SecurityRatty: tag: mandatory

SDL Training

2008-05-29 15:22:00 by sdl in The Security Development Lifecycle

...mandatory training? What about mandatory training in a subject that you really dont think is your area? What if you had to do it every year, and got harassed if you didnt do it? What if you were, say, an audio engineer and were dragged into a security class I ran the SDL training program at Microsoft for a long time, and developed and taught...

NERC CIP Rules Out - Logs In!

2008-01-24 13:06:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -

...mandatory last week, might well become "a new PCI DSS " and trigger "a golden age " of security in the energy industry: the rules are mandatory, they are specific (more specific than a lot of other regulatory security guidance) and there is an enforcement body (NERC) that can make life miserable for those not complying Here are some...

Tags: logs, review logs, preserve computer logs, responsible entity, security, cyber security, regulatory security guidance, guidance, review

Passport Canada web site suffers serious breach

2007-12-05 11:51:09 by Evan Francen in The Breach Blog

...mandatory security-breach law is long overdue in this country and it's cases like these that highlight it," said Michael Geist, a law professor at the University of Ottawa The reality is, even with the resources and the best security people, you're only as good as your weakest link," Prof. Geist said. "One mistake can result in significant...

Tags: passport canada, information, personal information, passport application information, application, breach, passport application site, passport canada spokesman, significant security breaches

Windows Integrity Mechanism: more than you ever wanted to know

2007-07-13 17:49:09 by Steve Riley in Steve Riley on Security

A while back, the technology in Vista called mandatory integrity control got a new name: Windows integrity mechanism. Recently the folks responsible for developing the technology have posted a good amount of documentation on it. Read the Windows Vista Integrity Mechanism Technical Reference for all the details

Tags: windows integrity mechanism, mandatory integrity control, folks responsible, technology, recently, details, vista, amount, documentation

Review of My 2007 Security Predictions: Too Wimpy

2007-12-23 15:46:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -

...Mandatory regulatory initiatives that pack a bite or a punch, such as PCI, will continue to spread and thus grow in importance, while jokes like HIPAA will continue to languish, helping my # VII prediction come true with a bang ... At the same time, I am undecided on the voluntary frameworks that you can choose to comply with...

Tags: status check iii, status check, status check viii, security, security predictions, status check vii, check, predictions, status

Highlighting the importance of data privacy... one person at a time

2008-01-11 09:29:07 by Jen Albornoz Mulligan in Security & Risk Management

...mandatory As more people are harmed by misuse of their data, the outcry for better protection will grow stronger. This will filter up to the ears of our legislatures who will strengthen data protection laws to assist identity theft victims. Especially once it strikes their parent, sibling, or children

Tags: data, data protection laws, data breach, easy data, lost, protection, account, lost valuable time, bank account

Do Not Call Registry saved from mandatory reset

2008-02-18 10:40:07 by Editor in Digg / Security

When the Do Not Call Registry launched in 2003, it had but one major flaw. Thanks to some rare Washington harmony, our DNCR registrations are safe for life (or until you move

Tags: call registry, rare washington harmony, dncr registrations, major flaw, safe, move, life

The First Step on the Road to More Secure Software is admitting you have a Problem

2008-02-21 14:26:00 by sdl in The Security Development Lifecycle

...mandatory use of tools, banning known bad functionality, better compilers, better linkers, better libraries etc etc. And that is what the SDL is all about and what our team is laser-focused on The reason you're seeing a reduction in vulnerabilities across major Microsoft products is simple Microsoft recognized it needed to improve security...

Tags: vulnerabilities, reduce security vulnerabilities, fewer security vulnerabilities, security vulnerabilities, source security bugs, bugs, major microsoft products, microsoft products, security

Product Vendor's sloppiness vs. Hacker's intelligence

2007-01-08 07:01:06 by RaviC in Musings on Information Security

...mandatory for a vendor to disclose the process employed to assure security in the vendor's product offerings

Tags: vendor, hacker, product, product vendors, resources, functional design, information asymmetry, valuable resources, product offerings

Your name:
Your email:
Describe a problem:
AntiSPAM Validation:

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo