| |
| Home >
Security > Auditing |
 |
|
|
|
An Information Technology (IT) audit or information systems (IS) audit is an examination of the controls within an entity's Information technology infrastructure. These reviews may be performed in conjunction with a financial statement audit, internal audit, or other form of attestation engagement. |
|
| |
 |
Results 1 - 25 of 59 matches |
Sort Results By : Published Date | Title | Company name |
|
|
|
| By : Aomega |
Published Date: Nov 06, 2006 |
|
|
Recent regulatory additions require that companies take proactive measures like penetration testing to enforce data privacy and integrity. By deploying a distributed model companies can execute testing from different security levels which is important in challenging posture based on level of access.
Download Now
|
 |
|
|
|
| By : ArcSight |
Published Date: Oct 31, 2008 |
|
|
This whitepaper will outline the drivers for log management as well as their underlying challenges and drive towards a common set of requirements for evaluation of log management tools.
Download Now
|
 |
|
|
|
|
|
|
Enabling IT equipment vendors to perform remote service on your data centers helps maximize uptime and lower TCO—but at what risk? Dial-up modems and VPNs introduce security vulnerabilities and lack sufficient auditing capabilities—making it virtually impossible to track external access and maintain data center security. Download this white paper to learn how you can manage security risks, lower service-related costs, achieve regulatory and internal compliance, and more.
Download Now
|
 |
|
|
|
| By : Borland |
Published Date: Oct 02, 2006 |
|
|
In this white paper, you'll learn how to clearly define business requirements, align them with testing, and evolve development processes to prevent defects.
Download Now
|
 |
|
|
|
| By : CA |
Published Date: Sep 01, 2006 |
|
|
Learn how CA Access Control, a independent security system, complements the native Windows operating system and can enable a strong defense-in-depth security practice for your organization.
Download Now
|
 |
|
|
|
| By : CA |
Published Date: May 07, 2007 |
|
|
UNIX and Linux systems have inherent security issues that pose high risk to the business objectives of complying with regulations and data protection. To reduce security risks, you need full superuser containment and the ability to enforce strict access control to critical system resources through centralized and automated policy management across different platforms.
Download Now
|
|
|
|
|
| By : CA |
Published Date: Sep 13, 2007 |
|
|
Your organization relies on servers to store and access to your most critical information resources. CA Access Control is a product that centralizes control and distributed enforcement of appropriate role-based access to sensitive server resources.
Download Now
|
|
|
|
|
| By : CA |
Published Date: Jul 08, 2008 |
|
|
This white paper analyzes common vulnerabilities in protecting server resources and suggests a solution based on Server Access Management and Auditing. Working together, server access management and auditing can improve regulatory compliance and data privacy, provide greater IT accountability, partition access to superuser and root accounts, assign more granular responsibilities to individual IT people, monitor activities, and correlate actions across multiple systems.
Download Now
|
|
|
|
|
| By : CA |
Published Date: Jul 15, 2008 |
|
|
CA SiteMinder Web Access Manager provides policy based authentication and authorisation, supports multiple advanced authentication techniques, identity federation, and single sign on for Web applications. Traditionally, access management infrastructure has been developed separately for each Web application, leading to duplication and limited control and audit capability. SiteMinder provides centralised capabilities plus extensive additional facilities. Butler Group is impressed with its fine-grained authorisation capabilities, support for advanced authentication techniques, support for a good range of user directories, identity federation based on established standards, and the scalable architecture. Overall, SiteMinder is an impressive solution for mid-sized and large companies who use numerous Web applications to deliver sensitive or business critical data.
Download Now
|
|
|
|
|
| By : Cenzic |
Published Date: Nov 30, 2005 |
|
|
With web applications constantly evolving, finding vulnerabilities is a challenging, costly and time-consuming undertaking. Find out how Cenzic's powerful security solutions help information security teams quickly identify problems, regularly assess web application security strength and ensure regulatory compliance.
Download Now
|
 |
|
|
|
| By : Cenzic |
Published Date: Jul 01, 2006 |
|
|
Enterprises need to utilize software testing that can automatically review applications for security problems. This document examines the market drivers and technology associated with software security code review products and discusses how Cenzic is addressing this urgent need.
Download Now
|
|
|
|
|
| By : Cenzic |
Published Date: Nov 30, 2005 |
|
|
The Cenzic Hailstorm® solution helps financial institutions comply with GLBA and other laws by automating risk assessment, checking for vulnerability to the injection of malicious code into Web servers, automating the testing of code and key controls during the software development process, and helping them respond to new vulnerabilities in the software development lifecycle.
Download Now
|
|
|
|
|
| By : Decru |
Published Date: Dec 01, 2006 |
|
|
Company data is vulnerable to threats from - insiders, unauthorized access to data, data backup, off-site mirroring - just to name a few. Encrypting data at rest, on tape or disk, significantly mitigates these threats. This document provides guidance into some of the factors a company should consider when evaluating storage security technology and solutions.
Download Now
|
 |
|
|
|
|
|
|
Better preparation means better results – Learn how to prepare for an audit; how to develop a self-audit process; how to develop a security template; and much more.
Download Now
|
 |
|
|
|
|
|
|
Learn about the Sarbanes-Oxley regulatory background and its impact on IT departments. This document provides information pertaining to access issues, change documentation, disaster recovery planning and illustrations of key audit-ready reports.
Download Now
|
|
|
|
|
|
|
|
Software analysis, documentation, migration, upgrades or replacements are daunting and risky endeavors because they are primarily manual and time-consuming. EvolveWare’s S2T Technology provides a solution to these problems with tools that automate the process up to 90%, thus reducing the time and cost of such initiatives by as much as 40-60%.
Download Now
|
 |
|
|
|
| By : Fortify |
Published Date: Jan 15, 2008 |
|
|
With an extensive background in police, military, government, and industry security, Howard Schmidt explains how to respond to the changing landscape of cyber threats and how business leaders are helping set the standards for application security. He then profiles industry role models who are setting the standard for application security.
Download Now
|
 |
|
|
|
| By : Fortify |
Published Date: Sep 15, 2008 |
|
|
Adrian Asher, Chief Security Officer at Betfair, an online UK betting exchange explains how he manages a “culture of security” and protects the Betfair brand in this 20-minute candid interview.
Download Now
|
|
|
|
|
| By : Fortify |
Published Date: Nov 19, 2008 |
|
|
While investments to secure the enterprise continue to rise, breaches into company systems and data are skyrocketing. These cyber crimes are consistently debilitating organizations operations, reputations and ultimately, viability. Today’s CEOs are demanding aggressive strategies to protect their business. CIOs and CSOs are working together to employ proven Business Software Assurance approaches across the enterprise to stay ahead of constant threats.
Download Now
|
|
|
|
|
| By : Fortify |
Published Date: Aug 15, 2008 |
|
|
For a CISO, open source introduces a new source of risk and unique security challenge: how do you influence developers over whom you have no direct management control? Jennifer Bayuk, former CISO of Bear Stearns, provides insight on best practices for evaluating, deploying and managing open source code.
Download Now
|
|
|
|
|
| By : Fortify |
Published Date: Apr 16, 2007 |
|
|
This webinar explores 12 of the most common security traps in Java by examining the causes of security failures in modern Java–based applications. Approaching security with an “outside in” style, we look at vulnerabilities from a developer’s perspective, focusing on the source code.
Download Now
|
|
|
|
|
| By : GFI |
Published Date: Jan 02, 2007 |
|
|
This document shows you how to use GFI LANguard N.S.S. to identify vulnerabilities on your network (excerpt from manual).
Download Now
|
 |
|
|
|
|
|
| By : IBM |
Published Date: Jun 01, 2005 |
|
|
This white paper outlines the components of the Banking Data Warehouse (BDW) and how they assist financial institutions in addressing the data modeling and data consolidation issues relating to the SOX regulations.
Download Now
|
 |
|
|
|
|
|
|
Sort Results By : Published Date | Title | Company name |
|
|
<< Start < Previous 1 2 3 Next > End >>
|
| |
More Security Topics |
|
Access Control, Anti Spam, Anti Spyware, Anti Virus, Application Security, Auditing, Authentication, Biometrics, Business Continuity, Compliance, DDoS, Disaster Recovery, Email Security, Encryption, Firewalls, Hacker Detection, High Availability, Identity Management, Internet Security, Intrusion Detection, Intrusion Prevention, IPSec, Network Security Appliance, Password Management, Patch Management, Phishing, PKI, Policy Based Management, Security Management, Security Policies, Single Sign On, SSL, Secure Instant Messaging, Web Service Security |
|
 |
|
