated part number) ceases to be available and can no longer be ordered via standard price lists.
• End of Support (EOS) - Refers to the last date on which IBM will deliver standard technical support for a given version/release of a product.
• End of Life (EOL) - Refers to the effective date on which a Software product, an Appliance or a Hardware platform reaches the end of its useful life.

 

Q: How do you determine if your installed software is still supported?

A: Search by product name or keyword using the Support Lifecycle Search tool.  You can also view a list of IBM Software products that will reach EOS in 2018 via the IBM Software End of Support page.

Q: What happens when EOS is announced?

A: Often, there is a newer version of the software available for download.  In most cases, you’ll have sufficient time to plan for and install the latest version.  For more information on the lifecycle stages, including EOS, view this short YouTube video on the IBM Product Lifecycle and EOS.

 

Q: What is the standard version format for IBM Software products?

A: The full product version is expressed by a four-digit code known as the IBM Version, Release, Modification and Fix Level structure, or VRMF.  View this Technote for additional information and description of each element.  You may also find this Glossary of product support and maintenance terms helpful.

 

Q: Where can you view additional details on product updates or replacement information?

A: Using the Support Lifecycle Search, search for your product, select View for details and click the EOS announcement link to view Replacement program information.

 

Q: What are your options if you are unable to upgrade or refresh your current products before EOS?

A: You can request a Support Extension.  Support Extensions are available for Customers who are unable to migrate to a supported version, release or appliance platform prior to EOS.  For more information, visit the IBM Security - Extended Support page.

 

Q: How do you stay connected for future product announcements?

A: There are several ways to receive product announcements:

1. Subscribe to My Notifications for important IBM support updates and announcements.  Learn how by watching this short YouTube video - Subscribe to My Notifications or visit this page for more information Stay up to date with My Notifications.  You can access My Notifications via the IBM Support Portal at: Subscribe to notifications.
2. Build and save a custom product list using the Support Lifecycle Search tool.  Visit the My Product list blog for instructions.
3. Sign up for iNews - IBM Announcements for your location.

• Go to IBM Offering Information - Additional resources tab
• Look for Publications & news and click the Subscribe to IBM announcement letters link (lower left column)
• Complete the enrollment information (Items marked * are required)

Q: How can you connect with IBM Security on social media?

A: You can follow us on Twitter - https://twitter.com/AskIBMSecurity or subscribe to our IBM Security Support channel on YouTube.

 

Q: Where can you find more information on IBM Support policies?

A: You can view and download the IBM Support Handbook(s) that are relevant to the product(s) you use.

---

Support Lifecycle Documents

The IBM Support Lifecycle Policy sets forth the minimum length of time IBM will provide security content and technical support for a product version and release.  Click the applicable product segment link below to view the Support Lifecycle Policy.

IBM Security Network Protection - under revision - stayed tuned

IBM Security QRadar Product Support Lifecycle

Marcações:  mobile appscan access-manager iam data-protection infrastructure security-intelligence

Greetings,

I'm proud to announce we've just published "Fight against SQL Injection Attacks" on developerWorks. The first part of this article walks you through a tutorial of how an attacker approaches an SQL injection attack so you can truly understand the nature of the attack. The second part of the article talks about how to download and set up the trial version of AppScan standard so you can scan for SQL injection attacks and other types of vulnerabilities.

Marcações:  security vulnerability-management appscan application-scanning #security sql-injection sql

On February 16, 2016 IBM announced authentication enhancements for z Systems, including a new product IBM Multi-Factor Authentication for z/OS (5655-162), with a planned availability date of March 25, 2016.

 

IBM z/OS Security Server Resource Access Control Facility (RACF) provided enabling infrastructure updates for z/OS V2R1 and V2R2.

 

IBM Security zSecure suite provided supporting updates for zSecure 2.1, 2.1.1, and 2.2.

 

Multi-Factor Authentication raises the level of assurance of mission-critical systems by requiring authentication with multiple factors during the logon process.

 

Each authentication factor must be from a separate category of credential types:

1) Something you know (e.g. a password or PIN code),

2) Something you have (e.g. an ID badge or a cryptographic key),

3) Something you are (e.g. a fingerprint or other biometric data).

 

More details can be located through this blog entry by  Jeroen Tiggelman on the Service Management Connect - System z blog.

 

You might also be interested in the zSecure Spring 2016 newsletter.

 

Marcações:  racf zsecure z/os security mfa iam z_systems infrastructure mainframe

zSecure 2.1.1 has been announced with the following products...

 

IBM Security zSecure Admin - for efficient and effective RACF administration

IBM Security zSecure Visual - for a Microsoft Windows-based UI for RACF administration

IBM Security zSecure CICS Toolkit - for RACF administration from a CICS environment

IBM Security zSecure Audit - for vulnerability analysis for the mainframe infrastructure, and for analyzing and reporting on security events and detecting security exposures

IBM Security zSecure Adapters for QRadar SIEM - for sending enriched security event information to IBM Security QRadar SIEM

IBM Security zSecure Alert - for real-time threat monitoring (incl. misconfigurations)

IBM Security zSecure Command Verifier - for enforcing compliance by preventing erroneous commands

 

... and the following solutions

 

IBM Security zSecure Compliance and Auditing

 

Please refer to this blog entry on System z Management for details on the solutions.

 

The zSecure 2.1.1 release is for the z/OS operating system. The z/VM product IBM Security zSecure Manager for RACF z/VM is currently at 1.11.2.

 

All zSecure products support RACF. zSecure Audit and Adapters for QRadar SIEM support CA-ACF2 and CA-Top Secret. zSecure Alert supports CA-ACF2.

 

You might also be interested in this article on 50 years of mainframe security.

 

 

Edit: Updated zSecure for z/VM release from 1.11.1; 1.11.2 became available on March 13, 2015.

Edit: The latest zSecure for z/OS release is zSecure 2.3.0.

Marcações:  #security topsecret system_z cics iam security-intelligence mainframe50 security mainframe qradar zsecure infrastructure z/vm z/os siem acf2 racf

BIO-key International's finger biometric authentication solution has been validated for IBM® Security Access Manager (ISAM) for Web; the technology has been integrated into ISAM for Web and now provides ISAM users with a strong component for two-factor authentication (BIO-key adds an inheritance authentication factor to the knowledge and posession factors). ISAM for Web delivers access control management to centralize network and application security policy for e-business applications.

You can learn more about ISAM and BIO-key products and technologies. at the BIO-key International community on developerWorks.

 

Marcações:  biokey ibm-security bio-key fingerprint ibm_security_access_manag... authentication security isam biometrics

Craig Knapik has just published a handy guide to XGS and QRadar Intergration on the security on dW community. Craig lays out a detailed, down to the packet level, description of the four integration points between XGS and QRadar. This is a must read for anyone who wants to get the most out of IBM's network protection technologies.

Marcações:  security xgs qradar

See below for an announcement from Kathryn Zeidenstein about some new video tutorials on InfoSphere Guardium policies

--Calvin

 

Hi community members

  Back in 2011 or so the lab services team had done a LotusLive education session on policies that was very well received. I have taken the first of these presentations and broken it into 4 modules that are now hosted on the InfoSphere Guardium YouTube channel.

You can find links to all 4 of the modules on this new page on the InfoSphere Guardium community wiki. http://ibm.co/16ATMLO  (Must be logged into developerWorks for this direct link to work).

Here are the direct links:

• Part 1: Default Logging Behavior and introduction to Constructs    http://www.youtube.com/watch?v=JUBd0EgL9qg
• Part 2: Log Full Details    http://www.youtube.com/watch?v=ftsdQq-RIYU
• Part 3: Ignore Session rules    http://www.youtube.com/watch?v=pklPGc7RVW8
• Part 4: Alert rules and rule order    http://www.youtube.com/watch?v=EG5TMlEQFno
   

Break out the popcorn!!

Have a great weekend.

Kathy Z

Marcações:  guardium security infosphere data-protection data

 

Marcações:  access-control security proxy load-balancer reverse-proxy #security iam

Tolly Enterprises recently published their evaluation of the IBM Security Access Manager Proxy AMP 5100 Web Gateway Appliance and their evaluation showed the effectiveness of the AMP5100's capabilities. From the Tolly evaluation:

Tolly engineers evaluated the AMP 5100's effectiveness in blocking the most common threats as defined by OWASP. Tolly found the AMP5100 to be 100% effective in blocking in-line preventable attacks.

Tolly specifically validated the AMP5100is able to prevent all forms of SQL injection attacks, XSS, and broken authentication attacks.  The Tolly evaluation goes into more details about the AMP510's ease of use and performance characteristics.

You can download and read the full report to see the details of the Tolly evaluation.

Marcações:  amp5100 ibmsecurity iam security access-manager

Shahnawaz Backer has published a how-to guide on how to configure NIC bonding for your QRadar appliance. This will be of interest to anyone who wants to ensure the high availability of the QRadar Appliance and it is a detailed step-by-step guide that anyone can follow.

From the abstract:

"This article highlights the configuration necessary for bonding―or teaming―the Network Interface Card (NIC) for the QRadar Security Information and Event Management (SIEM) appliance. It addresses topics related to high availability of the QRadar SIEM appliances and is intended for administrators in charge of maintaining those appliances."

You might also be interested in...

Discover the latest about IBM's security intelligence solutions.

Protect your critical assets with an integrated, cost-effective approach to vulnerability assessments and risk management.

Read this white paper to learn:

• The value of an integrated security intelligence platform.
• How to improve security with QRadar Vulnerability Manager.
• How QRadar Risk Manager provides a complete network topology.

Download "Managing security risks and vulnerabilities."

Marcações:  security qradar ibmsecurity #security network-security security-intelligence nic-bonding

zSecure 2.1.1 has been announced on July 15, 2014, with a planned availability date of September 5, 2014.

This announcement includes a new product IBM Security zSecure Adapters for QRadar SIEM (5655-AD8), which provides a new option of integrating System z security events (z/OS, RACF, DB2, CICS, ACF2, Top Secret) into IBM Security QRadar SIEM.

More details about the various integrations between zSecure and QRadar SIEM can be found in this blog entry by Jeroen Tiggelman on the Service Management Connect - System z blog.

 

You might also be interested in what else is new in zSecure 2.1.1.

 

Marcações:  system_z zsecure racf infrastructure cics security-intelligence security #security acf2 db2 topsecret