SecurityRatty: tag: classification

Fuzz Testing at Microsoft and the Triage Process

2007-09-20 18:52:00 by sdl in The Security Development Lifecycle

...classification on the exception code and relevant details. In particular, we added an extra hierarchy over the automatically generated directory structure described above. To do this we introduced the following categories of exceptions Must Fix Further Investigation necessary Usually not exploitable I know what you're thinking, but remember...

Tags: chance exceptions, exceptions, exception handler, exception, divide-by-zero exception, exception code, triage process, process, first-chance exceptions

Intellectual Property- what is it and how do we secure it?

2007-12-29 06:43:45 by Editor in Security Links

...Classification: A Guide to the Nice Agreement is the essential manual you need. The advice included in this handy desk reference is fully in line with the ninth edition of the Nice Classification The above manual is written by a high authoritative author, Jesse N. Roberts who is the administrator of trademark classification at the United...

Tags: intellectual property, treaties, international patent treaties, major copyright agreements, agreements, copyright, rights, intellectual property rights, copyright legislation

Fun Reading on Security - 2

2008-05-09 12:20:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -

...Classification Is Dead ?" Rich Mogul explains why data classification by the owners is never going to fly... "Enterprise content is just too volatile for static tags to really represent its value. Even those of you in defense/intelligence dont *really* do granular data classification. " This is a good reminder to shoe that just spout the...

Tags: security, security industry longevity, security industry, technologies, security technologies evolution, security vendors, security perspective, security catalyst community, fun

Protect your data: everything else is just plumbing

2007-07-02 20:46:32 by Steve Riley in Steve Riley on Security

...classification scheme I discovered recently. Its simple and elegantwhich means its something you can actually use First, think about confidentiality classifications. These are important because they help guide your response in case of a breach. Four classifications should be sufficient: public, internal, confidential, and private Next,...

Tags: data security, comrms data security, data, security, confidential information, information, information security, temporary data, data vanishes

Mashup of the Titans

2008-06-25 17:29:25 by Gunnar Peterson in 1 Raindrop

...classification happened retrospectively Conclusion(gp): Information Security models tend to look at things statically through information classification lenses, but its how information is used that makes it valuable. In practice this is how information security theory breaks down in the face of reality - what does an access control matrix...

Tags: protection mechanisms, protection mechanisms correctly, information security, information, implements protection mechanisms, information travels, information security people, protection, potential information path

Introducing Google's online security efforts

2007-05-21 09:43:00 by A Googler in Google Online Security Blog

...classification, we select a subset of URLs believed to be suspicious for in-depth investigation. So far, we have investigated about 12 million suspicious URLs and found about 1 million that engage in drive-by downloads. In most cases, the web sites that infect your system with malware are not intentionally doing so and are often unaware that...

Tags: activity, malware activity, web servers, servers, malware, anti- malware effort, malware distribution servers, sites, web sites

Security World: Open Source Vulnerability Database 2.0

2007-12-18 12:37:12 by Editor in Help Net Security - News

OSVDB announced a major milestone in the cataloging, classification, description and management of software and hardware security vulnerabilities - the release of OSVDB 2.0, a complete rewrite of the

Tags: hardware security vulnerabilities, complete rewrite, osvdb, major milestone, release, description, software, classification, management

The New Threat Modeling Process

2007-10-02 01:15:35 by sdl in The Security Development Lifecycle

...classification system. Its really hard to use STRIDE to describe attacksthe impacts blend together really quickly. The most valuable use of STRIDE is to help people think about how threats have impacted elements of a design in the past. That is, its a framework for finding threats, not for describing them. What if someone spoofs this host 4....

Tags: process, threat, process validation entails, threat model, software process diagram, people, people trust boundaries, love threat, hamster wheel

The Naval Surface Warfare Center warns employees

2008-01-16 09:51:41 by Evan Francen in The Breach Blog

...Classification Policy, which is in turn part of the greater %Company% Corporate Information Security Policy Past Breaches Unknown

Tags: company data destruction, company data, employees personal information, personal information, destruction, information, information security, employees, employment information

WebSense eases data discovery

2008-02-07 00:00:00 by Ellen Messmer in

Your name:
Your email:
Describe a problem:
AntiSPAM Validation:

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo