SEARCH RESULTS
 
Showing 1-10 of 17 records
 
Expand article

CHECKLISTS ARE NOT FOR DUMMIES, BUT THEY SURE ARE DUMB!

The Article has images
2008-06-11 13:51:33 by Alex in RiskAnalys.is
...Checklists are Not For Dummies, Dummy which looks at the use of checklists and how they are important for quality and the reduction of variance. I think its important in this day and age of Security Through Diligence to take a look at what checklists can and cannot do, because Mark makes an important point - reminding us that there is a time...
 
Tags: checklists, article checklists, article, mmmmm-mmmmmmm checklists, nice checklists, provide analysis, provide, nature, nature statement
 
 
 
 
Expand article

More On Checklists

2008-06-12 09:49:24 by mcurphey in Mark Curphey - SecurityBuddha.com
 
Alex Hutton posted this follow up on my first post about checklists. He is of course spot on. Checklists in my humble opinion can provide a State of Nature, but cant provide a State of Knowledge or a State of Wisdom (nice phrases). They certainly dont do computation or analysis but what they do is
 
Tags: checklists, nice phrases, humble opinion, provide, alex hutton, follow, wisdom, knowledge, post
 
 
 
 
Expand article

Checklists -The Preserve of the Intelligent

2008-02-17 07:51:11 by mcurphey in Mark Curphey - SecurityBuddha.com
 
As the New Yorker says If something so simple can transform intensive care, what else can it do?. Dennis Groves sent me this article a week ago and I read it twice. Each time I couldnt stop myself thinking about how many people in the information security industry shun checklists and considering why this is
 
Tags: transform intensive care, dennis groves, week ago, yorker, people, stop, time, simple, article
 
 
 
 
Expand article

Checklists Are Not For Dummies, Dummy!

2008-05-24 11:50:10 by mcurphey in Mark Curphey - SecurityBuddha.com
 
At the OWASP Conference in Belgium this week I had a slide about checklists. This is the story behind the slide. My boss at Microsoft has a friend who is a pilot. He did his pre-take-off checklist and was cleared to taxi onto the runway by air traffic control. He consulted his checklist one
 
Tags: pre-take-off checklist, air traffic control, checklist, slide, owasp conference, checklists, friend, story, week
 
 
 
 
Expand article

US-CERT warns of flaw in latest RealPlayer

2008-01-02 00:00:00 by Robert McMillan in Network World on Security
 
The US-CERT is warning computer users of a possible problem with the latest version of RealPlayer after a Russian security company claimed to have found a way to exploit a critical flaw in the multimedia software IT Audit Checklists Advertisement Prepare for your next internal IT audit. Checklists cover security, risk management, PCI, and more
 
Tags: audit, checklists cover security, russian security company, audit checklists, multimedia software, us-cert, risk management, critical flaw, computer users
 
 
 
 
Expand article

'Ransomware' extorts payment with phone call

2008-01-02 00:00:00 by HASH0x8470748 in Network World on Security
 
New "ransomware" that locks up a person's PC and demands $35 to return control to its user is on the prowl, a security researcher said this week IT Audit Checklists Advertisement Prepare for your next internal IT audit. Checklists cover security, risk management, PCI, and more
 
Tags: checklists cover security, audit checklists, audit, return control, risk management, security researcher, ransomware, advertisement, locks
 
 
 
 
Expand article

Facebook's "Secret Crush" malicious widget tricks users

2008-01-03 00:00:00 by Ellen Messmer in Network World on Security
 
Facebook "Secret Crush" malicious widget tricks users into downloading adware, according to Fortinet IT Audit Checklists Advertisement Prepare for your next internal IT audit. Checklists cover security, risk management, PCI, and more
 
Tags: secret crush, audit, checklists cover security, audit checklists, risk management, facebook, advertisement, pci, fortinet
 
 
 
 
Expand article

The Checklist

2008-02-07 20:14:00 by Security Retentive in Security Retentive
 
...checklists to developers of common areas of concern, areas they need to make sure the document, etc Document how you handle authentication. if different from standard X, get a security reviews Document how you're handing input filtering. If not the standard library with declarative syntax, document and get a security review..... You get the...
 
Tags: secure, develop secure software, software, software development organizations, health, health care delivery, security, checklist, software development world
 
 
 
 
Expand article

Security Assessment Economics

The Article has images
2008-06-12 21:03:59 by rybolov in The Guerilla CISO
...checklists Provide the assessors with your own checklists so you can steer them (tipfrom Dave Mortman Self-identify vulnerabilities when appropriate (especially with vulnerabilities from previous assessments Typical contracting fixes such as scope management, reviewing resumes of key personnel, etc Get lucky when the vendor hires really good...
 
Tags: assessment, market, market simply, security, commodity market, people, quality people, assessment costs, assessment results
 
 
 
 
Expand article

Hackers get busted

2007-11-30 11:08:26 by Dan Cvrcek in Light Blue Touchpaper
 
...checklists and stick to them, or do they do the stuff intuitively and become careless after a few months or years? Clearly, the first option is how intelligence agencies would deal with the problem, because they know that human is the weakest link. But what about hackers? very bright and very skilled, but isolated from the rest of the world...