SecurityRatty: tag: mitigation

Anonymizer acquired by risk-mitigation firm

2008-05-01 00:00:00 by Ellen Messmer in Network World on Security

Herndon, Va.,-based risk-mitigation firm Abraxas Corp. announced it has acquired, for an undisclosed price, San Diego-based Anonymizer, which makes products that shield a user's identity online

Tags: identity online, anonymizer, san, herndon, user, shield, price, products

Mitigating Exploitation Techniques

2008-10-03 00:07:00 by sdl in The Security Development Lifecycle

...mitigation Over the past decade exploitation techniques have been developed and refined to the point that very little expertise has been needed to successfully exploit software vulnerabilities. These refinements have lowered the bar for attackers and drastically increased the probability that an attack will be successful. This has led to the...

Tags: techniques, mitigation technique, mitigation, mitigation techniques attempt, exploitation, mitigation techniques, exploitation techniques, successful exploitation attempt, successful

Updated Microsoft Security Assessment Tool

2008-12-02 04:13:03 by Steve Riley in Steve Riley on Security

...mitigation efforts, including links to more information for additional industry guidance. These resources may assist you in keeping you aware of specific tools and methods that can help change the security posture of your IT environment There are two assessments that define the Microsoft Security Assessment Tool Business Risk Profile...

Tags: security, security world, additional security resources, tool, security posture, identifiable information whatsoever, assessment, information, tool offers

SDL and the XSS Filter

2008-08-27 15:35:00 by sdl in The Security Development Lifecycle

...mitigation that only applies to specific clients and a subset of attacks. So we didnt cross-reference IEs XSS Filter post on the SDL blog at the time. Instead, I agreed to write a subsequent post about the relationship of XSS Filter to the SDL and to the ways that our SDL and security science teams think about improving product security For...

Tags: xss, xss filter, xss vulnerabilities, xss led, anti-xss library, xss attack, xss attacks, attacks, xss filter remembers

Security ROI

2008-09-02 06:05:53 by schneier in Schneier on Security

...mitigation alternatives. A smart company needs to approach security as it would any other business decision: costs versus benefits The classic methodology is called annualized loss expectancy (ALE), and it's straightforward. Calculate the cost of a security incident in both tangibles like time and money, and intangibles like reputation and...

Tags: security, security countermeasures, countermeasures, incident, security incident, individual security countermeasures, security measure cuts, security measure reduces, security vendors

Autorun: good for you?

2007-09-23 05:29:48 by Steve Riley in Steve Riley on Security

...mitigation. At a recent conference I was surprised at the number of folks who haven't considered the risks of leaving it enabled. Surely by now most of you have heard about how certain music CDs can spread rootkits in your network. Yeah, holding down the [Shift] key when inserting a CD-ROM or USB drive will bypass the autorun.inf file -- but...

Tags: autorun, autorun raises, autorun commands, autorun settings, key, registry key, disable autorun, computer, computer configuration

Malware Infected Hosts as Stepping Stones

2008-02-21 22:03:01 by HASH0x8b1f7bc in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge

...mitigation approaches In typical proxybot infections we investigate proxy servers are installed on compromised machines on random high ports (above 1024) and the miscreants track their active proxies by making them "call home" and advertise their availability, IP address, and port(s) their proxies are listening on. These aggregated proxy...

Tags: hosts, malware, socks hosts, malware infects hosts, top application, application, stones, top, activities

CFIUS 2 - M&A 0

2008-02-20 22:51:02 by HASH0x8bbd720 in StillSecure, After All These Years

...mitigation agreement. As I wrote about last week, 3Com and company had offered to spin off Tipping Point to remove any potentially sensitive technology from the deal. I guess that wasn't enough for those free trade dudes at CFIUS. So the 3Com-Bain deal joins the Checkpoint-Sourcefire deal as being shut down by the government. 3Com's stock...

Tags: 3com-bain deal joins, deal, bain, 3com, security company, company, free trade dudes, free trade, foreign owned company

How do you spell R-E-L-I-E-F?

2008-02-13 18:50:54 by HASH0x8bc3020 in StillSecure, After All These Years

...mitigation proposals including the selling off of Tipping Point In my mind the question is: Will that be enough? Is it only the Tipping Point stuff that causes the issue? Does 3Com have other sensitive technology. I don't know, but I am sure the recent arrest of 4 Chinese people on espionage type of charges did not help the Bain position....

Tags: buyer, potential buyer pool, questions, bain position, acceptable buyer, bain, based company decrease, substantial stake, mitigation proposals

Security Incident Strikes and You are on the Hot Seat..

2007-07-27 07:00:39 by RaviC in Musings on Information Security

Your name:
Your email:
Describe a problem:
AntiSPAM Validation:

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo