Abstract: Whatever your reasons for needing to capture a complete audit trail for all database activity, you want to make sure your system allows you to support three accepted approaches. This three-way auditing ability can provide auditing for all activity in your database, including monitoring, reporting, and alerting on all critical data activity across your company. Learn more about these approaches, and their many benefits.

Abstract: Data auditing and data encryption are two key Payment Card Industry (PCI) requirements for maintaining cardholder data protection. Although the two capabilities are distinct, they’re also synergistic—in fact, PCI recommends using data auditing as a substitute for encryption. Learn more about an auditing and encryption solution that can help you make better decisions about protecting your and your clients’ sensitive data.

Abstract: UNIX and Linux systems aren’t exempt from the rigors of regulatory compliance. System logs can help you spot suspicious insider activity and contribute to more accurate compliance reports by showing which users accessed what systems, what commands they executed, and what changes they made to key files and data. Find out how centralized UNIX/Linux auditing can help you troubleshoot and reduce your risk of non-compliance.

Abstract: Data breaches and leaks are on the rise—and the consequences, from theft of identity or intellectual property, can seriously compromise a company’s reputation. Stolen laptops, hacking, exposed e-mail, insider theft, and other causes of data loss can plague your company. How can you detect (and respond!) to breaches and protect your data center? Learn about the functions and benefits of an automated data auditing system.

Abstract: Database intrusion detection and security auditing continues to grow in importance. Thus, monitoring your database applications is a critical component of achieving a strong defense-in-depth around your sensitive data. However, to be efficient and effective, you must use the right combination of tools. Monitoring should never replace other layers in the security stack—it should complement the existing pieces instead.

Abstract: Under the US Sarbanes-Oxley Act, companies must maintain proven auditing practices and assure integrity and timeliness of data. Thus, companies must secure systems that monitor corporate data. To effectively accomplish this, you are best off investing in a solution that can comprehensively cover your reporting and auditing needs while providing you the capacity to respond swiftly should any incidents occur.

Abstract: It is hard to recall the last time an ERP implementation team included an auditor as an active member. This article explores key points in a project's lifecycle where the audit function should be involved and the deliverables to be expected.

Abstract: Have you heard the one where the Director of Product Marketing, the CIO and the auditor are found together in a small conference room? Couldn’t happen, you say? Au contraire! With traffic being the lifeblood of an e-commerce site the Marketing crew knows that the traffic numbers are going to be audited. And they look to the CIO to make sure that the numbers pass muster. If there’s a problem with the numbers, the CIO may be blamed.

Abstract: Original News & Educational Review Course Summary Ernst & Young, has put together the quintessential course for security engineers looking to improve their ability to protect their organization's website, systems, and network. Dubbed eXtreme Hacking, and carrying a price tag of $5,000 a slot, this course is for anyone but hacks. With an impressive course book that fills a two-inch thick binder, leading Ernst & Young security engineers take you step-by-step through all the ways that bad guys try to subvert your mission critical servers and network configurations. Using dual-bootable NT-Linux laptops, and an accompanying network setup for practicing subversive attacks and exploits, attendees will leave the course with an entire new bag of tools and tricks that help them understand how bad guys identify target IP addresses, collect information about the systems they plan on compromising, and exploit weaknesses without being noticed. The idea is to learn how to figure out what the weaknesses are in your organization's network before the bad guys do.

Abstract: As digital information has become more and more critical to businesses, firewalls—which once served as the walls of the fortress, have now become an archaic means of defense. Thus, as threats evolve, responses must change as well. Rather than focusing protection solely on perimeter security, it is imperative to look at protecting data at the source—inside the database.

Abstract: At its core, security is all about risk reduction. One of the most effective database security practices, “defense in depth,” employs multiple layers of protection to reduce the risk of intrusion. No single level of defense is infallible, and even multiple layers cannot ensure your organization will be 100 percent impenetrable. However, they can make you far less vulnerable.

Abstract: Compliance with the US Sarbanes-Oxley Act (SOX) is not a one-time project, but a sustained effort to gain visibility into processes affecting financial reporting accuracy. Most IT controls are manual, error-prone, and resource-intensive. However, there’s a new, radical solution: an automated IT control framework in which all the information required to verify compliance is available in a single reporting system.

Abstract: Collecting, organizing, and reporting refrigerant gas usage is challenging and loaded with complexity. Often system auditing is confusing, and it’s difficult to remain in compliance with constantly changing regulations. Find out why staying in compliance is so important, and how you can save money, reduce emissions, and retain critical assets. Thrive in a carbon-constrained world while managing your refrigerants.

Abstract: Designed to improve consumer financial services, the Gramm-Leach-Bliley Act (GLBA) includes security provisions for protecting confidential electronic financial information. For the approximately 9,500 financial institutions affected, compliance can be complex and process-intensive. Learn about network security auditing and vulnerability management solutions that can make GLBA compliance faster and more cost-effective.

Abstract: Continental Airlines, the world’s sixth-largest airline, has more than 3,100 daily flights throughout the Americas, Europe, and Asia. Having employees across the globe, the airline realized that training for regulatory compliance auditing and reporting is a key human capital management issue. Find out how a learning solution helped the airline use the right tools, processes, and training to achieve compliance.

Abstract: Threats to data content posed by insiders. Compliance regulations entailing stringent data controls. It’s hardly surprising companies need to find more secure methods for keeping confidential data under lock and key. Learn about managing security challenges across three important layers of your IT infrastructure, and how database activity monitoring (DAM) and database auditing and protection (DAP) can help you.

Abstract: Many companies face the Sarbanes-Oxley (SOX) compliance challenge of monitoring all the data activity of their most privileged users. Those challenges include tracking access to sensitive financial data, reporting on controls, and responding to problems. Learn about a database auditing and protection solution that can help capture targeted activities, without impacting the performance of production databases and software.

Abstract: You think you're staying on top of security by monitoring your IT systems for changes and user activity. But current approaches to network security, such as native auditing, often fail to perform as well as they should. Before you hit the panic button, find out why your system may be letting you down, and letting unauthorized users in—and how with real-time insight into your servers, you can boost security and compliance.