SecurityRatty: tag: larry

Larry Sutos Paper Drama

2008-01-02 14:53:30 by RSnake in ha.ckers.org web application security lab

...Larry Sutos paper on web scanning depth analysis First let me put some rumors to bed here. I am not paid by NTO to use their tool. They let me use it for testing purposes because they actually care about making their product better. I have given similar help to three other scanning vendors as well. This shouldnt come as a surprise to anyone,...

Tags: paper, larry sutos paper, scanners, commercial scanners, test environment, environment, test, time, people

Wrapping up Threat Modeling

2008-02-14 22:51:35 by sdl in The Security Development Lifecycle

...Larry Osterman was writing about threat modeling , he casually tossed out A threat model is a specification, just like your functional specification (a Program Management spec that defines the functional requirements of your component), your design specification (a development spec that defines the architecture that is required to implement...

Tags: threat, threat modelers, threat models, threat model, design, design specification, specification, set, challenges set people

Monday Potpourri

2008-06-09 10:04:18 by HASH0x8ae18f0 in StillSecure, After All These Years

...Larry Dignan over at ZDNet has some good comments and stats on Apple vying with Microsoft and Linux/open source to be "the platform" of the future. I agree that the iPhone and iPod are Trojan Horses into the enterprise and along with the Mac represent a viable platform that could compete with Microsoft and the Linux/open source crowd....

Tags: platform, platform war, roi, security roi, security, viable platform, mac, financial analyst crowd, mac versions

Monday Potpourri

2008-06-09 11:04:18 by ashimmy in StillSecure, After All These Years

...Larry Dignan over at ZDNet has some good comments and stats on Apple vying with Microsoft and Linux/open source to be "the platform" of the future. I agree that the iPhone and iPod are Trojan Horses into the enterprise and along with the Mac represent a viable platform that could compete with Microsoft and the Linux/open source crowd....

Tags: platform, platform war, roi, security roi, security, webtop platform, mac, mac versions, viable platform

How personal information wound up at the side of the road is a mystery

2008-07-10 10:50:31 by Evan Francen in The Breach Blog

...Larry Davis made the discovery He says he was driving into town when he came across thousands of forms That's just uncalled for...you are entrusting these people with a lot of information that could ruin you very quickly, but yet they treat it like it's trash," said Davis Evan] I think most people share Mr. Davis' feelings. It is puzzling....

Tags: information, personal information, road, personal, w-2 forms, liberty furniture employees, w-2, eyewitness news, liberty furniture

Speaking of Security Podcast #52

2007-03-05 00:00:00 by Podcast Producers in Speaking of Security, the RSA Blog and Podcast

...Larry Hamid, CTO, MXI Security , about how their USB portable security devices are used for strong authentication, as a biometric device, to carry digital identities, and more. Also on the podcast is Sean Kline, Director of Product Management for RSA, who talks to us about the upcoming Daylight Savings Time (DST) change and how it effects IT...

Tags: rsa customers, carry digital identities, daylight savings time, rsa, product management, sean kline, biometric device, mxi security, strong authentication

DRM Scorecard Makes Me Wonder: The Media Industry and the TSA, Sadistic or Incompetent?

2007-08-02 08:19:00 by Eric Marvets in The Security Samurai

...Larry and Whos Your Caddy to be some sort of secret internal referendum on the crap the entertainment industry regularly produces, we have to assume from their actions (theater release inevitably followed by mass DVD production) that they are proud of their works and wish to share them with the entire world They worried about piracy with VHS,...

Tags: media industry, industry, media industry views, illogical behavior impedes, drm, behavior, drm scorecard, secret, secret internal referendum

Threat Modeling Self Checks and Rules of Thumb

2007-10-22 21:04:01 by sdl in The Security Development Lifecycle

...Larry Osterman has some in his blog post, " Threat Modeling Rules of Thumb " I helped edit those, but want to suggest additional changes. In particular, you need to be concerned is not actionable. Review this carefully, or Focus your attention here are more actionable. People threat modeling are already concerned Good rules of thumb encourage...

Tags: thumb, threat, rules, people threat, data, people, data sinks, thumb encourage flow, actual software

The New Threat Modeling Process

2007-10-02 01:15:35 by sdl in The Security Development Lifecycle

...Larry Osterman describes in this post Essentially, the elements are External entities (anything outside your control Processes (running code Data stores (files, registry entries, shared memory, databases Data flows (which connect all the other elements b. Draw trust boundaries between components. You can do this on a whiteboard, in Visio, or...

Tags: process, threat, process validation entails, threat model, software process diagram, people, people trust boundaries, love threat, hamster wheel

The Trouble with Threat Modeling

2007-09-26 19:11:00 by sdl in The Security Development Lifecycle

...Larry Osterman made that point, unintentionally in Threat Modeling Again, Presenting the PlaySound Threat Model , where he said Let's look at a slightly more interesting case where threat modeling exposes an issue. Youch! But as I wrote in a comment on that post, What you've been doing here is walking through a lot of possibilities. Some of...

Tags: threat, threat models, threat model, reasons threat, service threat, term threat, threat effectively, playsound threat model, development process

Your name:
Your email:
Describe a problem:
AntiSPAM Validation:

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo