SecurityRatty: tag: lessons

5 Lessons on Public Disclosure From Elliot Spitzer

2008-03-12 17:26:54 by Bill in Grumpy Security Guy

...lessons you can use if you ever find yourself involved in a public disclosure of a vulnerability on your web site or a disclosure of a massive breach 1. Understand that you have been caught Spitzer quickly understood that the cards where stacked against him and decided denials and platitudes where not going to work for him. Perhaps as a...

mandate internet safety lessons in schools?

2008-04-09 00:34:08 by Doug Woodall in The Spyware Biz Blog

...Lessons clipped from www.liquidmatrix.org Very nice. It would appear that common sense is starting to catch on! The Commonwealth of Virginia (one of my my former stomping grounds) has come out as the first US state to mandate internet safety lessons in schools. While I find this to be a bang up idea I just hope that it doesnt fizzle out

Tags: internet safety lessons, virginia, online safety, org, hope, schools, common sense, liquidmatrix, defeat threats

EMC CSO shares lessons learned from protecting storage giant

2008-01-17 00:00:00 by Bob Brown in Network World on Security

EMCs CSO shares security lessons, including encrypting laptops and using security information management tools

Tags: laptops

TJX Lessons

2008-01-22 14:11:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -

...lessons one year later . Highlights Breach disclosures don't always affect revenue or stock prices ... Despite being the biggest, costliest and perhaps most written-about breach ever, customer and investor confidence in TJX has remained largely unshaken TJX has said that in the 12 months since the breach was disclosed, it has spent or set...

Tags: tjx lessons, tjx, breach, breach disclosures, written-about breach, security controls, affect revenue, set, stock prices

Security Lessons Learned from Société Générale

2008-05-22 14:32:02 by Editor in IEEE Security and Privacy

The huge trading losses in 2007 and 2008 at Société Générale were caused by insider Jerome Kerviel's unauthorized actions. We can learn many lessons about the technological aspects of security from this insider attack, as well as some that we might hope to learn, but can't

Tags: insider jerome kerviel, lessons, technological aspects, insider attack, socit gnrale, security, actions, hope, losses

Is Risk Management a People Problem?

2008-03-10 15:45:47 by Alex in RiskAnalys.is

...lessons to be learned mentioned there arent so much people lessons as they are organizational lessons - because what enabled the security at Soc. Gen. was a break down not in technology, not in control, but in the absense of controls, and therefore is a Risk Management issue at its heart I say Soc. Gen. was a Risk Management issue because Sr....

Tags: risk management, risk, people, risk management issue, impacts people, security, security technology, risk tolerance, people lessons

Q&A with Geoff Horne of InteropNet

2008-06-25 16:20:59 by Louis DiMeglio in ScienceLogic

...lessons learned apply to enterprises Photo credit: The Tech Stop ScienceLogic: How long have you been involved with Interop Geoff Horne: Since about 1996 ScienceLogic: How has it been changing ? Does the show get more complex with new technologies or because of the constantly changing size of the show Geoff Horne: The technologies have...

Tags: geoff horne, network independently, network, core network, sciencelogic, vegas, interop vegas, interop, network management tools

WebGoat 1: SQL Injection Demonstration

2007-11-14 01:19:49 by Editor in Irongeek's Security Site

...lessons. I plan to use WebGoat for a few future videos. This first WebGoat video will show the basics of installing WebGoat and doing two of its SQL injection lessons

Tags: sql injection, sql injection demonstration, webgoat, video, webgoat video, sql injection lessons, database backend, future videos, basics

Fuzz Testing at Microsoft and the Triage Process

2007-09-20 18:52:00 by sdl in The Security Development Lifecycle

...lessons learned from vulnerabilities that required us to release security updates. It turns out that the animated cursor bug patched in MS07-017 had a positive impact on the automatic triaging our fuzz testing tools perform. In this post, I'd like to shed some light on how we monitor for program failures when fuzzing parsers and how the...

Tags: chance exceptions, exceptions, exception handler, exception, divide-by-zero exception, exception code, triage process, process, first-chance exceptions

A Bitter Pill To Swallow: First Generation CEP Software Needs To Evolve

2008-02-09 03:08:55 by Tim Bass in The Complex Event Processing Blog

...lessons I am amused at how, at times, the lessons appear self-serving, not end user serving. There is so much rich event processing history and proven architectures in CEP but not called CEP (CEP that actually works, in practice everyday, long before it was called CEP). It continues to puzzle me that a few people the CEP/EP community continue...

Tags: cep, cep space, cep softwaremust evolve, real cep capabilities, cep capabilities,

Your name:
Your email:
Describe a problem:
AntiSPAM Validation:

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo