White Papers

Featured White Papers

Internet threats come in many shapes and sizes, but generally the largest and most visible threats are those that exploit vulnerabilities and weaknesses over a network. With literally thousands of unique software vulnerabilities meeting these criteria each year, it is important to understand the lifecycle of a typical threat.

The vishing guide
Many of today's widespread threats rely heavily on social engineering, techniques used to manipulate people into performing actions or divulging confidential information, to leverage and exploit technology weaknesses. This white paper specifically examines vishing and provides an analysis of current and future vectors for this particular attack.

X-morphic exploitation
Browsing the Internet has become an increasingly risky business in recent years. The massive increase in vulnerabilities that can be exploited via the ubiquitous Web browser has meant that attackers have steadily adopted this vector as a primary infection route for malware payloads. This white paper examines the world of personalized, one-of-a-kind Web browser exploits and the dawn of x-morphic exploitation.

The Evolving Threat: Combat training for the new era of malicious code
With the significant new attack vectors and malicious code introduced over the last couple of years, enterprises have seen an evolutionary leap in the threat landscape. This white paper provides thought leadership for critical trends and new threats faced by enterprises today. Security and Network executives gain insight into how to evaluate the question "Can my existing platform protect against the latest evolution of innovative malicious code?"  

Managed security services deliver protection on demand
Organizations of all sizes need security that can adapt to their ever-changing environments, regulatory requirements and stakeholder demands. Managed security services put you in the driver's seat with protection on demand, giving you the flexibility and choice to secure your business in the manner that best suits your needs. It is security that works for you, instead of putting you to work.

Preemptive Security: Changing the rules of Internet security
The new standard that all security solutions are being measured from is "preemptive" security pioneered by IBM Internet Security Systems (ISS). This groundbreaking white paper details the many reasons why conventional "reactive" security has become outmoded in today's Internet-reliant environment.

Approaching Risk Management as a Business Process (PDF)
This white paper describes how companies can manage security risk as a business process and illustrates where IBM Internet Security Systems' current offerings enable the risk management process.

A Strategic Approach to Protecting SCADA and Process Control Systems (PDF)
This white paper provides an overview of the security weaknesses present in Supervisory Control and Data Acquisition (SCADA) and other Process Control Systems, the potential impact of those weaknesses and recommended steps for assessing and securing these systems.

Forensic Incident Response: What to Do in Case of a Security Incident
This white paper explains the concepts associated with forensic incident response and describes many of the actions that can be taken during a security incident. Additionally, this whitepaper outlines the benefits of preparing for an incident in advance as well as the potential ramifications for not being prepared.

Compliance, Part 1: Concepts, Controls and Due Care (PDF)
The first of a two-part series, this white paper explains the concepts behind regulatory compliance, controls and due care. Learn how the ethical considerations of accountability, transparency and measurability have become legal requirements.

Compliance, Part 2: Risk Abatement, Strengthening Justification & Documenting the Security Process (PDF)
The second of a two-part series on compliance, this white paper goes into detail on the topics of proactive risk management and abatement, the benefits of a centrally managed "mesh" of technical security controls and best practices for documenting the security process.

Defining the Rules of Preemptive Host Protection: Internet Security Systems' Multi-Layered Strategy (PDF)
Only ISS offers a multi-layered security solution that can provide the preemptive protection needed to stop hybrid Internet threats before they negatively impact your business operations. This white paper will identify common problems associated with effectively protecting host systems and define the components of ISS' Proventia Desktop, which is a comprehensive solution offering a superior level of host protection.

The Evolution of Managed Security Services (PDF)
IT organizations face many challenges when attempting to keep pace with rapid security technology advancements, developing successful security procedures and staffing skilled security experts. ISS has developed the Virtual Security Operations Center (Virtual-SOC) integrated services architecture to help organizations such as yours address these challenges. 

An Executive's Guide to Vulnerability Management (PDF)
Vulnerability identification and remediation is traditionally delegated to technical staff without adequate recognition of its impact on business processes or regulatory compliance. This white paper helps executives understand the benefits of a business-based vulnerability management process as part of a comprehensive risk management model.

FISMA Compliance: A Holistic Approach to FISMA and Information Security (PDF)
Maintaining an effective, compliant environment goes beyond periodic audits, paperwork and reporting. It requires a holistic strategy to improving security posture and compliance. This white paper provides an overview of the Federal Information Security Management Act (FISMA) and discusses how the ISS approach to developing and maintaining an enterprise-wide security infrastructure best addresses FISMA requirements.

How to Select a Managed Security Provider - A Comprehensive Guide and Checklist for Networked Enterprises (PDF)
Outsourcing your information security to a managed security services provider offers the potential to improve security while lowering operational expenses. This white paper is designed to help you evaluate managed security service providers so you can reap the full benefits of outsourced security management.

How to Take the Fear Out of Bringing Government Systems Online (PDF)
The key to an effective defense is vigilance, process, skilled staff and comprehensive security products. This white paper describes how ISS can help your organization dynamically detect, prevent and respond to hybrid threats across networks, servers and desktops.

The Lifecycle of a Vulnerability
Before there are exploits, there are vulnerabilities. This white paper discusses the advantages of vulnerability-driven research over exploit-driven research in providing ahead of the threat protection from exploits.

Microsoft Vista's Kernel-Locking
Businesses want secure environments. Forward-thinking information security providers encourage software vendors to make platform improvements,with the overarching goal of improving customer security.

Outsourced Information Security Management - A Business Case for Shareholder Value (PDF)
Information protection remains a challenge even for companies with well-planned, in-house security practices. Learn how the decision to select a managed services provider and outsource information security management can create an attractive, cost-effective alternative.

The Payment Card Industry Data Security Standard: How and Why to Become Compliant (PDF)
Organizations that store or process credit card information need to understand the Payment Card Industry (PCI) Data Security Standard and why compliance with the standard is in their best interests. This white paper provides an overview of the PCI Data Security Standard, the benefits of becoming compliant, the consequences of non-compliance and suggestions for achieving compliance.

Penetration Tests: The Baseline for Effective Information Protection (PDF)
Penetration testing simulates a covert or hostile network attack to help you identify specific exploitable vulnerabilities on a network. Read this white paper to find out how penetration testing can help you.

Remediation Fiction and Facts: A Business Based Guide to Remediation
The end result of a successful remediation project is the reduction in threats for extended periods of time and the relief from recurrent vulnerabilities. A successful remediation plan, like any other business activity, must have a profit margin to add value. This white paper, authored by Senior ISS Professional Security Services Consultants, addresses the risk and remediation activities based on the best return on investment (ROI) and/or cost-to-benefit ratio, and details the process necessary to develop this business-based risk model.

Remote Office Security: An Integrated, Preemptive System from Gateway to Desktop (PDF)
Remote or branch offices can be very attractive targets for viruses and worms because they typically don't have the resources to focus on Internet security. In fact, cyber-criminals hoping to take advantage of more lenient security procedures may target remote offices specifically. Learn how to effectively protect these "weakest links" in your corporate network before they are compromised in an attack.

Response Strategies for Hybrid Threats: A New Approach to Protecting Online Information Resources (PDF)
Hybrids are a dangerous and costly escalation, both on corporate networks and across the Internet. The key to an effective defense is vigilance, process, skilled staff and comprehensive security products. This white paper can help you dynamically detect, prevent and respond to hybrid threats across networks, servers and desktops.

Risk Management & Productivity: Addressing the Business Value of Security (PDF)
While many businesses recognize that investments in network security are necessary, justifying the return on these investments has proven to be troublesome. This white paper will help you understand how preemptive, integrated solutions from ISS can quantify your security investments and reconcile them with increases in productivity, bandwidth recovery and network uptime.

Spyware Prevention: ISS' Multi-Layered Approach to Stopping Information Theft
Spyware is any software application that, without the user's knowledge, collects information about the system it resides on and reports that information back to a third party. This white paper summarizes the spyware threat and details ISS' approach to protecting your business from this threat.

Virus Prevention Without Signatures (PDF)
Viruses have been on the attack for more than 20 years, and the cost of dealing with them is escalating. This white paper describes how the Virus Prevention System (VPS) from ISS fits into a multi-layered protection strategy, providing preemptive protection at the host/desktop and gateway.

VoIP: The Evolving Solution and the Evolving Threat (PDF)
Voice over Internet Protocol (VoIP) technology brings voice and data traffic together on the same IP-based network and is becoming an increasingly appealing telephony solution for enterprises. This white paper offers you more information about VoIP technology, vulnerabilities and attack types.

Web Application Protection (PDF)
Web-based applications can facilitate interactions with customers, prospects and partners. Unfortunately, many Web-based applications have inherent vulnerabilities and design flaws that compromise security. This white paper highlights threats specific to Web applications and provides guidance on effective approaches to improving their security.

Active Wireless Protection (PDF)
Wireless networks based on the 802.11b (WiFi) and similar standards are convenient, inexpensive and easily deployed without great technical expertise. As such, they are rapidly finding a home within home and enterprise networks. The advantages and cost savings introduced by wireless mobility also create significant security risks. This white paper explains a proactive methodology that enables organizations to safely and securely control and manage WiFi networks within a business environment.

ASP.NET Web Applications (PDF)
Microsoft's .NET framework provides developers with the ability to build and deploy applications and services via the Web. Although this technology provides powerful functionality to developers, these services can represent a potential threat to the security of a Web server. This white paper discusses some of the security mechanisms and configuration options available to administrators to help secure these applications and reinforce the integrity of the Web server.

Controlling the Use of Instant Messaging and Peer-to-Peer Applications with the Proventia Intrusion Prevention Appliances (PDF)
Instant messaging and peer-to-peer applications can pose a variety of security risks to your network. This white paper identifies the techniques that can help you control the use of these applications with Proventia Intrusion Prevention Appliances.

Defining the Rules of Preemptive Protection: The ISS Intrusion Prevention System (PDF)
Part of the challenge when selecting a network intrusion prevention system (IPS) is knowing exactly which characteristics to look for. How can you determine which IPS will deliver accurate, preemptive protection against the next Internet threat? This white paper defines the three characteristics of preemptive protection to help you easily evaluate the efficacy of a network intrusion prevention solution.

Denial of Service FAQ
Denial of service (DOS) attacks are assaults against your network that can effectively limit or block Internet access. To most businesses, this would result in some inconvenience and possibly some productivity losses. To web based and ecommerce companies, however, DOS attacks could result in substantial monetary losses ranging from loss of sales to loss of customer confidence. This on-line FAQ outlines how you can minimize your risk and help protect your network.

Lotus Domino Security (PDF)
Lotus Domino is an application server that is powerful, extensible and customizable for many different tasks. However, improper configuration can create serious security risks. This white paper outlines how you can configure your Lotus Domino installation to minimize these risks.

Proventia Content Analysis Technology
Effective Web and e-mail filtering relies on three components: a robust content analysis process, a vast amount of data, and the means to analyze that data. ISS' content analysis technology uses all three of these components to provide the foundation for ISS' content security products and solutions.

Risk Exposure through Instant Messaging and Peer-To-Peer (P2P) Networks (PDF)
Winner of a 2002 Bitpipe White Paper Award
The popularity of instant messaging and peer-to-peer networking technologies has risen dramatically in recent years. As these services become increasingly popular, an increased risk emerges as well. This white paper outlines technical countermeasures that can help you reduce security risks posed by a variety of instant messaging applications and peer-to-peer networks.

RPC Signature Quality (PDF)
There is a significant difference in the quality of signatures shipped with popular intrusion detection systems. This white paper highlights these by focusing on signatures developed for the Sun Microsystem RPC (Remote Procedure Call) system.

Security Implications of IPv6 (PDF)
Internet Protocol version 6 (IPv6) contains numerous features that make it attractive from a security standpoint. This white paper discusses the security implications of IPv6 and solutions that enable administrators to protect against attacks, intrusions and backdoors that take specific advantage of the protocol.

The Forensics of the Zotob Worm-Bot
The Zotob worm-bot does not exhibit the same behavior as past worms. This white paper describes why Zotob behaves differently, why customers are experiencing different activity on the network and how ISS products can be configured to identify more details about this bot.

Wireless LAN Security (PDF)
Wireless networking via the 802.11 standard's low cost, combined with strong performance and ease of deployment, mean that many departments and individuals already use 802.11b at home or at work. This white paper addresses the security concerns raised by both current and upcoming 802.11 network technologies.

X-Force Threat Insight Quarterly Report: Phishing and Other Significant Threats of 2004 (PDF)
This report focuses on "phishing," and reviews some of the common challenges faced by security professionals throughout 2004. Phishing uses spoofed e-mails, malicious Web sites and various vulnerabilities to trick users into divulging financial and personal information. As one of the fastest growing threats of 2004, phishing drew a lot of media attention, especially with regard to how it can be used for identity theft.