Search the Library
 
Home >

Security

>

Auditing
An Information Technology (IT) audit or information systems (IS) audit is an examination of the controls within an entity's Information technology infrastructure. These reviews may be performed in conjunction with a financial statement audit, internal audit, or other form of attestation engagement.

Results 1 - 25 of 49 matches Sort Results By : Published Date | Title | Company name
Keeping Up Your SOX Compliance and Turning IT into a High Performer by Improving Change Control
By : Tripwire Published Date: Jan 26, 2007
This paper covers the implementation, disclosure and ongoing evaluation of internal controls for SOX compliance with a focus on the role of IT, as well as the penalties for non-compliance.
Download Now
Tripwire
LogRhythm for Sarbanes Oxley (SOX)
By : LogRhythm Published Date: Aug 02, 2007
Do you need to simplify your financial reporting process to ensure that you are meeting the Sarbanes Oxley requirements? Read this whitepaper to learn more…
Download Now
LogRhythm
Optimizing Infrastructure Control
By : Tripwire Published Date: Jun 06, 2008
This paper outlines the nature of infrastructure integrity, change auditing, and compliance solutions. It describes how an investment in configuration assessment and change auditing solutions can stabilize IT operations, lowering the operational costs associated with the IT infrastructure; be a force multiplier; and provide a solid foundation that increases the effectiveness of the investment in information security.
Download Now
Tripwire
Proving Compliance with McAfee Total Protection for Data
By : McAfee Published Date: May 01, 2008
Companies feel a sense of security from encrypting data stored on corporate systems on desktops, laptops and mobile devices. They believe this act will protect their intellectual property, and sensitive customer information will remain safe and secure from unauthorized access.  But that is not enough. Simply encrypting this information doesn’t help you prove compliance with external regulations or internal controls during a financial audit or legal discovery process.
Download Now
McAfee
The Total Economic Impact of the Tripwire Enterprise Solution
By : Tripwire Published Date: Jan 10, 2007
Hear from a leading industry analyst how your company can quickly enjoy a substantial return on investment from implementing Tripwire’s configuration audit and control solution.
Download Now
Tripwire
Winning the PCI Compliance Battle: A Guide for Merchants and Member Service Providers
By : Qualys Published Date: Oct 31, 2006
This white paper reviews the basics of PCI, including who must comply, compliance requirements, validation requirements and penalties. It also examines key things to look for when selecting a PCI network testing service and introduces QualysGuard PCI.
Download Now
Qualys
Configuration Audit and Control: 10 Critical Factors for CCM Success
By : Tripwire Published Date: Jul 11, 2007
In this whitepaper, you will learn how configuration audit and control can be used effectively to ensure system management productivity, and help reduce costs and sustain configuration viability within the bounds of operational, security and regulatory standards.
Download Now
Tripwire
Don't Dread that Network Audit: Compliance with Government Regulation and Industry Standards
By : Qualys Published Date: Aug 08, 2006
Security administrators need to be more proactive about preventing attacks, making vulnerability assessments a crucial tool in their portfolio.
Download Now
Qualys
Enforcing IT Change Management Policy
By : Tripwire Published Date: Jun 07, 2007
Discover how high-performing IT organizations are able to create a culture that supports and uses change management to their advantage, facilitating enterprise business goals.
Download Now
Tripwire
Gene Kim's Practical Steps to Mitigate Virtualization Security Risks
By : Tripwire Published Date: Mar 28, 2008
Tripwire founder/CTO Gene Kim provides seven practical steps that IT organizations can take to mitigate the unique security challenges of virtualization. While some are directed specifically at virtualized environments, many of these steps are solid best practices that apply to both physical and virtualized environments.
Download Now
Tripwire
How One Company Conquered the Audit Challenge
By : Qualys Published Date: Aug 08, 2006
The Marine Corps Community Services (MCCS) manages a global network that serves Marines and their families. MCCS chose a managed service to conduct comprehensive vulnerability assessments and prioritize patches and fixes.
Download Now
Qualys
Monitor System Changes And User Activity
By : NetIQ Corporation Published Date: Jul 11, 2007
Learn how to meet regulatory requirements for system change and user activity monitoring with NetIQ Change Guardian for Windows, without the need for performance-hindering native auditing.

Download Now
NetIQ Corporation
Privacy, Compliance, and International Data Flows
By : NetIQ Corporation Published Date: Jun 14, 2006
Mandatory compliance requirements often vary or conflict. Discover the major issues and appropriate actions organizations must take today to protect the privacy of information and meet legal and contractual requirements.
Download Now
NetIQ Corporation
Pre-Test DR & Business Continuity Plans
By : Shunra Published Date: Mar 18, 2007
Effective IT disaster recovery and business continuity planning is essential for every business. All businesses depend on their IT services for moment-to-moment operations. It is vital to ensure that those services are not disrupted due to any disaster. Pre-test your plans in a simulated network.
Download Now
Shunra
Effectively Delegate Administrative Privileges
By : NetIQ Corporation Published Date: Aug 27, 2007
Learn how delegating administrative privileges can aid in improving administrative productivity, system availability and security, while satisfying the demands of auditors.  Read this new white paper from NetIQ today.
Download Now
NetIQ Corporation
10 Reasons your RADIUS Server Needs a Refresh
By : Identity Engines Published Date: Oct 15, 2007
For over a decade now, RADIUS servers have been a mainstay of dial-up and VPN access control. The rather inconspicuous RADIUS server, perhaps better known as that beige, general-purpose PC collecting dust in the corner of your data center, has proved sufficient for performing basic duties like validating passwords and granting network access.
Download Now
Identity Engines
Leveraging Automation to Quickly Reveal Vulnerabilities
By : Cenzic Published Date: Nov 30, 2005
With web applications constantly evolving, finding vulnerabilities is a challenging, costly and time-consuming undertaking.  Find out how Cenzic's powerful security solutions help information security teams quickly identify problems, regularly assess web application security strength and ensure regulatory compliance.
Download Now
Cenzic
Leveraging Lifecycle Management for Software and Business Adapt Ability
By : Borland Published Date: Oct 02, 2006
In this white paper, you'll learn how to clearly define business requirements, align them with testing, and evolve development processes to prevent defects.
Download Now
Borland
Meeting the PCI Application Security Requirements: Building Compliance In
By : Ounce Labs Published Date: Nov 15, 2007
The PCI DSS is demonstrably becoming a de facto standard of due care for any organization responsible for the privacy and integrity of data. The increased focus on application security in the latest revisions of the PCI DSS can be traced directly to many of the recent high profile breaches, where insecure applications have proved to be the point of access for hackers, and the source of data loss.
Download Now
Ounce Labs
40% PCI Non-Compliance? How to Beat The Stats Without Breaking a Sweat
By : Solidcore Published Date: Jan 07, 2008
New report issued by Fortrex, Emagined Security and Solidcore reveals the cost of PCI compliance is justified. These PCI requirements exist to protect sensitive data - yet, research indicates that these are among the least satisfied requirements across Level 1 merchants, with almost 40% non-compliance. 

Download Now
Solidcore
Practical Guide to Sarbanes-Oxley Compliance
By : Ecora Software Published Date: Jul 05, 2006
Learn about the Sarbanes-Oxley regulatory background and its impact on IT departments. This document provides information pertaining to access issues, change documentation, disaster recovery planning and illustrations of key audit-ready reports.
Download Now
Ecora Software
Prepare for Successful Audits: A Change Management Manager Checklist
By : Solidcore Published Date: Dec 13, 2007
This IT audit checklist guide includes advice on assessing the effectiveness of change management in a variety of areas.   As companies grow more dependent on interdependent IT systems, the risks associated with untested changes in development and production environments have increased proportionately.

Download Now
Solidcore
Patch Management 2.0- Evolving Your Patch Management Technology
By : Preventia Published Date: Apr 14, 2008
The realities of security and compliance have changed considerably since patch management faced its first big paradigm shift some years ago. At that time many organizations wrestled with the transition from manual patching and remediation to an automated process. Of course, nothing in security is ever static, so it is no surprise that patch management has continued to evolve since then. Though still automated, today’s best patch management tools and techniques are significantly different from their predecessors.
Download Now
Preventia
Risk Assessment & Compliance: A Management Tool for the IT Security Infrastructure
By : RiskWatch Published Date: Jul 12, 2006
Risk assessment is the cornerstone of security.  The risk assessment process includes gathering information about the assets of the organizations, including all information assets, and all physical assets.
Download Now
RiskWatch
Securing Web Applications: The Time Is Now
By : Cenzic Published Date: Jul 01, 2006
Enterprises need to utilize software testing that can automatically review applications for security problems. This document examines the market drivers and technology associated with software security code review products and discusses how Cenzic is addressing this urgent need.

Download Now
Cenzic
 
Results 1 - 25 of 49 matches Sort Results By : Published Date |