SEARCH RESULTS
 
Showing 1-10 of 265 records
 
Expand article

iPhone vs. ITs Standard Answer, No

2008-06-16 10:48:16 by Dave Lewis in Liquidmatrix Security Digest
 
...answer would be if they asked us: No. Not ready. Not good enough. Not yet No? Never heard that one before? Ha As a security guy, Im a little more open minded on the introduction of the iPhone. Now the ball point pen mind you, that is somewhat suspect in my book Article Link
 
Tags: iphone, support microsoft exchange, business users, users, security guys, article link, official position, safe, security outfits
 
 
 
 
Expand article

Q&A with Doug McClure: Is BSM Lite the Answer?

The Article has images
2008-07-15 00:02:59 by Julia Lim in ScienceLogic
...answer cant be to buy this product, module or widget to fill in the gaps. In my opinion, we must establish a BSM overlay within IBM Tivolis development and product management organization that ensures that we have clearly thought about how to enable BSM with the hundreds or products that we sell. In my opinion, every product release must...
 
Tags: lite, bsm heavy, bsm heavy directions, bsm, outcomes, expect lite outcomes, bsm lite approach, approach, bsm heavy solution
 
 
 
 
Expand article

Fun TLR Log Management Questions

2008-03-14 12:04:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -
 
...answering some of them here (questions are anonymous and slightly rewritten for clarity Q1: When you mention "forensics", are you speaking in term of legal forensic terminology - or in terms of incident investigation A1: When I say "forensics", I usually mean it in the legal sense. I call other investigations simply "incident investigations;"...
 
Tags: log, log ownership issues, log services, log messagessecond, log management, log management solution, management, log sources, incident response team
 
 
 
 
Expand article

What Are You Managing Towards? (And On Disproving Risk Management)

The Article has images
2008-06-03 14:41:11 by Alex in RiskAnalys.is
...answers to that question. I thought Id list some of the answers Ive heard and talk about them with you today 1.) Being Secure or Managing to Security Generally, this concept of being secure is the most common answer. And when Im given that answer, it generally means that management focuses on Vulnerability Management, Patch Management, and to...
 
Tags: management, risk management, term risk management, management focuses, management approach, risk management process, patch management, cost management, upper management
 
 
 
 
Expand article

Even More Logging Questions - Answered

2008-08-06 11:43:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -
 
...answers for them and all my blog readers Q1: How do you handle variety of log sources? There are so many, almost beyond my capability A1: Sorry to ponder the meaning of "is" here, but what is meant by "handle"? It is really not that hard to collect logs from a large number of diverse sources (as long as the logs can be delivered via syslog...
 
Tags: log server, log, log sources, log management, control, questions, specific control, network security control, log protection
 
 
 
 
Expand article

Common Criteria and answering the question 'Is it Safe'

2007-12-20 16:57:00 by sdl in The Security Development Lifecycle
 
...answer that question, security professionals require time (usually at substantial cost) to analyze not only the considerations above, but also examine in depth the software itself, its intended use, the environment in which it will be used, and a variety of other factors. Consumers who are not security savvy will likely make judgments based...
 
Tags: criteria, fails, common criteria fails, common criteria, common criteria arguably, common, arguably, arguably deficient, security
 
 
 
 
Expand article

More Log Management Questions - Answered!

2008-05-23 16:04:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -
 
...answering them here for my readers. BTW, LogLogic product-specific questions can be found on LogLogic website ; I am not answering them here Q1: Is a preferred log management program to consolidate the log data and then allow us to review them A1: The answer is "Yes!" for a vast majority of use cases consolidating logs work better than the...
 
Tags: log management, log, defines log retention, log policy, log management tool, log management program, infrastructure logs, logs, log messages
 
 
 
 
Expand article

Why PCI Is Good For Business

2007-12-03 17:16:25 by RSnake in ha.ckers.org web application security lab
 
...answer that I can get on board the most with is that its to promote spending by increasing consumer confidence. So the obvious goal is to reduce account take-overs, and information disclosure wherever possible - not necessarily to eliminate it, but to increase buyer confidence by lowering the statistical probability that they will be...
 
Tags: mega huge company-a, huge, pci, security, security directly impacts, company-a, mega huge company-b, company-b, exploit
 
 
 
 
Expand article

Is there a "silver bullet" to IT Compliance Management?

The Article has images
2007-12-06 13:12:00 by Ryan Shopp in practical risk management
...answering questions about IT Compliance & Risk Management? I came across a great two part thread in my blog reader that help crystallize things for me. It also enabled me to finally layout a logical response to a request I hear often. Is there a "silver bullet" to my IT compliance program? Here are some of those key points (from that posting)...
 
Tags: compliance, compliance management, silver bullet, compliance institute, standards, numerous standards organizations, compliance close, controls, compliance requirements