legitimate

Results 1 - 25 of 48Sort Results By: Published Date | Title | Company Name
Published By: Riskified     Published Date: Aug 06, 2019
Fraud is scary, and there are many valid reasons for merchants to decline suspicious transactions in the name of fraud prevention. But often, in the quest to avoid abuse, risk-averse vendors take defensive measures too far. According to industry data, the average merchant loses 5.5% of their revenue to false declines perfectly legitimate orders, rejected because they seem suspicious.
Tags : 
    
Riskified
Published By: Alert Logic     Published Date: May 23, 2019
In our first cyber security checklist, we provided a security overview and best practices to help organizations prevent an initial compromise from occurring. In this guide, we will help you understand practical steps you can take to mitigate techniques attackers use once they have penetrated your defenses. Once attackers have access to a machine, they can evade detection by using fileless techniques and legitimate system administration tools to do their dirty work. With this checklist, you will have a guide to help mitigate the impact of an attacker. Lastly, we will hep you understand how partnering with a company like Alert Logic can provide better defenses to stop attackers in their tracks. This checklist helps to explain how to: How to manage and limit PowerShell access Securing and utilizing Windows Management Instrumentation (WMI) Ways to apply application controls Following the principle of least privilege and applying access controls What to monitor for to help uncover
Tags : 
    
Alert Logic
Published By: Akamai Technologies     Published Date: Dec 11, 2018
Existing security controls are outmatched at best static and reactive. Current layers likely arent protecting you against all attack vectors, like the vulnerable back door that is recursive DNS. And security mechanisms that frustrate, impede, or disallow legitimate users, devices, or applications will have low adoption rates and/or will curtail productivity. Benign users may even circumvent these processes, further undermining your corporate security posture and creating more gaps in your defense-in- depth strategy. One of the many use cases associated with a zero trust security strategy is protecting your network and most importantly, your data from malware.
Tags : 
    
Akamai Technologies
Published By: BlackBerry Cylance     Published Date: Jul 02, 2018
Fileless attacks surged in 2017, largely due to their ability to bypass traditional antivirus solutions. Last year was host to several fileless malware victories. OceanLotus Group infiltrated Asian corporations during Operation Cobalt Kitty, and conducted nearly six months of fileless operations before detection. Ransomware hall-of-famers Petya and WannaCry both implemented fileless techniques in their kill chains. Every major player in information security agrees that fileless attacks are difficult to stop, and the threats are growing worse. Abandoning files is a logical and tactical response to traditional AV solutions which have overcommitted to file-intensive and signature-based blacklists. What can security solutions offer when there are no infected files to detect? How will a blacklist stop an aggressor that only uses legitimate system resources? The security landscape is changing and the divide between traditional AV products and next-generation security solutions is growing wider by the day. Cylance has built a reputation on security driven by artificial intelligence and provides a frontline defense against fileless malware. This document details how Cylance protects organizations.
Tags : 
malware, predictive, test, response
    
BlackBerry Cylance
Published By: DigiCert     Published Date: Jun 19, 2018
Many security-minded organizations utilize code signing to provide an additional layer of security and authenticity for their software and files. Code signing is carried out using a type of digital certificate known as a code-signing certificate. The process of code signing validates the authenticity of legitimate software by confirming that an application is from the organization who signed it. While code-signing certificates can offer more security, they can also live an unintended secret life providing cover for attack groups, such as the Suckfly APT group. In late 2015, Symantec identified suspicious activity involving a hacking tool used in a malicious way against one of our customers. Normally, this is considered a low-level alert, however, the hacktool had an unusual characteristic not typically seen with this type of file; it was signed with a valid code-signing certificate. Download this whitepaper to find out more about how you can protect your business from such threats.
Tags : 
    
DigiCert
Published By: Akamai Technologies     Published Date: Jun 14, 2018
"Existing security controls are outmatched at best static and reactive. Current layers likely arent protecting you against all attack vectors, like the vulnerable back door that is recursive DNS. And security mechanisms that frustrate, impede, or disallow legitimate users, devices, or applications will have low adoption rates and/or will curtail productivity. Benign users may even circumvent these processes, further undermining your corporate security posture and creating more gaps in your defense-in- depth strategy. One of the many use cases associated with a zero trust security strategy is protecting your network and most importantly, your data from malware. "
Tags : 
dns, rdns, security, zero trust security, malware, data, network security
    
Akamai Technologies
Published By: Proofpoint     Published Date: May 30, 2018
Email fraud is rife business email compromise (BEC) is costing companies billions, and consumer phishing is at an all-time high. The majority of these email attacks are also preventable. Utilising the power of email authentication, Email Fraud Defence protects your organisation from all phishing attacks that spoof trusted domains. Visibility of who is sending email across your email ecosystem allows you to authorise all legitimate senders and block fraudulent emails before they reach your employees, customers and business partners. Protect your email ecosystem from todays advanced email threats including business email compromise (BEC) and consumer phishing. Proofpoint Email Fraud Defence gives you the visibility, toolset and services needed to authorise legitimate email senders and block fraudulent messages before they reach the inbox.
Tags : 
    
Proofpoint
Published By: First Advantage     Published Date: Apr 30, 2018
Screening your companys existing workforce can be a critical component in your overall security plan. But the process is far from simpleand is often intimidating. Learn from one company that has navigated the complexities, and consider their strategies to help you plan the process. Pre-employment background screening is now considered a standard practice in Corporate America. Very few companies, however, are crossing the threshold to conduct screens on their existing workforce. Its a complex endeavor, and to be successful, companies need to walk a fine line between addressing legitimate business and security risks and not alienating employees along the way.
Tags : 
    
First Advantage
Published By: Amazon Web Services     Published Date: Apr 11, 2018
Its important to provide effective inbound and outbound network traffic control to distinguish between legitimate and illegitimate requests. Effectively managing, monitoring, controlling, and filtering network traffic are key actions that can help do so and further enable a robust cloud security infrastructure. Filtering Cloud Network Traffic and Preventing Threats
Tags : 
    
Amazon Web Services
Published By: Akamai Technologies Australia     Published Date: Feb 08, 2018
Websites provide online businesses with an unprecedented level of contact with customers and end users. However, they also place business information where it can be easily accessed by third parties often using automated tools known as bots. For many organizations, bots represent up to 50% or more of their overall website traffic, from good bots engaged in essential business tasks to bad bots conducting fraudulent activities. Regardless of business impact, bot traffic can reduce website performance for legitimate users and increase IT costs. Organizations need a flexible framework to better manage their interaction with different categories of bots and the impact that bots have on their business and IT infrastructure.
Tags : 
control, visibility, customer, financial risk, web fraud, bots, infrastructure
    
Akamai Technologies Australia
Published By: Akamai Technologies Australia     Published Date: Feb 07, 2018
Websites provide online businesses with an unprecedented level of contact with customers and end users. However, they also place business information where it can be easily accessed by third parties often using automated tools known as bots. For many organizations, bots represent up to 50% or more of their overall website traffic, from good bots engaged in essential business tasks to bad bots conducting fraudulent activities. Regardless of business impact, bot traffic can reduce website performance for legitimate users and increase IT costs. Organizations need a flexible framework to better manage their interaction with different categories of bots and the impact that bots have on their business and IT infrastructure.
Tags : 
    
Akamai Technologies Australia
Published By: Symantec     Published Date: Dec 13, 2017
Security teams face sophisticated attacks that hide in plain sight and often dwell in customer environments as long as 190 days1. And attackers increasingly employ stealthy techniques to move freely within a customer environment like using stolen credentials to masquerade as legitimate users. There has been a marginal decline in zero-day discoveries and an increase in living off the land tactics that dont rely on the traditional combination of vulnerabilities followed by malware. These tactics are more difficult to detect since they make use of legitimate tools.
Tags : 
security, software, detection, network
    
Symantec
Published By: FICO     Published Date: Sep 12, 2017
PSD2 aims to tackle payments fraud and Strong Customer Authentication is the weapon of choice. Unfortunately, Strong Customer Authentication has a downside, it increases the burden on customers who must prove they are the legitimate account holder more often.
Tags : 
psd2, accountability, security, customer authentication, risk analysis, payment fraud, fico
    
FICO
Published By: McAfee     Published Date: Mar 31, 2017
Modern malware now masks itself to evade detection. It hides by piggybacking or misusing legitimate applications. With state-of-the-art threat detection and containment tools from Intel Security, organizations can unmask the most sophisticated hidden threats.
Tags : 
malware. threat detection, intel security
    
McAfee
Published By: McAfee     Published Date: Mar 31, 2017
Behind the vast majority of legitimate alerts sent to the IT security team is an attacker who exploits multiple attack techniques to infiltrate your infrastructure and compromise your critical data and systems. Targeted multi-phased attacks include a series of cyber attack chain steps: recognition, vulnerability analysis, operation and, finally, exfiltration of critical business data.
Tags : 
cyber threats, threat intelligence, cyber attack, cyber attack prevention
    
McAfee
Published By: McAfee     Published Date: Mar 31, 2017
Behind the vast majority of legitimate alerts sent to the IT security team is an attacker who exploits multiple attack techniques to infiltrate your infrastructure and compromise your critical data and systems. Targeted multi-phased attacks include a series of cyber attack chain steps: recognition, vulnerability analysis, operation and, finally, exfiltration of critical business data.
Tags : 
cyber threats, threat intelligence, cyber attack, cyber attack prevention
    
McAfee
Published By: McAfee     Published Date: Mar 31, 2017
Behind the vast majority of legitimate alerts sent to the IT security team is an attacker who exploits multiple attack techniques to infiltrate your infrastructure and compromise your critical data and systems. Targeted multi-phased attacks include a series of cyber attack chain steps: recognition, vulnerability analysis, operation and, finally, exfiltration of critical business data.
Tags : 
cyber threats, threat intelligence, cyber attack, cyber attack prevention
    
McAfee
Published By: Sophos     Published Date: Mar 30, 2017
Exploits are one of the main techniques used by cybercriminals to spread malware. They take advantage of weaknesses in legitimate software products like Flash and Microsoft Office to infect computers for their criminal ends. A single exploit can be used by myriad separate pieces of malware, all with different payloads. Read this paper to learn more about exploits and how to stop them. Well explore how exploits work, the exploit industry overall, what makes a good exploit in the eyes of the cybercriminals, and also how anti-exploit technology is a highly efficient and effective way to secure your organization against advanced and unknown threats.
Tags : 
malware, antivirus solutions, exploit protection, security software, exploit kits, software protection, backdoor protection
    
Sophos
Published By: Cisco     Published Date: Jun 16, 2016
Attackers are commandeering legitimate infrastructure and reaping millions in profit. Defenders are struggling to detect and combat threats, and confidence is falling.
Tags : 
security, application security, access control, security policies, anti spyware, email security, internet security
    
Cisco
Published By: Akamai Technologies     Published Date: Mar 10, 2016
The web application firewall (WAF) is among the most complex security technologies on the market today. The complexity of managing a WAF includes a pre-defined list of rules to identify thousands of potential exploits, intelligence about new attack vectors, and identifying malicious HTTP requests from legitimate HTTP traffic. Read this white paper to learn how to combine attack detection with threat intelligence using our cloud platform and managed security services to better protect your web applications.
Tags : 
akamai technology, web application security, http, best practices, security, risk management
    
Akamai Technologies
Published By: Aternity     Published Date: Feb 24, 2016
Governance, Risk Management, and Compliance (GRC) organizations are always concerned with violations of Acceptable Use Policies, the scenario of the workforce using a network, website, or system to perform inappropriate actions. But insider threats can also result from legitimate work activities that are being done for illegitimate purposes. Read how a leading insurance company leveraged an End User Experience Monitoring solution to identify employees harvesting customer data before leaving the company.
Tags : 
aternity, grc, risk management, compliance, end user experience, customer data, it management, knowledge management, enterprise applications
    
Aternity
Published By: CA Technologies     Published Date: Jul 13, 2015
Issuers need to balance eCommerce payment transaction security and a smooth customer checkout experience. The crux of the matter is how to provide a seamless checkout experience for legitimate customers so they wont abandon their transaction or use a different form of payment while at the same time stopping illegitimate attempts to transact. The use of behavior-based authentication to determine which transactions should be impacted by requiring the customer to go through additional means of authentication is critical for reducing customer friction while creating better assurance that the transaction is legitimate. Rules are an important component when providing this risk- and behavior-based authentication. When models are added, and used to guide the application of risk-based rules, the impact upon illegitimate authentication attempts can be greatly increased while the impact on legitimate customers is decreased, providing a better experience for the cardholder and loss reduction for
Tags : 
ecommerce, 3dsecure, risk analytics, behavioral
    
CA Technologies
Published By: CA Technologies     Published Date: Jul 13, 2015
The explosive growth of eCommerce has focused attention on security concerns associated with online payment transactions. Cardholders worry about the safety of online transactions while card issuers are concerned about balancing the risks and costs of payment fraud with a loss of revenue caused by transaction abandonment. The 3-D Secure protocol allows payment card issuers to reduce fraud in payment transactions by verifying cardholder identity during Card Not Present (CNP) transactions. Before a transaction is authorized, a cardholder can be challenged to enter a password, answer a question, or use some other form of authentication credential. This interruption in the transaction often causes legitimate customers to abandon the purchase resulting in loss of revenue for the issuer. The challenge is how to reduce fraud without impacting the user purchase experience.
Tags : 
ca technologies, cnp, emv, otp, 3dsecure, data management
    
CA Technologies
Published By: Cisco     Published Date: Jan 15, 2015
Todays adversaries continue to increase their capabilities faster than the defenses deployed to stop them. Whether they are obfuscating their attacks or hiding malicious code within webpages and other files, they are making it more and more difficult to profile and identify legitimate network traffic. This is especially true in firstgeneration network security devices that restrict protection and policies to ports and protocols.
Tags : 
firewall, buyers guide, protocols, next generation, networks, computing, cloud, innovation, enterprise, datacenter, social, analytics, it management, data management
    
Cisco
Published By: Cisco     Published Date: Nov 17, 2014
Todays malware authors continue to increase their capabilities faster than security solutions can adapt to them. Whether its changing their attacks or hiding malicious code within web pages, its more difficult to identify legitimate network traffic. With first-generation network security devices, it is nearly impossible to defend against todays threats. The situation will get worse before it gets better. Adversaries now utilize agile development and testing methods to develop their malware, they test new malware against the latest security software to increase effectiveness. Next-generation network security devices are emerging that provide the visibility and situational context required to meet todays threats. These solutions use security automation to provide a sophisticated solution that is both lightweight and agile
Tags : 
malware, cisco, command and control evasion, port hopping, zero-day attacks, encapsulation, encrypted traffic, networking, security, software development, it management
    
Cisco
Previous   1 2    Next    
Search Research Library      

Add Research

Get your company's research in the hands of targeted business professionals.