SEARCH RESULTS
 
Showing 1-10 of 22 records
 
Expand article

Getting baseline records established with Tripwire 7

2008-04-29 00:00:00 by Steve Blass in Network World on Security
 
...baseline records established. We created nodes for each of our Windows servers and set up the Active Directory monitoring rules we want the system to use for monitoring directory service operations. For some reason the baseline operation runs very briefly and does not create a baseline record or provide any error messages to guide our...
 
Tags: baseline records, directory service operations, baseline operation runs, baseline record, windows servers, tripwire, error messages, active directory, software agents
 
 
 
 
Expand article

Pragmatic CSO Podcast #5 - Dig (into) the Baseline

The Article has images
2008-02-13 09:18:06 by Mike Rothman in Mike Rothman's blog
...Baseline Your Environment. Here are a couple of the topics covered Finding the holes in your perimeter Looking at your applications (the most IMPORTANT ones anyway The softer side of security: User perception and user awareness Also make sure to listen for Dr. No. He makes a special guest appearance in today's show Time: 5:43 Intro music is...
 
Tags: pragmatic cso podcast, special guest appearance, classic bass lines, baseline, image credit, user awareness, intro music, user perception, direct download
 
 
 
 
Expand article

Pragmatic CSO Podcast #4 - Wherefore art thou policies?

The Article has images
2008-02-08 07:34:55 by Mike Rothman in Mike Rothman's blog
...Baseline Why you need to do this, what you are trying to achieve, and a little bit on policies (such as a monitoring policy and a communications plan Intro music is once again "Welcome to the Jungle" and I send you on your way with Aerosmith's "Get a Grip," since that is what taking the baseline is all about The show runs 6:23. Right on...
 
Tags: pragmatic cso podcast, communications plan, policies, baseline, intro music, direct download, reader, time, bit
 
 
 
 
Expand article

Federal Information Security and Management Act -- Five Years On

2007-12-18 02:00:00 by Shannon Kellogg in Speaking of Security, the RSA Blog and Podcast
 
...baseline security standards for federal agencies. I remember that the information security community was excited about FISMA and its promise So, what's the verdict five years later? In my opinion it's a mixed bag. On one hand, FISMA has arguably increased awareness of, and focus on, federal information security
 
Tags: federal information security, management act, fisma, baseline security standards, information security community, mixed bag, federal law, focus, legal framework
 
 
 
 
Expand article

Larry Sutos Paper Drama

2008-01-02 14:53:30 by RSnake in ha.ckers.org web application security lab
 
...baseline by which scanners can test themselves - whether they chose this particular environment, or another, is outside the scope of what I care about So let me re-iterate because I think people really took this whole thing and blew it way way out of proportion. The part of Larry Sutos paper that I thought was interesting was the concept of...
 
Tags: paper, larry sutos paper, scanners, commercial scanners, test environment, environment, test, time, people
 
 
 
 
Expand article

Diminutive XSS Worm Replication Contest

2008-01-04 16:28:08 by RSnake in ha.ckers.org web application security lab
 
...baseline. His code is an impressively small 292 characters. Theres no prize here, however, I will definitely be talking about the winners code. The winner will be announced on the 10th after all submissions are in and posted. Visit the thread for more details. This should be interesting for anyone looking at worm propagation issues
 
Tags: xss worm, propagation, worm propagation issues, code, diminutive, live worm code, xss worm propagation, winners code, diminutive perl contests
 
 
 
 
Expand article

New faces and predictions for the New Year...

2008-01-22 22:11:00 by sdl in The Security Development Lifecycle
 
...baseline with metrics that (assuming no major changes in policy or tracking practices in 2008) will have the same attributes at this time next year The motivation for my prediction is that via application of the SDL, Microsoft will continue to reduce vulnerability rates in our products. Sadly, there are not many other software vendors that...
 
Tags: sdl team, team, sdl, sdl blog crew, cve, cve vulnerabilities, microsoft, single prediction, microsoft products
 
 
 
 
Expand article

Top 11 Reasons to Analyze Your Logs

2008-02-20 16:56:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -
 
...baseline learning is a useful and simple log analysis technique, but humans can only do it for so much OK, let's pick the important logs to review. Which one are those? The right answer is "we don't know, until we see them." Thus, to even figure out which logs to read, you need automated analysis Log analysis for compliance? Why, yes!...
 
Tags: time, real-time analysis, analysis, analyze, log analysis systems, logs, analysis tools, log analysis expert, suddenly analyze logs
 
 
 
 
Expand article

Is PCI Really Working? 2007 Worst Year Yet

2007-12-31 03:32:31 by Bill in Grumpy Security Guy
 
...baseline and all that nice stuff. It is still way to slow and eats way too much budget to be effective. Sure we all need to be more secure but the people that know how to make a company more secure actually work there, not someplace else Related Posts Scariest Thing Ever Holly crap!! This is something straight out of a William S. Burroughs...
 
Tags: worst, security stories, pci, windows machines, nice stuff, grumpy security guy, nice, secure, install malware
 
 
 
 
Expand article

Four stages to establishing a successful IT Risk Management Lifecycle

The Article has images