White Papers

Whitepaper: Why Pay for Antivirus?

Why Are You Still Paying for Antivirus?

Nuisance malware can damage productivity and consume IT time, but advanced threats can cripple a company. As advanced attacks increase in both sophistication and quantity, the potential risk and damage they pose to organizations has increased exponentially. While antivirus (AV) serves a role in mitigating nuisance malware, it does not stop advanced threats and it should not be a top endpoint security investment in 2015. Are you still paying for antivirus?

SANS: Point of Sale Systems and Security

As countless retail organizations have fallen victim to POS-driven information security breaches targeting consumer payment card data, pressure on retail executives to take further action to protect POS devices has risen dramatically. Download the SANS Institute’s latest report on Point of Sale Security to understand how you can keep your POS systems secure.

Application Control in Windows 8.1 and Server 2012 R2

Application Control in Windows 8.1 and Server 2012 R2

One of the big challenges when it comes to IT administration is that of ensuring strong application control. If administrators are to keep employee desktops and corporate servers secure then they must be able to maintain full control over the applications that are installed on these devices.

Carbon Black Threat Hunting Whitepaper

Advanced Threat Hunting with Carbon Black

With the number of advanced attacks increasing every day—most undiscovered through traditional detection and response solutions—truly hunting for threats within your environment can be a laborious task. To combat this, enterprises must focus on prioritizing endpoint data collection over detection, leveraging comprehensive threat intelligence, and expanding detection beyond the moment of compromise.

Survey_IncidentResponse_2014_Bit9

SANS: Incident Response: How to Fight Back

Most organizations have not proactively prepared for a breach. In fact, a majority of incident responders (52 percent) say they lack the necessary visibility into endpoint vulnerabilities. Without continuous data collection at the endpoint, preparing and responding to a breach is exponentially hampered. Download the SANS Institute’s latest industry survey to understand these key findings.

Closing PCI DSS Security Gaps with Proactive Endpoint Monitoring and Protection

Closing PCI DSS Security Gaps with Proactive Endpoint Monitoring and Protection

Retailers and other covered organizations face increasing pressure to not only comply with PCI DSS 3.0, but to also protect servers and endpoints from evolving security threats. This new white paper explains how a positive security solution can help you achieve both goals, and avoid the costs and risks of non-compliance and/or a security breach.

Checklist: 10 Ways to Protect Your Company From a Data Breach

With retailers recently testifying before Congress that they’re facing increasingly sophisticated threats from cyber criminals, and no end to those in sight, it’s become apparent that your company needs to implement strategies that will protect itself from a costly data breach. Here are 10 ways you can more easily achieve that goal while maintaining required PCI compliance (all of these tips fall within one of five buckets — visibility; asset control; enforcement; trust policy; advance measurement.)

Bit9-and-CKPT-Integrated-Threat-Protecton

Technical Whitepaper: Bit9 + Carbon Black for Check Point

Bit9 + Carbon Black and Check Point have joined forces to empower security teams to take back the upper hand and better prevent advanced threats. This whitepaper will explore how the integration of Bit9 + Carbon Black’s next-generation endpoint and server security solution with Check Point’s next-generation threat prevention solutions closes the loop between the network and the endpoints to prevent advanced attackers from penetrating your systems and compromising your organization’s sensitive data.

Technical WP - Bit9 +CB for Palo Alto

Technical Whitepaper: Bit9 + Carbon Black for Palo Alto Networks

This technical whitepaper examines the importance of effective endpoint security and the benefits and need for its integration with next-generation network security solutions. This paper details how, together, Bit9 + Carbon Black and Palo Alto Networks deliver next-generation security solutions to close the loop between the network and the endpoints to prevent advanced attackers from compromising your endpoints, penetrating your systems, and compromising your organization’s sensitive data.

Technical Whitepaper: Bit9 + Carbon Black for FireEye

Technical Whitepaper: Bit9 + Carbon Black for FireEye

This technical whitepaper examines the importance of effective endpoint security and the benefits and need for its integration with advanced threat prevention solutions. This paper details how, together, Bit9 + Carbon Black and FireEye deliver advanced threat prevention solutions to help organizations defend against today’s most sophisticated attacks and prevent attackers from stealing your sensitive data.

SANS Whitepaper: Server Security: A Reality Check

SANS Whitepaper: Server Security: A Reality Check

This whitepaper discusses the methodology of internal and external attacks on data center servers and the applications running on them. It also discusses why, even with our layers of security in place today, servers are still vulnerable, and how organizations can leverage application controls to permit what is known and trusted while denying everything else.

9 Ways To Secure Your Retail Systems and Ensure PCI Compliance

9 Ways To Secure Your Store Systems and Ensure PCI Compliance

As a retail security professional, you are challenged with maintaining a constant state of PCI compliance and keeping your infrastructure safe using best-of-breed security solutions that help, rather than hinder, your quest to validate your systems.

Endpoint Security Demands Defense-in-depth and Advanced Analytics

Endpoint Security Demands Defense-in-depth and Advanced Analytics

When it comes to endpoint security, large organizations find themselves in a difficult situation. Most enterprises have host-based security software (i.e., antivirus software) installed on almost every PC and server, yet their IT assets are constantly attacked—and often compromised—by sophisticated malware and targeted attacks.

APT Confidential - Top Lessons Learned from Real Attacks

APT Confidential - Top Lessons Learned from Real Attacks

In this unprecedented time of cyber attacks, information about attacker methods is difficult to obtain unless you are the victim, and that is too late. This whitepaper details lessons learned from extensive interviews with security analysts at Bit9, Bit9 customers, and others.

Using Whitelisting to Combat Malware Attacks

Using Whitelisting to Combat Malware Attacks

Numerous studies have proven antivirus (AV) software’s inability to effectively catch all malware. In 2011, Carnegie Mellon University researchers found that “AV immediately detected up to 62.15 percent of malware and required days or even weeks to find the rest.”1 That study also concluded that “despite behavior-based detection, AV software can’t effectively detect all current forms of malware.”

Network and Endpoint Security

Network and Endpoint Security "Get Hitched" for Better Visibility and Response

Many organizations are struggling with security issues. Typically, organizations do not find out about security problems for weeks, months and sometimes even years—and when they do, it is usually by third parties alerting them.

Overcoming Blind Spots in Network and Endpoint Security

Overcoming Blind Spots in Network and Endpoint Security

Despite the fact that today’s IT security threats have advanced across a spectrum of sophistication and scale, defenses continue to fail with alarming consistency. The evolution of defense has produced fragmentation among security tools. The gap between network security technologies and defenses on endpoints and servers is a particularly pointed example.

Advanced Threat Landscape What Your Organizations Need to Know

Advanced Threat Landscape What Your Organizations Need to Know

In the wake of the numerous server data breaches reported this year, it is clear that traditional signature-based blacklisting security strategies are inadequate in addressing today’s sophisticated cyber threats. Advanced threats are targeting servers to steal valuable corporate intellectual property. These attacks happen fast – in less than 15-20 minutes – and are bypassing traditional security tools.

Advanced Protection Against Advanced Threats

Advanced Protection Against Advanced Threats

Finding the optimal approach to managing business complexity is a challenge, since this year’s solution is next year’s fixed cost. Anti-virus (AV) technology, for instance, may now cost more than the value it provides. Replacing or retiring it to reduce enterprise costs, however, may have legal ramifications. When navigating their options, organizations are faced with the following questions: What do we want to accomplish? Where do we begin? How will our outcomes improve?

Removing the Endpoint Blind Spot

Removing the Endpoint Blind Spot

In addition to being the most effective technology for preventing advanced and targeted attacks, Bit9 Parity fills an important gap in the overall visibility of activity within a network. The Bit9 Parity Agent is an endpoint sensor tracking all file and process activity in real time, while the Bit9 Parity Server provides a live inventory view into all executable content across all systems. When coupled with network sensors, such as intrusion detection/prevention systems (IDS/IPS) and firewalls, Bit9 provides audit data that enables earlier detection of threats, better filtering of noise, and faster investigation and remediation times.

Moving Beyond a Porous Perimeter

Moving Beyond a Porous Perimeter

Deploying Bit9 Parity Suite extends threat detection to endpoints and provides the information the Security Information and Event Management system requires to live up to its full potential.

The Desktop Dilemma: Liberty vs. Lockdown

The Desktop Dilemma: Liberty vs. Lockdown

Ask any Windows administrator or security professional and you’ll find widespread support for locking down PCs by removing users’ administrative privileges. Why then have so many IT organizations been unable to implement better controls in their desktop environments?

Realistic Security, Realistically Deployed: Today’s Application Control and Whitelisting

Realistic Security, Realistically Deployed: Today’s Application Control and Whitelisting

Historically, IT defense has focused largely on the threat. So-called “blacklist” technologies maintain an inventory of specific attack types, and provide defense against each. Today, the volume, variety and sophistication of attacks highlights the limitations of such approaches, as signature databases approach their upper limits and leave exploitable gaps in defense.

Bit9 + Carbon Black