SEARCH RESULTS
 
Showing 1-10 of 141 records
 
Expand article

The Austin Project

2008-01-21 22:45:39 by RSnake in ha.ckers.org web application security lab
 
...goal of the project is to get a group of likeminded people who are interested in talking about and learning more about web application security from yours truly. Honestly, I just feel like theres a lot more I can talk about in a weeks time than I could ever cover in a series of blog posts, especially because in an intimate class it is far...
 
Tags: people, competent people, project, helps people focus, austin project, austin project web-page, security, web application security, site
 
 
 
 
Expand article

What Are You Managing Towards? (And On Disproving Risk Management)

The Article has images
2008-06-03 14:41:11 by Alex in RiskAnalys.is
...goal of Quantitative Risk Analysis is to be precise. We believe the goal is to be accurate. Subtle but important difference FAIR can be used both Quantitatively and Qualitatively. The decision on which method to be used depends on various factors that Steve lays out nicely in the article there We believe that Risk Management is more than...
 
Tags: management, risk management, term risk management, management focuses, management approach, risk management process, patch management, cost management, upper management
 
 
 
 
Expand article

Are you attending RSA Europe 2007 ?

The Article has images
2007-10-13 17:36:56 by Erik T. Heidt in Art of Information Security
...goal of the presentation is to help technologists, like myself, become better at influencing change and championing innovation in their organizations. That said, I also hope there is a lot of valuable information for executives, managers, and line of business stakeholders who can use these concepts to coach and prepare the individuals who are...
 
Tags: business, quick business, six-part presentation, presentation, rsa europe, information security, information security initiative, business plan, innovation
 
 
 
 
Expand article

Diminutive XSS Worm Contest Drama and Status Update

2008-01-06 17:34:38 by RSnake in ha.ckers.org web application security lab
 
...goal is to remove those things and focus on the actual XSS propagation, for which there has been little research done to date Ive always said, you dont understand a problem until you see it and play with it. This is why having experience is always more valuable than schooling in a topic. Its like trying to get in a fist fight with a...
 
Tags: browser companies, browser, browser security arena, code, people visit, people, worm code, diminutive xss worm, xss worm
 
 
 
 
Expand article

Security is not all about Security Updates

2007-12-17 12:58:00 by sdl in The Security Development Lifecycle
 
...goals of the SDL and perhaps more importantly, the non-goals There are three major security-related disciplines here at Microsoft and people outside the company often confuse the three 1. Security feature development 2. Security response 3. Secure software engineering The first is all about building security features such as authentication...
 
Tags: security, end-user security documentation, security response, fix security bugs, response, security fix, implementation vulnerabilities, vulnerabilities, security feature development
 
 
 
 
Expand article

Fear Is Unhealthy

2008-01-17 07:35:09 by schneier in Schneier on Security
 
...goal and sometimes out of sheer hatred. The people terrorists kill are not the targets; they are collateral damage. And blowing up planes, trains, markets or buses is not the goal; those are just tactics. The real targets of terrorism are the rest of us: the billions of us who are not killed but are terrorized because of the killing. The real...
 
Tags: people terrorists kill, terrorists, terrorism, actual terrorism, kill, people, fear, million people, fearful people
 
 
 
 
Expand article

Ethics of Autonomous Military Robots

2008-01-28 07:12:35 by schneier in Schneier on Security
 
...goal are very preliminary and subject to major revision, but at the very least they can be viewed as the beginnings of an ethical robotic warfighter. The primary goal remains to enforce the International Laws of War in the battlefield in a manner that is believed achievable, by creating a class of robots that not only conform to International...
 
Tags: ethical, ethical constraint set, ethical robotic warfighter, ethics, ethical boundaries, international protocols, war tradition subscribes, war, international
 
 
 
 
Expand article

Stiennon wants to know - it is all about execution

2008-03-21 01:15:44 by HASH0x8b48134 in StillSecure, After All These Years
 
...goal is to have our customers beat our partners doors down and that is happening too. A key difference in our NAC plan was having distribution partners in the "network fabric". We have accomplished that goal and it serves us well. NAC for us continues to evolve and grow, but we are doing just fine with it. We don't do rah, rah BS press...
 
Tags: stiennon, nac, richard nac, ignorant, ignorant richard, richard, richard stiennon, top richard, nac companies
 
 
 
 
Expand article

Seven Habits of Highly Effective Security Plans [Part 4]

2007-10-09 13:38:00 by Allen Baranov, CISSP in Security Thoughts
 
...goal and work towards it It makes life a lot easier for everyone too when they know their goal and it makes deciding on what is important and what isn't very much easier A boilerplate is a good start if you haven't got any idea where to start. The risks to most companies are the same, the technology is similar too. Most of the techniques...
 
Tags: handle information security, information, past information security, voila- policy documents, policy, information security, policy documents, habits, plan
 
 
 
 
Expand article

Stiennon wants to know - it is all about execution

2008-03-21 02:15:44 by ashimmy in StillSecure, After All These Years