SecurityRatty: tag: framework

Software Security Metrics and Commentary on "Metrics Framework" Paper

2007-09-17 20:41:00 by Security Retentive in Security Retentive

...Framework to Drive Application Security Improvement " recently and some thoughts started to gel about what types of web application security metrics are meaningful This is going to be part-1 of 2 about the paper and software security metrics. In this first installment I comment on the metrics from the paper and provide what I believe are...

Tags: metrics, software security metrics, metrics framework, metrics miss, design-time metric, design, upstream sdl metrics, application, web application security

Identity Framework Probable Feature List

2007-12-16 06:42:00 by Keith Brown in Security Briefs

...Framework (Fx for this post). Based on what he's shown and his descriptions, I've put together a little list of some features we can probably expect from the Fx. This is all pre-alpha stuff and the API will probably change, but the core features being shown will probably be similar These are a rather concise set notes that I've taken while...

Tags: informationcard login control, login control, information card serializer, information, control, user authentication methods, user, custom sts, card

Healthcare Best Practices Security Framework

2007-12-27 17:37:00 by Ryan Shopp in practical risk management

...Framework in an actionable, track-able way

Tags: information security framework, information security, major enterprises, it-grc solutions, practices, hitrust, enable, track-able, actionable

Happy Birthday Toddler - - CMDB just turned 2

2008-06-24 20:24:00 by David Link in ScienceLogic

...framework tools; these complex databases are only as good as the trusted source of information inserted. You have to put a bunch of elbow grease into figuring out what to actually put in the CMDB So how do you define the metrics First you need to know where you are starting from you will need to baseline the environment. Then baseline what...

Tags: cmdb, cmdb success, cmdb tools, framework tools, fancy framework tools, successful cmdb implementation, deploy, deploy tools, tools

IT Risk Management

2008-03-28 13:09:26 by Marc Othersen in Security & Risk Management

...framework. Once developed, the framework will help IT organizations identify major risk areas, identify scenarios linking risks and controls, and establish a common risk language to clearly communicate with business leaders In order for the framework to have a solid risk-based foundation we will be using many of the principles of COSO. In...

Tags: risk management, risk, risk management framework, risk events, major risk, risk assessment, key risk indicators, framework, risk response

Managing Audit Thrash

2007-10-08 19:04:00 by Bryan in practical risk management

...framework. This controls framework should be the central repository for everything you do for security. It should cover every regulation you're subject to, your organization's security policy, and the controls that your customers and partners require you to implement Similar controls should be cross-referenced and consolidated into a single...

Tags: security audits leaves, security audits, controls information, information, controls, security, controls framework, framework, similar controls

Building a Security Architecture Blueprint

2008-05-16 09:26:55 by Gunnar Peterson in 1 Raindrop

...framework for putting a strategic context around information security program. The main idea is that instead of starting with security goals (cue the ritual CIA invocation), we start with considering security in the context of the stakeholders - business, development, operations, customers, and so on You can then use the framework to assign...

Tags: security architecture, security architecture blueprint, security, security architecture capabilities, blueprint, information security program, information, post, grc post

FISMA Report Card News, Formulas, and 3 Myths

2008-05-27 16:36:28 by rybolov in The Guerilla CISO

...framework: Dancho points out this framework in his post which is really an auditors plugin to the existing NIST Framework for FISMA. Thing is, nobody has a viable alternative framework because its still going to be the same people with the same training executing in the same environment Urban Cell-Phone Fire Myth photo by richardmasoner ....

Tags: report card, fisma report card, fisma, fisma measures, fisma compliance title, fisma report cards, security, security programs based, framework

Basel II Implementation in the Philippines

2006-08-15 01:17:00 by Jomni in Risk Management Quant

...framework. The latest version of the framework is very much in line with Basel II . Major changes that are expected to have significant impact on the ratios would be the addition of an operational risk capital charge and the revision of the risk weight for Philippine government foreign currency bonds (ROP) from 0% to 100 In a previous...

Tags: philippines, basel, bsp philippines, framework, capital adequacy framework, credit risk weight, risk weight, bsp, book exposures

Phishers, Spammers, and Malware Authors Clearly Consolidating

2007-12-09 21:14:53 by HASH0x89fa6a4 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge

Your name:
Your email:
Describe a problem:
AntiSPAM Validation:

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo