T.E.N. Knowledge Base


ISE® Southeast 2014

Adobe Creative Cloud for Teams > Download Whitepaper
Creative Cloud for teams includes the entire collection of Creative Cloud desktop applications (such as Adobe Photoshop CC, Adobe Illustrator CC, etc.) plus services and business features for teams and small to medium-sized organizations. Creative Cloud for teams is available via two plans — complete and single app — both of which are easily purchased, managed, and deployed via an intuitive Admin Console.

Adobe Marketing Cloud Security > Download Whitepaper
At Adobe, the security of your digital experiences is our priority. From our rigorous integration of security into our internal software development process and tools to our cross-functional incident response teams, we strive to be proactive, nimble, and accurate in all aspects of security. What’s more, our collaborative work with partners, researchers, and other industry organizations helps us understand the latest security best practices and trends and continually build security into the products and services we offer. This white paper describes the proactive approach and procedures implemented by Adobe to increase the security of your Adobe Marketing Cloud experience and your data.

Adobe Acrobat XI Security > Download Whitepaper
Adobe Reader XI and Adobe Acrobat XI continue to take the security of PDF documents—and your data—to an entirely new level. As with previous versions of the Adobe Acrobat family of products, both Reader XI and Acrobat XI are engineered with security in mind, delivering improved application security and more granular user-level and administrator-level security controls to provide protection against today’s increasing number of advanced persistent threats (APTs) that attempt to steal intellectual property electronically from organizations. In addition, tighter operating system integration and easier deployment and administration tools deliver the lowest total cost of ownership (TCO) of any prior version of Reader and Acrobat.

EMAIL TRUST INDEX > Download Whitepaper
As phishing attacks get more sophisticated and harder to distinguish, consumers should know who’s putting them at risk – where malicious email links are lurking that lead to the installation of malware that can record keystrokes and steal consumer information, from online credentials to actual money. That’s why we publish the Agari TrustIndex™, to show consumers and business alike where consumers are most protected or vulnerable to email attack across industry sectors including Financial Services, E-Commerce, Social Media, Travel, Logistics and Gaming.

Fusing Vulnerability Data and Actionable User Intelligence > Download Whitepaper
There was a time not long ago when IT professionals believed that patching was the path to redemption: "If we can only identify all our vulnerable systems and apply the proper patches to them, then attackers won’t be able to get a foothold," the reasoning went. Frustrated by the absence of an easy way in, malicious hackers would move on to a different target and pick lower-hanging fruit.

Fidelis XPS™ Power Tools: Network YARA Implementation  > Download Whitepaper
Threat actors are constantly evolving their tactics, employing new evasion techniques, new ways to trick the user, and new methods to exploit your network infrastructure. While there have been some recent instances of purely destructive attacks, the majority of compromises we examine are attempting to steal something of value. The network defender is tasked with the daunting responsibility of stopping the onslaught of attacks from across the Internet, and protecting their valuable information from theft. The Fidelis XPS™ advanced threat defense solution supports the defender’s goals by providing access to leading edge technological advances and enabling unparalleled detection at unmatched speed to stop a targeted attack.

Two-Man Rule > Download Whitepaper
HyTrust has become the de facto standard for privileged user monitoring, access control, and policy enforcement in VMware environments. By securing the virtual infrastructure, HyTrust gives enterprises the assurance they need to virtualize their mission critical applications and reap the associated financial benefits. HyTrust Appliance enforces role-based and asset-based policies covering VMware privileged users, resources, and management interfaces. The HyTrust approach to virtualizing Tier 1 workloads securely also includes real time monitoring and alerting; comprehensive, audit-quality logging; stronger authentication for the VMware platform; and protections for virtual infrastructure integrity.

How Malware and Targeted Attacks Infiltrate Your Data Center  > Download Whitepaper
Advanced targeted attacks are more focused and persistent than ever before, and they continue to increase in sophistication. These next generation threats are multi-phased and organized explicitly to bypass the security perimeter, most often targeting individuals as an entry point. It only takes one compromised user in order for attackers to successfully infiltrate your corporate network and gain full access to the data that drives your business. In the end, your organization is only as secure as your weakest link–the trusted employee.

Seven Key Features to Help You Stop Advanced Evasion Techniques at the Firewall  > Download Whitepaper
Computer networks are built to facilitate the flow of communication, not stop it. Unfortunately, data packets can be manipulated to look normal yet contain an exploit. These techniques evade standard security measures and, in most cases, can deliver a malicious payload without detection. Often, these advanced evasion techniques (AETs) take advantage of rarely used protocol properties in unexpected combinations. Most network security devices are not capable of detecting them. While many pass industry tests with high ratings, those ratings are based on protection against a limited number of threats. The exact number of AETs is unknown, but it is close to hundreds of millions.

How the NIST Cybersecurity Framework Comprehensively Addresses Business Cybersecurity Challenges  > Download Whitepaper
The NIST Framework is not a traditional government document – it is not a required standard, a set of controls or a rigid checklist. Instead, it is a helpful tool that will allow you to assess and improve your existing cybersecurity program or build one from scratch, depending on your needs. The Framework is the result of an extensive public-private partnership, and is a remarkably flexible document that can help organizations of all sizes and sophistication levels develop and maintain an agile cybersecurity program.

Enterprise Executives and Consumers Lack Confidence About Cybersecurity  > Download Whitepaper
Enterprises are concerned that their organizations may be vulnerable to targeted malware attacks and Advanced Persistent Threats, but many are not taking the proper precautions to prevent cybercrime from occurring. In addition, many consumers don’t believe that enterprises are doing enough to protect their personal data, underscoring the need for enterprises to rethink their cyberdefense strategies and pay more attention to their customers’ security concerns.

Miercom Report - Competitive Testing of Web Gateways  > Download Whitepaper
Miercom conducted an independent third-party validation of the Websense TRITON Web Security Gateway Anywhere (WSGA) and four competing web security products: the Blue Coat ProxySG 900-20 Secure Web Gateway, the Check Point 12200 Appliance Next-Generation Threat Protection, the McAfee WG-5500-B Web Gateway and the Palo Alto Networks PA-2020 Next-Generation Firewall. Two types of testing were conducted to evaluate the ability of the appliances to block threats and certain types of risky web content using a URL sample set sourced independently by Miercom that was unknown to any of the vendors.

David Corlette

David Corlette
Product Manager

When Tinfoil Hats Aren't Enough: Effective Defenses Against Advanced Persistent Threats (APTs) > Download Presentation
You probably know about the threat posed by APTs. You also may know that most experts will tell you that there are no cost-effective ways to completely prevent a determined attacker from getting into your systems. So what to do? Since returning to an agrarian society is likely not a viable option, this presentation will cover common APT techniques and ways to detect those techniques in action and rapidly react. We'll talk about how to leverage the Identity-powered enterprise to improve the accuracy and effectiveness of prevention, detection, and response.

Kevin McKenzie

Kevin McKenzie
Chief Information Security Officer
Clemson University
ISE® Southeast Executive Award Winner 2013
ISE® North America Academic Executive Award Winner 2013

Leadership, Collaboration and Sustainability  > Download Presentation
Security leaders are often concerned about being the next big target or becoming susceptible to new threats, but building a stronger, more effective security program goes beyond technological innovation. Leadership style and perception, as well as meaningful collaboration with industry partners can help build long-term sustainability for your security program. Many argue these qualities are essential to maintaining an understanding of our growing environment and preparing the next generation of security professionals for what is to come. This presentation will examine leadership perception and discuss the higher education segment as a worthwhile collaborative partnership for long term sustainability.

Dave McDermitt

Dave McDermitt
Assistant VP, Information Security Officer
Federal Reserve Bank of Atlanta
Atlanta, GA
ISE® Southeast Executive Award Winner 2014

Enable Secure Collaboration - Anytime, Anywhere  > Download Presentation
Recognizing that mobility is essential to business success and productivity, the Federal Reserve Bank of Atlanta did not let security challenges limit their ability to facilitate collaboration. The project team developed a solution that enabled its board to access and share sensitive information electronically — with protection down to the document layer — regardless of device platform, location and context and without inhibiting usability. Learn more about this innovative project and how it could be applied at the enterprise level.


Michelle Stewart
Senior Director of IT Security and Governance
The American Cancer Society

Shaun Hunt

Shaun Hunt
Vice President of IT Governance
The American Cancer Society

Achieving PCI Compliance with an Aggressive Timeline  > Download Presentation
After merging 12 chartered division organizations with its national home office in 2012, the American Cancer Society set out to quickly address major business challenges surrounding PCI Compliance. Learn how this leading non-profit was able to consolidate assets and processes, centralize and improve threat management, resolve gaps, reduce cost and successfully pass an onsite PCI audit with an aggressive timeline, allowing the organization to focus on its important mission of saving lives.

Scott Barronton

Scott Barronton
VP Security Compliance

Best Practices for Mitigating Threats via Privilege and Access Management  > Read Summary
In the wake of Edward Snowden’s admission that he leaked government secrets, all eyes are on the systems administrator and their privileged accounts and credentials. While the risk of insider threat should never be dismissed, the problem is that employees with privileged access have become prime targets for cybercriminals. Even low-level vulnerabilities may lead to the compromise of privileged credentials, which can provide access to proprietary data or even create another account — essentially opening a back door. Traditional technologies, such as antivirus, firewalls, and IDS/IPS, cannot contend with the innovative attacks plaguing networks today. The publicity resulting from the Snowden fallout points to a need to protect the systems administrators, their credentials, and the privileged accounts they manage. Context-aware security intelligence combined with privilege and access management empower security teams to make better-informed decisions as they mitigate the risk of escalating security threats - from desktop to the cloud.

Brian Phillips Brian Phillips
Security Director

Secrets to Achieving End-to-End Email Security  > Read Summary
Securing your infrastructure is essential in protecting your customers, but malicious attacks can affect users without even entering your network. The Anti-Phishing Working Group reported 72,758 phishing attacks targeting more than 700 institutions worldwide during the first half of 2013 alone. As Verizon's Data Breach Report shows, 95% of all data breaches begin with a phishing email — evidence that comprehensive ecosystem visibility, email intelligence, and real-time alerting and reporting are imperative to thwarting these attacks. Join our conversation to take a deep dive into advanced email security methodology and learn best practices to achieving end-to-end email security in order to protect your customers and enable business.

Paul Huesken

Paul Huesken
Chief Information Assurance Officer
The Coca-Cola Company
ISE® Southeast & North America Judge

Defending Against Advanced Threats in an Ever-evolving Threat Landscape  > Read Summary
It’s the move of a smart hacker; use one vulnerable point of entry on an interconnected system, then go after your real target. Now it seems one unfortunate HVAC maintenance man was used as the hacker’s pawn in the Target data breach scam. Fazio Mechanical Services, a provider of refrigeration and HVAC systems, was given access to a Target database so the company could remotely login for electronic billing, contract submission and project management. After stealing one Fazio worker’s credentials, the hackers used this digital pathway to insert the destructive malware.

Kyle Duke

Kyle Duke
Information Security Officer
ISE® Southeast People's Choice Award Winner 2010

Is BYOS the real problem in mobility?  > Read Summary
Many organizations are concerned about BYOD triggering security, privacy and intellectual property problems. But perhaps the bigger issue is Bring-Your-Own-Software (BYOS). For organizations, BYOS offers an attractive alternative for employees to streamline work activities, collaborate with colleagues, and be more productive. With free trials, inexpensive subscriptions, and easy-to-cancel policies, the barrier to adoption is low. However, organizations struggle to balance these benefits with the downside as this ad-hoc adoption of cloud services could pose greater risk than an external threat. Could BYOS be the biggest challenge in mobility?