SecurityRatty: tag: baseline

Getting baseline records established with Tripwire 7

2008-04-29 00:00:00 by Steve Blass in Network World on Security

...baseline records established. We created nodes for each of our Windows servers and set up the Active Directory monitoring rules we want the system to use for monitoring directory service operations. For some reason the baseline operation runs very briefly and does not create a baseline record or provide any error messages to guide our...

Tags: baseline records, directory service operations, baseline operation runs, baseline record, windows servers, tripwire, error messages, active directory, software agents

Happy Birthday Toddler - - CMDB just turned 2

2008-06-24 20:24:00 by David Link in ScienceLogic

...baseline the environment. Then baseline what your state is 3, 6, and 12 months after installing CMDB Next: break metrics down to 2 strategic areas Strategic Operational Costs Application performance Compliance - internal auditors doing analysis keep track of their findings and incorporate into your elements for data gathering Operational...

Tags: cmdb, cmdb success, cmdb tools, framework tools, fancy framework tools, successful cmdb implementation, deploy, deploy tools, tools

Federal Information Security and Management Act -- Five Years On

2007-12-18 02:00:00 by Shannon Kellogg in Speaking of Security, the RSA Blog and Podcast

...baseline security standards for federal agencies. I remember that the information security community was excited about FISMA and its promise So, what's the verdict five years later? In my opinion it's a mixed bag. On one hand, FISMA has arguably increased awareness of, and focus on, federal information security

Tags: federal information security, management act, fisma, baseline security standards, information security community, mixed bag, federal law, focus, legal framework

Larry Sutos Paper Drama

2008-01-02 14:53:30 by RSnake in ha.ckers.org web application security lab

...baseline by which scanners can test themselves - whether they chose this particular environment, or another, is outside the scope of what I care about So let me re-iterate because I think people really took this whole thing and blew it way way out of proportion. The part of Larry Sutos paper that I thought was interesting was the concept of...

Tags: paper, larry sutos paper, scanners, commercial scanners, test environment, environment, test, time, people

Diminutive XSS Worm Replication Contest

2008-01-04 16:28:08 by RSnake in ha.ckers.org web application security lab

...baseline. His code is an impressively small 292 characters. Theres no prize here, however, I will definitely be talking about the winners code. The winner will be announced on the 10th after all submissions are in and posted. Visit the thread for more details. This should be interesting for anyone looking at worm propagation issues

Tags: xss worm, propagation, worm propagation issues, code, diminutive, live worm code, xss worm propagation, winners code, diminutive perl contests

New faces and predictions for the New Year...

2008-01-22 22:11:00 by sdl in The Security Development Lifecycle

...baseline with metrics that (assuming no major changes in policy or tracking practices in 2008) will have the same attributes at this time next year The motivation for my prediction is that via application of the SDL, Microsoft will continue to reduce vulnerability rates in our products. Sadly, there are not many other software vendors that...

Tags: sdl team, team, sdl, sdl blog crew, cve, cve vulnerabilities, microsoft, single prediction, microsoft products

Top 11 Reasons to Analyze Your Logs

2008-02-20 16:56:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -

...baseline learning is a useful and simple log analysis technique, but humans can only do it for so much OK, let's pick the important logs to review. Which one are those? The right answer is "we don't know, until we see them." Thus, to even figure out which logs to read, you need automated analysis Log analysis for compliance? Why, yes!...

Tags: time, real-time analysis, analysis, analyze, log analysis systems, logs, analysis tools, log analysis expert, suddenly analyze logs

Is PCI Really Working? 2007 Worst Year Yet

2007-12-31 03:32:31 by Bill in Grumpy Security Guy

...baseline and all that nice stuff. It is still way to slow and eats way too much budget to be effective. Sure we all need to be more secure but the people that know how to make a company more secure actually work there, not someplace else Related Posts Scariest Thing Ever Holly crap!! This is something straight out of a William S. Burroughs...

Tags: worst, security stories, pci, windows machines, nice stuff, grumpy security guy, nice, secure, install malware

Four stages to establishing a successful IT Risk Management Lifecycle

2007-11-27 13:24:00 by Ryan Shopp in practical risk management

...Baseline - what do you currently have in place, what do you know is missing, what are some industry recognized recommendations, organize this mountain of data with a maturity model methodology ( discussed in my previous posting ). Then pick 3 exposures that you think will have the biggest impact, that most likely will require the lowest...

Tags: risk management lifecycle, risk management, management, step process, step life cycle, step, process, time, peers

Your name:
Your email:
Describe a problem:
AntiSPAM Validation:

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo