SecurityRatty: tag: develop

ICANN's Announcement Of Anti-Domain Tasting Measures To Registrars

2008-07-08 15:42:32 by Editor in Cheap Hack

...develop a plan for the deliberations on the Domain Tasting PDP (the "Design Team"), the principal volunteers to which had been members of the Ad Hoc Group on Domain Tasting and were well-informed of both the Final Outcomes Report of the Ad Hoc Group on Domain Tasting and the GNSO Initial Report on Domain Tasting (collectively with the Issues...

Tags: icann, directly, fees directly, fees, registrar fees effective, effective, registrar-level fees, fee, per-transaction fee

DNS hole prompts synchronized patching effort by IT vendors

2008-07-08 13:00:00 by Editor in Computerworld Security News

A cache poisoning flaw that was discovered earlier this year in the Domain Name System protocol was kept under wraps while a group of vendors worked in tandem to develop software patches

Tags: develop software patches, vendors, system protocol, tandem, flaw, domain, wraps, cache

10 Myths About Life As An IT Security Professional

2008-04-25 23:08:41 by Craig Balding in Security Wannabe

...development, social engineering, physical security, cryptography, crisis management, disaster recovery, 3rd party security reviews etc etc You get to bark security orders . Some people feel that holding a security policy in their hand means they get to call the shots. Do this on a regular basis and not only is it counterproductive but its a...

Tags: security, company security policy, security policy, technical security skills, technical security, policy, security professional, platform specific security, cool

The Arizona Office of the Auditor General finds plenty of holes

2008-06-23 12:28:27 by Evan Francen in The Breach Blog

...develop and implement procedures for regularly conducting security reviews of their critical Web-based applications. [Evan] Even though it seems like its the same story in company after company, I am still amazed by how many organizations don't know what or how many applications that have (not to mention servers, clients, routers, switches,...

Tags: information, information security officer, personal information, information security staffs, confidential information, information security, university information, sensitive information, sensitive

Article: Analytics Brief: Securing The New Data Center

2008-01-07 05:28:32 by Editor in Security Links

...develop security and management strategies as they develop deployment plans for virtualization New threats to security come on two fronts. The first and most obvious is the additional software footprint represented by virtualization. On the desktop, virtualization is often implemented as an application that runs as a process under a desktop...

Tags: virtual environment, environment, virtual appliances range, virtual appliances, security, tools, security tools, develop security, security holes

Who should do your security audits? Or, how do you organize the security department?

2008-02-07 22:25:32 by Steve Riley in Steve Riley on Security

...developing policies and without having some mechanism to measure compliance. That's the role of the auditing function -- to measure compliance. If we all agree that policies are good, then we should all agree that checking up on ourselves is also good So, then, who should conduct the audits? For comparison, let's examine a typical software...

Tags: information, information assets, information security, alignment folk, security alignment folk, information security department, alignment, security department, security

Money for nothin, code for free - if you don't own the copyright you could be in Dire Straits

2008-03-19 01:45:00 by HASH0x8aede64 in StillSecure, After All These Years

...develop it themselves or hope to develop a community to continue development, but I haven't seen that pulled off very often, if at all To stay with Bob's money for nothin theme, if he does not protect against this, Untangle could find themselves in dire straits

Tags: software untangle, software, core software, source security software, commercial, commercial product, source, source code, larger commercial customers

Do you listen to your users?

2008-04-04 21:18:17 by Editor in Security x.0

...development of more secure technologies their top design priority . We urge the industry, through selfregulation and codes of best practice, to demonstrate its commitment to this principle. (4.38 8.15. We therefore recommend that the Government explore, at European level, the introduction of the principle of vendor liability within the IT...

Tags: internet, personal internet security, software, content control software, software vendors, users, software liability, club, ilkley computer club

Software Security Metrics and Commentary on "Metrics Framework" Paper

2007-09-17 20:41:00 by Security Retentive in Security Retentive

...develop a sustainable metric. A necessary assurance component to be sure, but not necessarily the first metric I'd focus on if I'm asking the question "How secure is my app?" I'm loathe to rely on testing for the bulk of my metrics A few of the metrics above are unmeasurable or inappropriate I think. Its hard for me to imagine how we'd...

Tags: metrics, software security metrics, metrics framework, metrics miss, design-time metric, design, upstream sdl metrics, application, web application security

Your name:
Your email:
Describe a problem:
AntiSPAM Validation:

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo