SEARCH RESULTS
 
Showing 1-10 of 436 records
 
Expand article

Common Criteria and answering the question 'Is it Safe'

2007-12-20 16:57:00 by sdl in The Security Development Lifecycle
 
...Common Criteria ( aka ISO 15408) is the standard internationally recognized by 24 governments (including the US, UK, Germany, Japan, and others). Its interesting to consider that while all consumers of computer software want to have both confidence and detailed information about the security of software they want to purchase (or have already...
 
Tags: criteria, fails, common criteria fails, common criteria, common criteria arguably, common, arguably, arguably deficient, security
 
 
 
 
Expand article

Prospects Brightening for a Common Event Standard

2008-02-25 08:38:57 by Burton Group in Security and Risk Management Strategies Blog
 
...common event standard that allows event logs and audit records to be shared and understood across many products, and the good news is that theyre talking to each other Common Event Expression (CEE) language, by Mitre X/Open Distributed Audit Standard (XDAS), by Open Group The business benefits of creating a common event standard would be...
 
Tags: common event standard, standard, event standards space, space, standards, common event standards, standards deliberation, cee, cee web site
 
 
 
 
Expand article

Prospects Brightening for a Common Event Standard

2008-02-25 08:38:57 by Burton Group in Security and Risk Management Strategies Blog
 
...common event standard that allows event logs and audit records to be shared and understood across many products, and the good news is that they???re talking to each other Common Event Expression (CEE) language, by Mitre X/Open Distributed Audit Standard (XDAS), by Open Group The business benefits of creating a common event standard would be...
 
Tags: common event standard, standard, event standards space, space, standards, common event standards, standards deliberation, cee, cee web site
 
 
 
 
Expand article

Uncommon Assurance With Common Criteria

2008-10-15 00:00:00 by Satchit Dokras in Speaking of Security, the RSA Blog and Podcast
 
Corporations spend millions of dollars in getting their products Common Criteria-certified. It is a validation of being tested per an international security evaluation standard for meeting stated security claims. Yet, the claims made by companies are not mandated to be at rigorous security levels by the Common Criteria standard it merely...
 
Tags: common criteria standard, claims, security claims, rigorous security levels, products common, companies, validation, corporations, millions
 
 
 
 
Expand article

Open Redirects and Common Weakness Enumeration

2008-10-16 14:58:00 by Russ McRee in HolisticInfoSec.org
 
...Common Vulnerabilities and Exposures), but perhaps you're less familiar with CWE (Common Weaknesses Enumeration). Both are significant efforts, international in scope, and the excellent products of The MITRE Corporation , sponsored by the National Cyber Security Division of the U.S. Department of Homeland Security Approximately six months ago...
 
Tags: redirects, common weaknesses enumeration, weaknesses, redirect, cwe, redirect vulnerabilities, cwe-601, software weaknesses, cve
 
 
 
 
Expand article

Common Permissions in Microsoft Windows Server 2008 and Windows Vista

2008-05-22 14:32:02 by Editor in IEEE Security and Privacy
 
This article provides a compact overview of the rich permission model used for access control in modern Microsoft Windows operating systems with special emphasis upon the file, directory, and registry subsystems. Guidance on avoiding common security mistakes is provided
 
Tags: common security mistakes, rich permission model, modern microsoft windows, special emphasis, registry subsystems, compact overview, access control, guidance, file
 
 
 
 
Expand article

Avoiding common misconceptions about video analytics

2008-05-28 00:00:00 by HASH0x8b09f24 in Network World on Security
 
...common myth about video analytics is that it can spot a terrorist in a stadium full of people -- something even the human eye can't detect. Or it can automatically "see" a person cheating at a black jack table, while highly trained surveillance personnel cannot. This article covers the five biggest myths of video analytics technology and...
 
Tags: video analytics, video, technology, video analytics technology, fiction, black jack table, science fiction, article covers, alerts holds
 
 
 
 
Expand article

Supporting your family, friends, and neighbors

2008-02-13 17:45:40 by Steve Riley in Steve Riley on Security
 
...common malware like certain prevalent worms and rootkits. Since the tools introduction, millions of computers have been cleaned of billions of pieces of malware If you need to quickly scan a computer for malware, try the Windows Live OneCare safety scanner. Its free, and it might be a useful habit for you to develop every so often when you...
 
Tags: suspicious e-mail message, mail, home computers defense, home computers, e-mail, home, web mail, windows live mail, site
 
 
 
 
Expand article

How Secure is Secure?

2008-05-08 16:46:00 by sdl in The Security Development Lifecycle
 
...Common Criteria , and as Michael Howard discussed in his post on security metrics , trying to objectively quantify and measure How secure is secure is far more difficult than one might think. Id like to share my perspective that there are two dimensions useful to consider when characterizing software security metrics: security functional...
 
Tags: security metrics, software security metrics, implementation vulnerabilities, potential implementation vulnerabilities, metrics, secure, software, discretionary security protection, security protection
 
 
 
 
Expand article