Articles on this Page
- 09/02/16--00:55: _Data Loss Preventio...
- 09/02/16--02:15: _オンラインのコモンセンスを若者に指導
- 09/02/16--12:30: _40% of Facebook use...
- 09/02/16--20:34: _Machine Learning is...
- 09/06/16--06:21: _Buckeye cyberespion...
- 09/06/16--09:27: _Not all Threat Inte...
- 09/06/16--10:41: _White-hat Hackers: ...
- 09/07/16--00:49: _网络间谍团伙Buckeye将目标从美国...
- 09/07/16--11:30: _Securing Docker con...
- 09/08/16--06:00: _Latest Intelligence...
- 09/08/16--13:24: _Symantec Makes STEM...
- 09/08/16--18:07: _2016年8月最新情报
- 09/11/16--19:06: _サイバースパイグループ Buckeye...
- 09/12/16--23:46: _2016 年 8 月の最新インテリジェンス
- 09/01/16--23:31: _Data Loss Preventio...
- 09/12/16--15:33: _Symantec Endpoint P...
- 09/13/16--07:50: _Symantec and CI Plu...
- 09/13/16--12:21: _Microsoft Patch Tue...
- 09/13/16--13:15: _La bienvenue à notr...
- 09/13/16--14:23: _What do Gaming, Won...
- 09/02/16--00:55: Data Loss Prevention 14.5 のご紹介
- Mac OS 10.11
- Microsoft Office 2016 のファイル形式
- Microsoft Outlook 2011 メールクライアント
- Box for Office および Box Sync アプリケーション
- Chrome、Firefox、Safari 各ブラウザ（HTTP または HTTPS 経由）
- Cisco Jabber と Skype for Business のインスタントメッセージクライアント
- Skype インスタントメッセージクライアント
- 09/02/16--02:15: オンラインのコモンセンスを若者に指導
- 09/02/16--12:30: 40% of Facebook users click on phishy links. Do you?
- 09/02/16--20:34: Machine Learning is not the Only Answer
Ensure your solution is initially using the best and most varied dataset possible, from a global source, to train the machine learning
Ensure your solution is being constantly updated, again from a global source, to catch the most new and unknown threats with the fewest false positives
Acknowledge that machine learning alone is not enough, make sure you have weapons to protect you throughout the kill chain as seen below - Intrusion Prevention Services, proven signature-based technology, browser protection, device and application control, memory exploit mitigation, and capabilities to address custom packed malware.
- 09/06/16--06:21: Buckeye cyberespionage group shifts gaze from US to Hong Kong
- 09/06/16--09:27: Not all Threat Intelligence is Created Equal
- Five Threat Intelligence Traps to Avoid blog
- Symantec Uncovers New Details on Cybercriminals in the Middle East and North Africa, the MATI team’s research on the latest changes in global cybercriminal activity.
- 09/06/16--10:41: White-hat Hackers: Cybersecurity Specialists
- 09/07/16--00:49: 网络间谍团伙Buckeye将目标从美国转至香港
- 09/07/16--11:30: Securing Docker containers in the data center
- 09/08/16--06:00: Latest Intelligence for August 2016
- 09/08/16--13:24: Symantec Makes STEM Education Possible for The Einstein Project
- 09/08/16--18:07: 2016年8月最新情报
- 09/11/16--19:06: サイバースパイグループ Buckeye、狙いを米国から香港にシフト
- 09/12/16--23:46: 2016 年 8 月の最新インテリジェンス
- 09/01/16--23:31: Data Loss Prevention 14.5 소개
- Mac OS 10.11
- Microsoft Office 2016 파일 형식
- Microsoft Outlook 2011 이메일 클라이언트
- Box for Office 및 Box Sync 애플리케이션
- Chrome, Firefox, Safari 브라우저(HTTP 및 HTTPS)
- Cisco Jabber 및 Skype for Business 인스턴트 메시징 클라이언트
- Skype 인스턴트 메시징 클라이언트
- 09/12/16--15:33: Symantec Endpoint Protection Cloud is Now Available!
- Block unknown threats with advanced machine learning and other proven intelligent protection techniques
- Shield against ransomware and zero-day attacks in real time with the Symantec Global Intelligence Network that includes 175 million endpoints
- Defend your business with the same best-in-class security used to protect Fortune 500 companies
- Protect users on any device with one-step policy configuration applied across all of their devices (Windows, Mac, iOS, and Android)
- Combine endpoint protection, management, mobility, and encryption into a single, cloud-based solution
- Stay ahead of threats with always-on security that is automatically updated
- Reduce capital expenditures with an affordable pay-as-you-grow model designed for small business budgets
- Delivered as a cloud-based service which requires no additional infrastructure for a low total cost of ownership
- Eliminate the need for IT specialization and dedicated resources
- 09/13/16--12:21: Microsoft Patch Tuesday – September 2016
- 09/13/16--13:15: La bienvenue à notre 100 ème membre Karim ;-)
- 09/13/16--14:23: What do Gaming, Wonder Woman and Smart Needles have in Common?
- Diversifying a male dominated gaming industry. Brenda and John Romero, Romero Games Co-Founders shared their personal and unconventional journeys of following their passion, and succeeding in achieving monumental success and accolade in the gaming industry, despite not fitting the traditional mould.
- Jeanne M Sullivan, Founder StarVest Partners broke out her Wonder Woman costume as a champion for diversity, raging against stereotypes of getting older and fearlessly breaking the typical norms associated with different generations.
- Lisa Helen, Tyndall National Institute, a young female student who as part of her PhD is pioneering a smart needle, the ‘parking sensor’ for surgeons.
- Robin Chase, Co-founder and former CEO of Zipcar
- Ellyn Shook, Accenture’s Chief Leadership and HR Officer
- Judith Williams, Global Head of Diversity at Dropbox
- Kara Swisher, Co-Executive Director, Recode
- Tamara McCleary, Internationally recognized expert on relationships and conscious business, and ranked in the top 1% of global social media influencers
- ….And many current and rising STEAM stars
- Regardless of the industry, female underrepresentation at more senior levels in particular is significant, and must be addressed as it is a contributor to future business prosperity and success.
- Lack of diversity isn't new news to those interested in the topic, however, there is a lack of knowledge otherwise, even at senior levels. The solution will only be found if everyone engages in the agenda regardless of their gender, and/or ethnicity.
- At the senior levels where decisions are being made, both conscious and unconscious biases are contributing to inequalities, so it is important all professionals become aware of the reality in order to acknowledge and address this.
- There is a lot of talk around diversity imbalance, but still a lack of concrete action from many companies, such as the introduction of diversity measurement to develop awareness and accountability for creating and influencing change.
- Companies with more balanced boards correlates with many benefits, including higher return on sales, better stock growth; higher return on invested capital, lower risk of insolvency; and lower likelihood of financial restatement.
- Diverse and balanced teams are proven to be more successful than those that are not.
- Everyone has a responsibility to be informed about social obstacles that face our society and environment but also, everyone has an opportunity to contribute and influence the changing of social norms for the better.
- Look to the left, look to the right– assess the level of diversity in your work environment.
- Look in the mirror – assess your role in raising awareness of and/or developing of diversity in your work environment.
- Then put different glasses onand look again - assess if there is unconscious bias.
- Challenge the status quo - where you see it, find a way to raise the level of awareness.
- Get involved - engage in events targeted at diversity and inclusion that come up in your environment.
- Get socializing - share this article, click on the links, and discuss with your colleagues.
シマンテックの DLP（Data Loss Prevention）チームは、企業の貴重な機密情報が犯罪者の手に渡らないように、全力を挙げて取り組んでいます。Data Loss Prevention の新しいバージョン 14.5 では、セキュリティチームの死角をなくして視野を広げ、重要なデータの管理性を強化するために、データの検出、監視、保護について 20 以上もの新機能が追加されています。詳しくは、このまま続きをお読みください。
過去 1 年の間にシマンテックは、Box、Gmail for Work、Microsoft Office 365 Exchange Online の各サービスに、クラウド検出・監視の新しい機能を導入してきました。DLP 14.5 では、さらにその機能が拡張され、今まで以上に安全にデータをクラウドに保管し共有できるようになります。
DLP Cloud Storageは、ユーザーが Box 上で保管・共有している重要な文書を追跡し、権限のないユーザーが自由にアクセスできる共有リンクを使うなどの危険な行為を検出します。ユーザーがポリシーに違反した場合は、無防備になったファイルとフォルダを Box 上にある保護された検疫フォルダに自動的に移動します。ファイルがあった元の場所にはマーカーファイルを残し、ユーザーに通知します。これが、DLP Cloud Storage で新たに導入されるファイル検疫機能です。保護されていないファイルを保護するだけでなく、ファイルに視覚的なタグを付けることで、重要なファイルやフォルダをユーザー自身が修正するよう注意を喚起できます。
DLP 14.5 のリリースに伴って、DLP Cloud Service for Emailのアップデートも公開されました。DLP Cloud Service for Email は、クラウドを利用したデータ検出サービスです。その強力なメール監視機能は、これまで Gmail for Work と Microsoft Exchange Online で利用できましたが、今回のリリースでオンプレミスの Microsoft Exchange Server にも新たに対応しました。既存の DLP Enforce Management Server にもプラグインとして簡単に連携できます。従来のオンプレミス型メールアプリケーション、パブリック/プライベートクラウドのメールサービス、オンプレミスとクラウドのハイブリッド環境など、そのホスト環境にかかわらず、企業のメールが保護されます。
画像化されたフォーム文書で PII を検出
確定申告書、保険金請求書、患者情報などには、個人の身元を特定できる情報（PII）が数多く含まれていますが、これは見過ごされがちです。フォームは画像ファイルとして保存されることが多く、セキュリティツールでは容易に認識できないからです。DLP Form Recognition を使うと、手書き書類や入力されたフォームの画像から重要なデータを検出できます。これが、フォーム認識という新しいコンテンツ検出技術です。インテリジェントな画像処理を駆使して、スキャンまたは撮影されたフォームから、従来の方法では検出が難しい重要なデータを検出し、その漏えいを阻止します。
企業ファイアウォールの内側だろうと外側だろうと、従業員は自分たちが直面しているサイバーセキュリティ上のリスクについて、乏しい知識しか持ち合わせていません。DLP Endpoint Agentは、リムーバブルストレージへのダウンロード、文書内でのコピーアンドペースト、Web を介した送信など、さまざまな場面でデータを監視して保護し、どこにいても従業員を守ります。今回のリリースでは、従業員が重要なデータの格納と共有に日常的に使っている新しいアプリケーション、ファイル形式、オペレーティングシステムにまでエンドポイント保護の範囲が拡大されました。
危険な SSL の死角をガード
敵の目からユーザーを保護するためにトラフィックを暗号化するアプリケーションが増え続けています。そのため、企業内部の人間が不慮に漏えいした重要なコンテンツ、あるいは SSL などの暗号化プロトコルのもとで意識的に保護されたコンテンツについての可視性が失われています。DLP 14.5 では、DLP Network Monitor と最新の SSL 復号製品（Blue Coat SSL Visibility、Palo Alto Networks Next Generation Firewalls）とを統合することによって Web、メール、FTP、IM の通信で新しい SSL 監視機能を利用できるようになります。
Data Loss Prevention の最新バージョン 14.5 で導入された新機能について詳しくは、go.symantec.com/dlpをご覧ください。
Pew Research Center の調べによると、米国ではティーンエイジャーのうち 92% が毎日インターネットに接続しており、88% 近くが携帯電話かスマートフォンを利用していると言います。英国でも、義務教育が終わる（16 歳）までに、ほとんどの子どもが日常的にインターネットとコンピュータをいろいろな目的で利用するようになっています。これと同じような傾向は、世界中で進んでいます。
一方、シマンテックの 2016 年版『インターネットセキュリティ脅威レポート（ISTR）』によると、2015 年には全世界で毎日 100 万件の Web 攻撃がしかけられており、正規の Web サイトのうち実に 75% にパッチの適用されていない脆弱性が存在するということです。
ここに、オンラインで子どもが直面するリスクの増大がさらに加わります。米国では、性的な被害にあった子どものうち 42% が、オンラインで犯人と知り合ったと報告されました。いじめも全世界で増加しており、増え続けるゲームやソーシャルメディアがその原因ではないかと推測されています。さらに、親よりも技術に詳しくなった子どもが、親を出し抜いて内緒でオンラインの活動を続けるケースも出てきました。
たとえば、2010 年からシマンテックは、オンラインの安全性を訴える非営利団体 Common Senseと提携して、シマンテックの従業員、教育者、保護者がオンラインの安全性を推進する特使となって活動できるよう支援しています。そのために、Common Sense における活動の拡大発展をサポートするとともに、ツールの活用を通じて、オンラインの安全性を推進しつつ拡大している Common Sense のコミュニティにも参加しています。
Common Sense のリソースを利用して、シマンテックの「Online Safety in the Community Program（コミュニティプログラムにおけるオンラインの安全性）」は従業員にあらゆる資料や情報を提供しています。地元の学校その他の機関で学生やその家族がオンラインの問題を回避し、学習と生活にテクノロジを活用できるよう協力するための材料です。
また、FY15 と FY16 にシマンテックは、Common Sense による「K–12 Digital Citizenship Curriculum（幼稚園から高校までのデジタル市民カリキュラム）」にも協力しました。デジタル世界で安全かつ賢明に、道徳的な決定を下すすべを教師が学生に指導するプログラムです。その中核となったデジタル市民カリキュラムには、Harvard Graduate School of Education における Howard Gardner 博士と GoodPlay Project の研究に基づいて、各学年に合わせた 65 以上のレッスンプランが登録されています。加えて、このカリキュラムにはレッスンプラン、家族教育のための教材、インタラクティブなアクティビティ、専門的な教師教育なども含まれています。テーマとしては、セキュリティ、プライバシーとセキュリティ、ネットいじめ、セルフイメージとアイデンティティなどなどが取り上げられています。
シマンテックの FY16 補助金は、Common Sense がこのプログラムをアジアの一部とオーストラリアに拡大する際に交付されました。オーストラリアと東南アジアで 2,300 の学校と 3,445 人の教育者が登録し、CSM のオンラインデジタルリテラシーと市民権に関するリソースを利用しています。また、米国では幼稚園から高校までの 90,000 校と、その 30 万人に及ぶ教育者が、Web サイトで登録しています。
カリフォルニア州サンフランシスコの Jean Parker 小学校でオンラインの安全性を指導しているシマンテックの従業員
Jaime Barclay は、シマンテックの企業社会活動プログラムマネージャを務めている
（13 ～ 17歳対象）Teens, Social Media and Technology Overview 2015（http://www.pewinternet.org/2015/04/09/teens-social-media-technology-2015/）
 Thorn Sextortion Survey 2015（https://www.wearethorn.org/child-pornography-and-abuse-statistics/）
I came across this article recently - 40% of Facebook users click on phishy links. Do you? [Source: Naked Security]
and that's a high amount of figures I've seen. It states that up to 56% e-mail users and about 40% Facebook husers would click on a link from unknown sources! All because of curiosity. I mean, really?! Just crazy...
And that got me thinking... what is your e-mail policy to handle this sort of thing? Do you filter them out at your gateway? Or do you trust your users enough to deal with it? Do you provide training to new staff about this before they're allowed to have a network login?
Or do you do things differently? Do share how you do this with us!
There’s been a lot of “buzz” around machine learning, but despite what’s being said it’s not a panacea – the answer to all your protection problems. I’m not saying machine learning is not an important weapon to identify threats, but let’s be honest, its usefulness is targeted at specific points in the cyber kill chain (below) – and nothing is ever 100% effective by itself.
I think of the kill chain as the threat lifecycle: the threat comes in, deploys the payload, executes the payload then tries to communicate to its command or control center or exfiltrate information. The later in the kill chain you catch something the more damage it can do, so it’s advantageous to catch it as soon as possible, but the most important thing is that you catch it. It’s not unheard of for threats to linger in an environment for months collecting information or disrupting business.
As opposed to other protection techniques, one of the unique things about machine learning is that you have to teach it. It must be trained to understand what to look for to accurately identify a threat then constantly updated because new threats are always emerging. So a quality education is very important, otherwise it will flag threats that don’t really exist – in other words you get A LOT of false positives.
Quality education, in this case, means using vast amounts of rich data that is constantly refreshed with new global threat data. By rich data I don’t mean training your machine learning with known malware alone – it’s too easy for hackers to evade this technique. Training must be done using good and bad files with constant updates of the newest threats and Indicators of Compromise (IOCs). Really good machine learning uses very sophisticated algorithms and highly trained classifiers to be able to learn to spot the newest threats – but long term it really comes down to the quality of the dataset. To most accurately spot new or previously unknown threats, which is where machine learning has the greatest value, you need a constant supply of the best global threat data possible.
We should also be clear that there are different types of machine learning: reputation, behavioral, and attribute based. All of them have a place in identifying threats, and all should be a part of your endpoint protection solution.
But as I said above, nothing is ever 100% effective by itself. You want other weapons as a backup and for use later in the kill chain - the bottom line is you want that threat eliminated by whatever means possible. That’s why you can’t rely on machine learning alone as the answer to all your protection needs. You must make sure your endpoint protection solution can also effectively identify and eliminate threats during payload execution or when the threat attempts some form of outbound communication.
To sum it up – make sure you have the best protection against threats:
Machine learning is an important weapon, but it’s not the ONLY answer.
Learn more about endpoint protection at http://go.symantec.com/sep
Several organizations in Hong Kong are being targeted by a cyberespionage group known as Buckeye.
When it comes to strengthening your security operation, it can be difficult to plan without understanding the potential threats to your business. Fortunately, the Symantec Managed Adversary Threat Intelligence (MATI) team recently uncovered an uptick in cybercriminal activity in the Middle East and North Africa (MENA). Without this type of threat intelligence, companies contemplating an expansion into countries such as Turkey or Egypt might be surprised by an increase in threats in their environments.
With cybercriminal activity proliferating throughout the world, CISOs are increasingly interested in making threat intelligence an integral part of their security operations. But, the goal may be easier said than done. 72% of organizations planning to increase spending on threat intelligence in the next 12 to 18 months. However, many of the security leaders we speak with have told us they struggle with differentiating between threat intelligence sources and determining those from which they can derive the most benefit.
How can you better understand threat intelligence? And more importantly, how should you use threat intelligence? The following 5 insights provide guidance to you on how to best integrate threat intelligence into your organization.
1.Threat intelligence is not just data. Cyber threat intelligence starts with solid data and information gathered from a broad spectrum of threat vectors across the world. It’s not just raw, unprocessed and unfiltered data. It should contain a full array of data – from vulnerabilities and spyware to malicious IP and domains – that are sourced from emails, web requests and commercial products that are monitoring the threat ecosystem 24 X 7 X 365. That information needs to be analyzed and filtered by robust big data analytics and machine learning techniques, identifying patterns and correlations between indicators and events. Even further, the data should be reviewed and further digested by trained analysts who can assure the output is be relevant to you and that it is delivered in a way you can use it.
2.Threat intelligence should be unique to you. The job of determining what threats are relevant to your organization is complicated by the sheer volume of incoming security data points. Each business environment spawns multiple events and alerts, and a security team could spend hours researching each signature and vulnerability to determine which actually applies to your environment. That is why your threat intelligence should be relevant to your industry and geography and must be useful to multiple teams, including representatives from your vulnerability management, threat management and security operations groups. You need to be able to segment it and ask questions to your analyst team specifically about how threats relate to your organization, so you can view, analyze and focus on the activity that poses a risk to your business and to your most critical assets.
3.Threat intelligence integrates with your current security strategy. Wherever your security operations fall on the maturity curve, it is likely you have made a few investments in a security infrastructure – whether it be a GRC system, a SIEM, threat intelligence, or an intelligence analyst or two. Leveraging these assets is going to be important to you, and you will want to integrate them into your business overall. That is why your threat intelligence should be available in different formats, including a well thought out user interface, data feeds, and APIs that provide the basic building blocks that enable developers to build threat intelligence into your existing security technology. With this integration, you are better able to align your budget to the most critical threats affecting your business and to deploy your people and technology to the areas that attackers are focusing on.
4.Threat intelligence needs a personal touch. As the volume and velocity of threats continue grow, pinpointing emerging threats in your industry and your company is likely only one of the many items on your agenda. Future planning for your security operation is most likely a big issue, too. To do it well, you need the rich contextual information that can come from human research and analysis. You need linkages between technical indicators, IP addresses and domains, as well as knowledge of adversaries, their motivations and their intents. This type of intelligence comes from analysts whose schooling goes beyond the traditional security certifications and extends to high level intelligence training on how to conduct human intelligence operations and how to find adversaries even when they go black – through the dark web or a VPN.
5.Threat intelligence has to be – intelligent. As a CISO, it also is likely that you view intelligence as much more than a defense against the adversary, but as an important link in the risk management chain. Your work with your executive team and the Board is most likely focused on both the quantitative and qualitative aspects of your security spend – both number and type of threats blocked and how they relate to the risks in your organization. Your threat intelligence should give you the narrative to articulate the ROI associated with your spend – whether it was a nation-state threat that you blocked or a reputation-damaging cybercrime that you avoided. Easily digestible reports and detailed answers to specific queries should be available whenever there is a need, specifically as your Board makes strategic decisions to acquire new companies, launch new products, or move into new geographies.
Looking for more insights?
Learn more about Symantec’s DeepSight Intelligence
DeepSight Intelligence delivers a comprehensive and timely stream of threat intelligence via a customizable portal and web services for automated consumption, as well as data feeds and APIs that allow for full integration with an organization’s security infrastructure. DeepSight’s MATI team provides finished intelligence reports about adversaries’ tactics, techniques, and procedures. MATI reports, which provide additional context regarding indicator attribution and motivation behind cyberattacks, are produced by former intelligence officers from the CIA, US Department of Defense and the NSA, among many other global governmental entities. To speak with a product specialist about DeepSight Intelligence, call 866 422 5181.
 ESG Research Report, Threat Intelligence and its Role within Enterprise Cyber Security Practices, June 2015.
Hackers who use their computer programming, technology, and cyber skills to help companies protect against cyber attacks are in great demand! To address the growing need for cybersecurity specialists, Symantec and Science Buddies are helping students learn more about careers in cybersecurity. There are thousands of openings around the world for individuals who can think like a hacker to help beat hackers at their own game.
Above: graphic excerpted from Symantec's 2016 Internet Security Threat Report.
A Growing Problem
The number of cyber attacks each year continues to be on the rise, and the types of cyber attacks continue to proliferate. Symantec reports they "discovered more than 430 million new unique pieces of malware in 2015, up 36 percent from the year before." Ransomware, watering hole attacks, Black Swan events, the Butterfly Effect, and spear phishing are just a few of the kinds of cyber attacks Symantec mentions in its 2016 Internet Security Threat Report. These attacks often target zero-day vulnerabilities—vulnerabilities in software that developers and administrations don't know exist until they are used as the basis for a cyber attack.
For both individuals and businesses, the numbers are frightening, and the risks are real. As a result of nine known "mega-breaches," Symantec says more than half a billion personal information records were accessed or stolen by hackers in 2015. Reportedly, 39% of the documented cybersecurity breaches in 2015 involved health services.
Above: graphic excerpted from Symantec's Half a Billion Personal Records Stolen or Lost infographic.
Individual computer users have to be careful and smart about their online practices. But as more and more personal information is stored online and more and more people rely on online services, safeguarding against hacking and preventing data theft or service disruption is mission critical for companies. To succeed, today's businesses must conscientiously and consistently be on the lookout for cyber attacks and, when possible, stay a step ahead. Companies can't simply wait for a cyber attack to happen. They must be actively working to safeguard systems, looking for weak spots and vulnerabilities, and protecting against the possibility of cyber attacks.
So, how do you fight a hacker?
The best answer may be... with another hacker.
We live in an exciting time for data center operations. Innovative technology such as Docker containers eliminate all of the superfluous processes that can bog down a machine and enable servers to live up to their potential. Containers make it easy to develop, deploy, and deliver applications that can be deployed and brought down in a matter of seconds. This flexibility makes it very useful for DevOps to automate continuous integration and deployment of containers.
But as a relatively new technology platform, Docker containers introduce new threat surfaces to the data center. The host operating system, the Docker daemon and its containers are open to vulnerabilities that can be breached. The Docker app store already lists over 100,000 free apps, but these pre-built containers have a wide range of security impacts that are not readily apparent.
The latest release of Symantec Data Center Security: Server Advanced (6.7) addresses this very issue. If you’re running Docker containers with Data Center Security, you have visibility and control over your entire Docker deployment. You’ll also be able to enforce compliance across your Docker environment by applying real-time Unix security and monitoring policy to the Docker host. Hardening Docker containers is handled with agentless security via container isolation, and of course, Data Center Security: Server Advanced gives you the power to manage policies and events across your entire Docker deployment.
If you’re already using Symantec Data Center Security: Server Advanced, a simple version update will instantly provide visibility, compliance, hardening, and management capabilities to containers in your DC’s.
And, if you’re exploring the benefits of Docker (which there are many), and you want to learn more, click here for a list of critical security considerations as well as a more expended description of the vulnerabilities that may put unprotected Docker environments at risk.
Our Latest Intelligence reveals that the number of new malware variants hit 45.5 million in August, the highest level seen since last year.
It’s back to school time. As children pack their backpacks to head back to the classroom, schools everywhere are busy preparing operations, including securing the critical technology infrastructure that help teachers teach and students learn.
Among the many education organizations that Symantec supports is The Einstein Project, a nonprofit in Wisconsin that provides more than 5,000 educators with the resources to deliver quality education across science, technology, engineering and math (STEM) fields. Launched when founders recognized the need for young children to go beyond the textbook and “get their hands dirty,” The Einstein Project is now celebrating its 25th anniversary, and fulfilling its mission by providing professional development for educators, community events, as well interactive units including hands-on science learning kits with live critters.
The organization relies heavily on technology, so when its servers were shut down for two days due to malware, The Einstein Project’s 11 paid employees were left with nothing to do except work on small projects and go home early. The majority of their work—from communicating with teachers to sending out kits with live critters like bugs, butterfly larvae, fish or snails—came to a standstill.
The Einstein Project needed a solution to safeguard against malware and other threats, however as a nonprofit, they had limited budget.
“Our team does important work to provide the best STEM education possible for teachers and students in Wisconsin. We can't do that if our technology is having problems, and frankly, I had started to have problems sleeping because I was worried that we might have another shutdown,” said Kelly Ellis, The Einstein Project, Executive Director.
Based on recommendations from two Board members as well as advice from IT experts at ZyQuest, the team selected Symantec, working through the TechSoup software donation program.
The nonprofit has never looked back or had any malware problems ever since.
“Using Symantec gave us peace of mind—our team now focuses on STEM education, not tech problems,” said Ellis.
For more on Symantec’s support for TechSoup, visit: http://www.techsoup.org/symantec
シマンテックの最新インテリジェンスによると、新しいマルウェアの亜種の数は 8 月に 4,550 万種を数え、昨年以来の最高レベルに達しました。
직무상 사외에서 고객, 파트너, 공급자와 협업해야 하는 경우가 많아지면서 보안 팀은 폭발적으로 증가하는 상호 연결 디바이스와 애플리케이션을 보호하고 그 틈새를 통해 중요 데이터가 유출되는 것을 방지하는 데 더 주력하고 있습니다.
시만텍 DLP 팀은 기업의 가장 중요한 정보가 범죄자의 수중에 들어가지 않도록 보호하는 데 최선을 다하고 있습니다. 새로운 Data Loss Prevention 14.5는 20여 개의 신규 데이터 검색, 모니터링, 보호 기능을 추가하여 보안 사각 지대를 없애고 보안 팀이 중요 데이터에 대해 더 우수한 가시성 및 제어 기능을 확보할 수 있도록 지원합니다. 자세한 내용을 확인하십시오!
클라우드 보안 리스크 최소화
시만텍은 지난해 Box, Gmail for Work, Microsoft Office 365 Exchange Online을 위한 새로운 클라우드 검색 및 모니터링 기능을 선보였습니다. DLP 14.5는 기존 기능을 확장하여 더욱 안전하게 클라우드에서 데이터를 저장하고 공유할 수 있도록 지원합니다.
DLP Cloud Storage는 사용자가 Box에 저장하고 공유하는 중요 데이터를 추적하고 위험한 프랙티스, 이를테면 공유 링크를 통해 허가받지 않은 사용자에게 개방적 액세스 권한을 부여하는 등의 행동을 파악합니다. 사용자가 정책을 위반할 경우 DLP Cloud Storage가 제공하는 파일 격리 기능을 사용하면 노출된 파일 및 폴더를 Box의 안전한 격리 폴더에 자동으로 옮기고 원래의 위치에는 마커 파일을 남겨 사용자에게 알릴 수 있습니다. 그러면 보호받지 못한 파일을 안전하게 보호할 뿐 아니라 파일에 시각적인 태그를 지정하여 사용자가 해당 태그를 참조하면서 자체적으로 중요 파일 및 폴더를 처리하게 할 수 있습니다.
시만텍은 DLP 14.5 출시와 함께 DLP Cloud Service for Email의 업데이트도 발표했습니다. DLP Cloud Service for Email은 클라우드 기반 데이터 탐지 서비스로 Gmail for Work, Microsoft Exchange Online뿐 아니라 이제 온사이트 Microsoft Exchange Server에 대해서도 강력한 이메일 모니터링 기능을 제공하며 기존 DLP Enforce Management Server에도 손쉽게 플러그인할 수 있습니다. 또한 기존의 온사이트 이메일 애플리케이션, 퍼블릭 또는 프라이빗 클라우드 이메일 서비스, 온사이트/클라우드 하이브리드 환경 등 기업 이메일 호스팅 위치와 관계없이 해당 이메일을 보호합니다.
이미지 양식 문서에서 PII 탐지
소득 신고서, 보험금 청구서, 환자 양식은 수많은 개인 식별 정보(Personally Identifiable Information, PII)를 포함하고 있지만, 이러한 양식이 보안 툴에서 쉽게 인식하지 못하는 이미지 문서 형태로 저장될 때가 많아 PII가 검색되지 않습니다. DLP Form Recognition을 사용하면 자필 또는 타이핑 양식의 이미지에서 중요 데이터를 탐지할 수 있습니다. Form Recognition은 인텔리전트 이미지 처리를 활용하는 새로운 컨텐트 탐지 기술로, 스캔 또는 사진 양식에서 기밀 데이터를 탐지해 차단합니다.
더 많은 애플리케이션, 파일, 플랫폼에서 사용 중인 데이터 제어
직원들은 회사 방화벽 안팎에서 발생할 수 있는 사이버 보안 리스크에 대해 자세히 알지 못합니다. DLPEndpoint Agent를 사용하면 직원들이 일하는 장소에 구애받지 않고 이동식 스토리지에 다운로드하거나 문서 내에서 복사하고 붙여넣기하고 웹을 통해 전송하는 등 다양한 상황에서 사용 중인 데이터를 모니터링하고 보호할 수 있습니다. 이번 릴리스는 직원들이 엔드포인트에 중요 데이터를 저장하고 공유하기 위해 일상적으로 사용하는 새로운 애플리케이션, 파일 형식, 운영 체제도 추가로 지원합니다.
위험한 SSL 사각 지대 보호
사용자를 보호하기 위해 트래픽을 암호화하는 애플리케이션이 증가함에 따라 사내 직원이 SSL과 같은 암호화 프로토콜의 보호하에 중요 컨텐트를 실수로 유출하거나 고의적으로 감추는 행동 등을 제대로 모니터링하기 쉽지 않은 상황입니다. DLP 14.5는 DLP Network Monitor와 다음 SSL 복호화 제품의 통합을 지원하므로 웹, 이메일, FTP, IM 통신에 대한 새로운 SSL 모니터링 기능을 활용할 수 있습니다. Blue Coat SSL Visibility 및 Palo Alto Networks Next Generation Firewalls
Data Loss Prevention 14.5의 새로운 기능에 대한 자세한 내용은 go.symantec.com/dlp를 참조하십시오.
Attacks targeting small and medium businesses continue to rise as 65% of all targeted attacks struck these businesses in 2015. In addition, employees today expect choices in the devices they select and the apps they use at work. Lastly, IT resources to handle on-boarding, protection, and management of these devices are increasingly constrained. This leads to headaches for IT professionals, as they must manage a heterogeneous environment while protecting their users from sophisticated targeted attacks, all with a limited set of resources.
Symantec has been working hard to address these challenges while helping customers move to a cloud-based security solution through Symantec Endpoint Protection Cloud, which is now generally available in the United States. The latest solution in our endpoint protection portfolio, Endpoint Protection Cloud is an industry-leading security as a service that is always up-to-date, easy to manage, and offers advanced protection for users anywhere.
It makes security simple and affordable for small and mid-sized businesses since it has a low total cost of ownership with no dedicated IT resources required. In addition, it’s easy to deploy and use because a single console for endpoint protection, management, mobility, and encryption enables IT to setup, manage, and secure users and all their devices in less than 5 minutes. Endpoint Protection Cloud enables you to:
Protect Against the Next Generation of Threats
Deploy and Manage Users in Under 5 Minutes
Secure Your Devices for Less than a Dime a Day
Right across Europe, Pay TV has never been more popular. Recent research by Digital Research TV Limited (DRTL) found that over half (56.8%) of households in Western Europe currently have a Pay TV subscription service – and predicted that proportion would rise to nearly 60% by 2021.
This impressive growth comes as TV consumption moved away from analog to broadcast digital services and more recently also towards IP distribution, with DRTL predicting that IPTV revenues in Western Europe would rise to $1.2 billion by 2021. This phenomenon has been driven by the rise of fast broadband, new services such as Netflix and affordable Smart TVs and set-top boxes. In 2015 alone, consumers across Western Europe bought 15 million new Smart TVs, according to German consumer electronics trade organisation GFU.
Yet before IPTV could deliver on this promise, the industry first had to deliver a key challenge – and it’s done so with a solution underpinned by Symantec technology. That challenge was: if you’re going to deliver valuable, PayTV content directly to TVs, how do you protect that content from interception or piracy?
Back in 2007, a consortium of TV manufacturers and vendors came together to solve this problem. Their solution was CI Plus, a technical specification that added security features to the commonly-used DVB Common Interface Standard. These enabled Smart TVs and set-top boxes to access a wide range of Pay TV services via conditional access plug-in modules. CI Plus enabled PayTV service providers protect their content by providing an encrypted channel between the plug-in module and the TV or Set-Top-Box. This encryption capability was underpinned by Symantec certificates and the Symantec CI Plus certificate service.
Since it launched in 2008, CI Plus has secured many billions of hours of Pay TV content worldwide. And earlier this year it reached a new landmark in the European Union. Together, CI Plus and Symantec have successfully secured more than half a billion TV and set-top boxes across the EU. And we are celebrating the success of this partnership at the International Broadcasting Convention (IBC) in Amsterdam this week.
The success of CI Plus is an excellent example of how hardware manufacturers, security experts and content providers can come together to protect new categories of devices and secure intellectual property. As such it provides an important model for how industries can collaborate to effectively secure new Internet of Things technologies as they come online.
This month the vendor released 13 bulletins, six of which are rated Critical.
J'étais avec lui et je peux donc témoigner qu'il est bien le 100 ème membre à s'inscrire sur le GUASF !-)
Depuis, nous avons un 101 ème que je n'ai pas retrouvé... :(
Mais c'est le 100éme que je vous propose de féliciter avec moi :)
(Et je vais demander à Symantec de lui accorder des points en sus, mais je ne peux rien garantir !)
La bienvenue à toi Karim et n'hésite pas à venir publier tes questions, ou découvertes, ou suggestions.
Cet espace sert de base documentaire partagé, même si nous n'en abusons pas du tout ! Voir pas assez pour être honnête :)
Bah, au moins, nous sommes un peu "connectés" ensemble par ce biais ;)
This spring, Symantec Leaders across EMEA were asked to nominate their best and brightest female talent for an opportunity to attend the two-day Inspirefest festival, Europe's leading science and technology conference that brings together international change makers across science, technology, design and the arts, all with a common mission to increase female diversity in STEAM. For those who haven’t yet come across this acronym, STEAM refers to Science, Technology, Engineering, Arts and Mathematics.
The festival took place in Dublin, Ireland from June 30th – July 2nd and provided attendees a chance to listen to, meet and network with a variety of influential technology leaders representing a variety of sectors and functions including technology, engineering, venture capitalists, banking and finance, media, fashion, and more.
This summer Symantec employees attended Inspirefest, Europe's largest festival celebrating the role of diversity and inclusion in technology, science, the arts and mathematics, and its role in accelerating business success.
Discussions covered a variety of topics including the business value of diversity, inclusive design, investor bias in the venture capital market, the science of happiness and more:
Other speakers included leading executives such as:
Across all of the discussions at the event, some common themes emerged:
Symantec EMEA Leaders made nominations for their team members to attend Inspirefest in Dublin, Ireland. Pictured here (left to right from back row to front): Marcia Pereira, Sinead Doherty, Linda Brennan, Carol Norton, Gillian Bell, Melissa Chouikrat-Marcinkowski, Joanne Davies Elsbury, Jayne Delahunt, Louise Hanon, Aideen Crowley.
Why Events Like Inspirefest Needs to Matter to all of Us
What is Symantec doing?
As a result of Inspirefest, there are a number of actions that the Dublin and UK attendees are in the early exploration stage of to create awareness of the diversity agenda and to influence change at a grassroots level locally. For example, one of the leading Dublin universities announced at Inspirefest that they were renaming their buildings on campus to represent both 50% female and 50% male. This demonstrates to the students attending the university that there are recognizable role models in their field of study that look like they do and which they can aspire to. As a result, the Dublin attendees have taken on an initiative to rename all of the meeting rooms in Dublin in a similar fashion.
At Symantec investing in diversity is a priority and by 2020, we aim to increase the diversity of our entire workforce by 15 percent through acquiring and developing top talent and setting our leaders up for success. Providing Symantec's female employees with the opportunity to network and meet other professionals who are engaged with this agenda is a core part of our strategy to retain and develop our brightest diverse talent at Symantec.
In addition to Inspirefest, we have been working to ensure that employees across all regions have opportunities to network with inspiring leaders in the field, develop their own skills by attending such events and finally to bring back new knowledge and ideas to their own teams. For example, we've sent over a hundred female employees to the Grace Hopper Celebration of Women in Computing, the Grace Hopper Celebration India, as well as others.
So what can you do?
#GETCURIOUS and take action, be the change you want to see.
Diversity drives innovation, innovation drives success and ensuring our workforce represents the diversity of the world we are protecting should be a priority for all of us.
Click here to see a video recap of the event featuring our Symantec delegates.
Click here for an insider view of Symantec's Dublin office and working environment!