SecurityRatty: tag: methodology

Screencast: An introduction to the Open Source Security Testing Methodology Manual (OSSTMM)

2008-05-27 07:49:22 by Peter Giannoulis in WhatIs: Enterprise IT tips and expert advice

Watch Peter Giannoulis as he introduces the Open Source Security Testing Methodology Manual (OSSTMM)and demonstrates how it can be used to defend machines from a brute-force dictionary attack

Tags: methodology manual, source security, brute-force dictionary attack, defend machines, peter giannoulis, osstmm, introduces

Application Due Care

2008-02-18 08:55:12 by RaviC in Musings on Information Security

...Methodology 3. Where does the application run? - Environment 1. Complexity - Applications are developed using one or more of open source software, third party libraries, re-used libraries (from the past), middleware, database and the run-time environment. In order to develop a truly secure application we need to ensure security in all of...

Tags: application, application due care, development methodology, methodology, application runs, application exist, application security, development, secure application

More on Application Security Metrics

2008-05-08 20:05:00 by Security Retentive in Security Retentive

...methodology is always changing, then its hard to say whether you're seeing more or fewer defects of a given type than before, especially as a percentage. That is, if you weren't catching a certain class of issue with the previous version of a static analysis tool but now you are, its hard to correlate the results to previous versions of the...

Tags: defects, fundamental design defects, fewer defects, architectural defects, implementation defects, security, application, security design, software developers

Defining Risk Management

2008-02-05 18:52:39 by Posted By: Paul Proctor, Research VP in IT Leaders - Security and Risk Management

...methodology. This proliferation has led organizations to struggle at the top with clearly defining what enterprise risk management (ERM) means to their organization, and at the bottom with defining what "risk" people do vs. their counterparts in traditional operational roles. Even within the various risk management groups, organizations must...

Tags: risk management, risk, enterprise risk management, led organizations, led, organizations, risk measurement, traditional, traditional operational roles

July 2007 - Operating System Vulnerability Scorecard

2007-08-16 22:47:26 by jrjones in Jeff Jones Security Blog

...methodology, sources and assumptions on this page May - July 2007 Client and Server Charts - Reduced Set of Linux Packages

Tags: server, linux server builds, server charts, charts, ytd charts, non-linux products, linux products, linux products comments, common server roles

More on Security vs Risk

2007-12-21 11:57:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -

So, I was reading some survey and came across this bizarre, mind-boggling (maybe even 'mind-numbing?') picture How can security be THAT disconnected from risk? Can somebody explain this to me? (Please don't explain by stating "crappy survey methodology" - I can pull this one myself, thank you very much Mr Hoff, can you help here About me:...

Tags: survey, crappy survey methodology, security, explain, risk, org, bizarre, pull, hoff

Blue Box #74: 2008 Crystal Ball Edition, Asterisk and Trixbox vulnerabilities, top 10 lists, VoIP security trends for 2008 and more....

2008-01-08 16:42:40 by HASH0x8940138 in Blue Box: The VoIP Security Podcast

...methodology for forensic analysis of VoIP systems TMC .net: SIP and Security: Just Do It Right PAETEC, Alcatel-Lucent Deploy Industry Leading Disaster Recovery VoIP Solution Feature: top stories of 2007 and trends for 2008 No comments this week Review of the last week's traffic on the VOIPSEC public mailing list Wrap-up of the show 43:57 -...

Tags: trends, vulnerabilities, voip security trends, security, trixbox vulnerabilities, voip vulnerabilities, listener comment line, comment line, top

Blue Box #74: 2008 Crystal Ball Edition, Asterisk and Trixbox vulnerabilities, top 10 lists, VoIP security trends for 2008 and more....

2008-01-08 17:42:39 by Dan York in Blue Box: The VoIP Security Podcast

...methodology for forensic analysis of VoIP systems TMC .net: SIP and Security: Just Do It Right PAETEC, Alcatel-Lucent Deploy Industry Leading Disaster Recovery VoIP Solution Feature: top stories of 2007 and trends for 2008 No comments this week Review of the last week's traffic on the VOIPSEC public mailing list Wrap-up of the show 43:57 -...

Tags: trends, vulnerabilities, voip security trends, security, trixbox vulnerabilities, voip vulnerabilities, listener comment line, comment line, top

SmartWater Works

2008-01-21 12:17:39 by schneier in Schneier on Security

...methodology -- interviewing criminals about what deters them is fraught with potential biases -- but it's still interesting Also note that SmartWater is not only sprayed on valuables, but also sprayed on burglars and criminals -- tying them to the crime scene

Tags: smartwater, smartwater products, deterrent, smartwater postersign, reasonable deterrent, deterrent factor, study, strong, strong deterrent effect

Your name:
Your email:
Describe a problem:
AntiSPAM Validation:

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo