SEARCH RESULTS
 
Showing 1-10 of 274 records
 
Expand article

Vendors aren't changing focus, you were just blissfully unaware

2008-05-08 08:09:41 by HASH0x8902444 in StillSecure, After All These Years
 
...focus from concentrating on the tech geeks to focusing on the business decision maker. Michael's proof is rather subjective, but revolve around the fact that when he was a geek not in management, vendors use to wine and dine him to influence him to support their technology and tell his boss to buy their products. As he moved up to become a...
 
Tags: sales teams, emc sales teams, business, business stakeholder, people, sales people, sales, vendors, michael
 
 
 
 
Expand article

How To Become A Security Blogger?

2008-08-29 11:07:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -
 
...focus more on targeting security professionals or general IT users?", "Any pitfalls I should be aware of?" as well as general questions about how to start, what content is best, etc all the way to "How did I profit from my blog Q: Who should I blog to A: Blog to colleagues first i.e. infosecurity pros. Blogging to IT or general public is -...
 
Tags: security, blogger, security blogger, posts, bloggers posts, longerdeep posts, security professionals, site design, design
 
 
 
 
Expand article

Getting into the Flow With Threat Modeling

The Article has images
2007-10-11 23:25:00 by sdl in The Security Development Lifecycle
...focus threat modeling, and how Ive applied it The concept of flow originated with Mihaly Csikszentmihalyi. It refers to a state where people are energetically involved with what theyre doing. Seeing this a few times during threat modeling sessions made it obvious when it was missing, and it was missing often. I set out to address some of the...
 
Tags: threat, people develop skills, people, challenge people, flow, sdl threat, entire threat model, threat model, guide people
 
 
 
 
Expand article

Movie Plot Threats in The Guardian

2008-09-04 05:56:57 by schneier in Schneier on Security
 
...focus on the World Cup and terrorists attack Wimbledon, we've wasted our money It's this fetish-like focus on tactics that results in the security follies at airports. We ban guns and knives, and terrorists use box-cutters. We take away box-cutters and corkscrews, so they put explosives in their shoes. We screen shoes, so they use liquids. We...
 
Tags: terrorists bomb, bomb, threats, terrorists, terrorists attack wimbledon, specific targets, security, targets, security follies
 
 
 
 
Expand article

Software Security Metrics and Commentary on "Metrics Framework" Paper

2007-09-17 20:41:00 by Security Retentive in Security Retentive
 
...focus on if I'm asking the question "How secure is my app?" I'm loathe to rely on testing for the bulk of my metrics A few of the metrics above are unmeasurable or inappropriate I think. Its hard for me to imagine how we'd measure AnomalousSessionCount appropriately. Seems like if we had proper instrumentation for detecting these as...
 
Tags: metrics, software security metrics, metrics framework, metrics miss, design-time metric, design, upstream sdl metrics, application, web application security
 
 
 
 
Expand article

Consulting and Size

2008-05-16 10:11:09 by Gunnar Peterson in 1 Raindrop
 
...focus on training , architecture, detailed design. Of course, we work on projects that are sometimes very large and if necessary we can help build out larger teams sourced from other places but our focus is excellence in training, architecture, and design not jamming 15 blue suited consultants into your cubes Not that there isn't room for...
 
Tags: law firm, firm, larger, larger teams, people, focus, hire, special forces, architecture
 
 
 
 
Expand article

A horse's ass approach to virtualization security

2008-10-14 01:52:00 by Manu Namboodiri in Data Protection, Management and Leakage
 
...focus on protecting the virtual OS, the virtual networks, or the hypervisor software itself. More specifically, most current virtualization security technologies are focused on preventing hypervisor root kits, providing intrusion detection, anti-malware, anti-virus, network security, etc. In the physical world, this is similar to individually...
 
Tags: virtualization security, virtualization, virtualization security solutions, virtual, virtual infrastructure, approach, on-demand virtual devices, ephemeral virtual environment, data
 
 
 
 
Expand article

Given the Current Economic Turmoil, What Should IT Managers Do?

2008-10-17 11:38:02 by Posted By: John Bace, Research VP in IT Leaders - Security and Risk Management
 
...focus that CIOs must address now is what impact will this financial crisis have on IT in the next budget cycle. Also, how can IT help the enterprise demonstrate trustworthiness to key stakeholders, maintain critical functions that drive revenue and cash flow, and focus on the needs of the people who work for your organization At the heart of...
 
Tags: financial crisis, current financial crisis, increase cash flow, increase, central focus, cash flow, focus, senior management, obvious issues
 
 
 
 
Expand article

MS08-067 and the SDL

2008-10-23 01:09:00 by sdl in The Security Development Lifecycle
 
...focus on the SDL-required code analysis, code review, fuzzing and compiler and operating system defenses and how they fared. Code Analysis and Review I want to start by analyzing the code to understand why we did not find this bug through manual code review nor through the use of our static analysis tools. First, the code in question is...
 
Tags: manual code review, code review, vulnerabilities, reduce security vulnerabilities, sdl, windows, windows server, sdl process fails, sdl process