We're fresh off National Cyber Security Awareness Month and chances are you heard enough security company names over the past few weeks to make your head spin. From software vendors and service providers to analysts, conferences, and organizations, the information security industry has grown into quite a large and noisy space. But don't dismay - we've created an Information Security IndustryScape to provide a snapshot view of the players in the infosec landscape today. Whether you're new to the industry or an information security veteran, we think this infographic will come in handy for staying on top of who's who in the security zoo :-). We've tried our best to be as exhaustive as a 1200x900 pixel space will allow, but it's inevitable that in a rapidly moving industry like ours, this may not be comprehensive. Think we left someone out? Let us know in the comments! We'll continue to update this infographic periodically to keep it as current as possible. Add this IndustryScape to Your Website for free! Small Version Infographic by Digital Guardian Large Version Infographic by Digital Guardian

New Survey Suggests that Enterprise Data is a lot more Fluid than You Think - With File Sharing Apps a Major Contributor

Our collection of the most insightful and informative InfoSec blogs from the industry's foremost thought leaders.

Acquisition of 2014 Gartner Cool Vendor Extends Digital Guardian Data Protection to Cloud and Mobile Devices

Seventh in a Series from Former DuPont CISO on Trade Secret Protection for Manufacturers

We asked 34 experts what the biggest mistakes companies make with data security are. Here's what they had to say.

Did you see the Nova special Rise of the Hackers? I was stunned by an experiment they conducted:

Are you Vulnerable to a breach due to the “Shellshock" bug?The “Shellshock" Bash vulnerability is a serious information security issue . It is a powerful attack affecting businesses of all sizes and industries. Fortra's Vulnerability Management has teams of vulnerability researchers and personal security analysts addressing concerns, mitigating risk and answering commonly asked questions.Q: What...

Third in a Series from Former DuPont CISO on Trade Secret Protection for Manufacturers

The only security solution that defends data against insider and outsider threats using one endpoint agent.

Banks gain competitive advantage with capacity planning in digital age. Capacity management tools are a crucial part of modern enterprise systems – and they are rarely more necessary than in the world of high finance, where uptime and latency really matter.

Using Application Compatibility Fixes To Bypass User Account Control An often-overlooked method that can be used by an attacker to gain elevated code execution is utilization of a framework that is provided by Microsoft to help legacy applications function on newer versions of Windows. That framework is known as the application compatibility toolkit. Unfortunately, in addition to allowing legacy...

I would like to introduce myself as the new CEO of Verdasys.

FINDING CVE-2013-5014 AND CVE-2013-5015Sometimes there is nothing more ironic than coming across critical vulnerabilities in the very security software designed to protect systems. In these cases not only does the security software fail to prevent an intrusion; it actually becomes the vector that allows system compromise of an otherwise secure machine. Several antivirus products have had these...

DEEP DIVE ANALYSIS OF CVE-2013-2347One of the benefits our clients have when using our vulnerability scanner is that many of the vulnerability checks we write are non-authenticated. This means that we do not require credentials to authenticate to hosts over the network in order to check for vulnerabilities. Instead, our team of researchers frequently reverse engineers software to identify unique...

Capacity planning solutions can help organizations make the best use of limited resources in their IT environments.

DDIVRT-2013-55 LenovoEMC StorageCenter PX4-300R Unauthorized Remote File RetrievalDate Discovered: October 10, 2013Discovery Credit: Evan Sylvester and r@b13$Vulnerability Description: The web server for the LenovoEMC StorageCenter PX4-300R allows unauthenticated remote users to retrieve specific files that are located outside of the web root. Malicious users would need to have direct knowledge of...

A speech by cyber security expert Dan Geer

A note to our readers....The following is a blog post our organization was withholding while privately warning companies about a set of critical IPMI vulnerabilities in their rack mount hardware and the threat they posed to their security posture. Some of the content was covered in a B-Sides San Antonio talk two months ago by one of our researchers.Today the full-scope of this threat was...

Follow us on Twitter! Severity--------High Date Discovered---------------March 19, 2013 Discovered By-------------Digital Defense, Inc. Vulnerability Research TeamCredit: Dennis Lavrinenko, Bobby Lockett, and r@b13$ 1. Actuate 'ActuateJavaComponent' Arbitrary File Retrieval Vulnerability Description-------------------------Actuate 10 contains a vulnerability within the 'ActuateJavaComponent'. This...