T.E.N. Knowledge Base


ISE® WEST 2013

To the Cloud! Software Security Evolution at Adobe > Watch the Video
For years software security at Adobe meant defending ubiquitous software on the desktop and in the browser. But with offerings like Creative Cloud Adobe is now in the hosted services game. The secure software engineering team had to retrench and retool to secure a new type of offering against a new set of threats. This talk describes the evolution of security at Adobe to meet this new challenge.

Taking PDF Security to a New Level with Adobe Reader® and Adobe Acrobat® > Download Whitepaper
Adobe Reader X and Adobe Acrobat X take the security of PDF documents-and your data-to a whole new level. Engineered with security in mind, Reader X and Acrobat X deliver better application security thanks to Protected Mode and new capabilities that allow more granular controls, tighter integration with the Microsoft® Windows® and Mac OS X operating system architectures, and improved deployment and administration tools.

Adobe® Flash® Player and Adobe AIR® security > Download Whitepaper
Both Adobe Flash Platform runtimes-Flash Player and AIR-include built-in security and privacy features to provide strong protection for your data and privacy, whether you use these Adobe products on your desktop system or mobile device. Adobe constantly advances these protections to incorporate the latest developments in the industry and stay ahead of the continually evolving threat landscape.

Adobe Incident Response and Management > Download Whitepaper
The Adobe Secure Software Engineering Team (ASSET) team proactively focuses on preventing security vulnerabilities in Adobe products before they ship, but Adobe knows that ensuring security doesn't end when a product is released. If external security researchers, partners, or customers discover a vulnerability after a product ships, the Adobe Product Security Incident Response Team (PSIRT) responds to resolve the security issue quickly, effectively, and thoroughly. PSIRT is your first line of defense for vulnerability resolution and threat mitigation. PSIRT coordinates with Adobe product engineering teams to identify the appropriate response plan and keeps you informed on mitigation procedures and release schedules.

Adobe Secure Product Lifecycle > Download Whitepaper
The Adobe Secure Product Lifecycle (SPLC) is a rigorous set of industry-leading best practices, processes, and tools designed to keep customers safe and more secure in the evolving threat landscape as they deploy and use Adobe software. The SPLC touches all aspects of the product lifecycle-from providing essential security training for software development teams and building security features into product design, to developing quick incident response plans postship.

Security and Compliance in the Cloud  > Download Whitepaper
Cloud computing offers flexibility and savings, but as data, systems and services move to the cloud, organizations expose themselves to serious security and compliance challenges.

Security delivered at the speed of business  > Download Whitepaper
Intelligent, identity-infused security, access and compliance management.

The Complete Guide to Log and Event Management  > Download Whitepaper
Everybody has logs and that means that everybody ultimately will have to deal with them-if only because many regulatory mandates prescribe that. In this guide, Dr. Anton Chuvakin will analyze the relationship between SIEM and log management, focusing not only on the technical differences and different uses for these technologies, but also on architecting their joint deployments. In addition, he will provide recommendations for companies that have deployed log management or SIEM so they can plot their roadmap for enhancing, optimizing and expanding their deployment. He will also recommend a roadmap for companies that have already deployed both of these technologies.

The Essential DMARC Primer: Understanding DMARC for Securing Email Channels > Download Whitepaper
DMARC (Domain-based Message Authentication, Reporting and Conformance) describes a framework that enables Internet-scale domain-level email protection, preventing fraudulent usage of legitimate email domains. DMARC’s domain-level protection provides the first real means to proactively create defensible email channels between senders and end-users, allowing companies to address Brand Protection in the email channel. The DMARC model provides the DNS based policy publication, feedback, and enforcement mechanisms necessary to build secure email channels, upon which trust can be established.

Gartner's Buyer's Guide to Endpoint Protection Platforms  > Download Whitepaper
Endpoint protection platforms offer a diverse array of features. This guide lists the most advanced features to help buyers differentiate solutions.

100 Tips for Implementing Network Security  > Download Whitepaper
Insight from chief information security officers and those that support them.

Enterprise Testing of the Software Supply Chain  > Download Whitepaper
Feature Supplement of Veracode’s State of Software Security Report. Veracode has been publishing State of Software Security (SOSS)1 reports since 2010. This year we began investigating our dataset from perspectives that are not routinely covered in our traditional SOSS reports, which allows us to extend our analysis to a variety of topical areas. The first feature supplement was published in April and focused on the vulnerabilities in software applications used by publicly traded companies.

Grant Asplund

Grant Asplund
Sr. Technology Evangelist
Blue Coat Systems

Challenges and Solutions of BYOD > Download Presentation
The growing use of smartphones and tablets along with Bring Your Own Device (BYOD) initiatives are requiring new approaches to network security and performance.

  • Untrusted devices, untrusted network connections, untrusted apps and guest WiFi are posing unique IT challenges.
  • There continues to be explosive growth in bandwidth demand driven by new users, new devices and rich video / social content and consolidated IT architectures.

Join Blue Coat and your peers to explore how other IT organizations are becoming business assurance leaders, enabling a secure and highly performing network in light of:

  • More devices
  • Explosive demand for bandwidth
  • Proliferation of rich web content like video
  • Consolidation of Enterprise IT
  • Growth of cloud applications
  • Cost of bandwidth and backhaul in some regions

Curtis Coleman

Curtis Coleman
Information Security Officer
Seagate Technology

Breakthrough Secret to Security Success – Relationships > Download Presentation
To become a highly successful security executive, the myth of the professional "Lone Ranger" must be discarded. The real path to success in your career and life is through creating an inner circle of key trusted individuals. This keynote will give you the road map to achieve the success you are looking for in your security program!

Michael Dierickx

Michael Dierickx
Director Product Information Security
Panasonic Avionics Corporation

Security as a Key Business Driver in the Enterprise > Download Presentation
Michael Dierickx will share how he engaged the different stakeholders in his environment to build consensus for creating his security programs and demonstrated the importance of integrating security into the products themselves. His presentation will include the factors that aided him in securing approval and the challenges he faced along the way. Learn more about Michael’s leadership techniques and strategies that drove the innovation behind making security a mission-critical business function and now a competitive advantage for his company.

Aaron Weaver

Aaron Weaver
Pearson eCollege

Securing the Application Layer > Download Presentation
Aaron Weaver will share how Pearson eCollege chose a defense in depth approach to the application layer focusing on Web Application Firewall, dynamic scanning technologies, vulnerability assessments and manual penetration testing. Learn how integrating and automating application security early into the Software Development Lifecycle will enable your company to find and remediate security vulnerabilities early in the development process — thus saving your organization money, maximizing valuable resources and optimizing security best practices.