SEARCH RESULTS
 
Showing 1-10 of 376 records
 
Expand article

Software Security Metrics and Commentary on "Metrics Framework" Paper

2007-09-17 20:41:00 by Security Retentive in Security Retentive
 
...paper " A Metrics Framework to Drive Application Security Improvement " recently and some thoughts started to gel about what types of web application security metrics are meaningful This is going to be part-1 of 2 about the paper and software security metrics. In this first installment I comment on the metrics from the paper and provide what...
 
Tags: metrics, software security metrics, metrics framework, metrics miss, design-time metric, design, upstream sdl metrics, application, web application security
 
 
 
 
Expand article

Jericho Forum and the Collaboration Oriented Architecture (COA) position paper

2008-05-09 14:16:55 by Burton Group in Security and Risk Management Strategies Blog
 
...paper last month at the RSA and Infosecurity Europe conferences. The paper is now posted at http://www.opengroup.org/jericho/COA v1.0.pdf For those who may be unfamiliar with Jericho Forum, it started as a user forum for discussing the problem of deperimeterization, wherein centralized firewalls become less effective as the mainstay of...
 
Tags: coa, coa framework, coa paper focuses, jericho forum, paper, reputation repository, reputation, coa position paper, future jericho forum
 
 
 
 
Expand article

Jericho Forum and the Collaboration Oriented Architecture (COA) position paper

2008-05-09 14:16:55 by Burton Group in Security and Risk Management Strategies Blog
 
...paper last month at the RSA and Infosecurity Europe conferences. The paper is now posted at http://www.opengroup.org/jericho/COA v1.0.pdf For those who may be unfamiliar with Jericho Forum, it started as a user forum for discussing the problem of deperimeterization, wherein centralized firewalls become less effective as the mainstay of...
 
Tags: coa, coa framework, coa paper focuses, jericho forum, paper, reputation repository, reputation, coa position paper, future jericho forum
 
 
 
 
Expand article

PED vulnerability paper receives Most Practical Paper award at Oakland

The Article has images
2008-05-21 09:56:48 by Saar Drimer in Light Blue Touchpaper
...paper at the IEEE Symposium on Security and Privacy ( slides We are very pleased that we are the recipients of the new Most Practical Paper award of the conference, given to the paper most likely to immediately improve the security of current environments and systems. Thanks to everyone who supported this work
 
Tags: paper, practical paper award, pin entry devices, ieee symposium, ped, ross anderson, immediately improve, current environments, pin scheme
 
 
 
 
Expand article

A New Way to Back Up Digital Files on paper

2008-09-04 08:28:19 by Editor in IT Security - The IT Security Industry's Web Resource
 
...paper, in a bar code format. A friend of mine says he tried it and that it even works PaperBack is a free application that allows you to back up your precious files on the ordinary paper in the form of the oversized bitmaps. If you have a good laser printer with the 600 dpi resolution, you can save up to 500,000 bytes of uncompressed data on...
 
Tags: paper, code, source code, paper backups, real programmers dared, data, data density, real programmers, flash cards
 
 
 
 
Expand article

Larry Sutos Paper Drama

2008-01-02 14:53:30 by RSnake in ha.ckers.org web application security lab
 
...paper on web scanning depth analysis First let me put some rumors to bed here. I am not paid by NTO to use their tool. They let me use it for testing purposes because they actually care about making their product better. I have given similar help to three other scanning vendors as well. This shouldnt come as a surprise to anyone, as Im part...
 
Tags: paper, larry sutos paper, scanners, commercial scanners, test environment, environment, test, time, people
 
 
 
 
Expand article

Blue Box #75: Asterisk vulnerability, SANS paper on VoIP security, SPIT, tons of listener comments and much more...

The Article has audio podcast
2008-02-11 14:31:43 by HASH0x8c00788 in Blue Box: The VoIP Security Podcast
 
...paper on VoIP security, SPIT, tons of listener comments and much more Welcome to Blue Box: The VoIP Security Podcast #75, a 38-minute podcast from Dan York and Jonathan Zar covering VoIP security news, comments and opinions Download the show here (MP3, 17MB) or subscribe to the RSS feed to download the show automatically You may also listen...
 
Tags: voip, voip-news top, voip-news, voip blogs, voip security news, security, voip security podcast, listener comment line, comment line
 
 
 
 
Expand article

Blue Box #75: Asterisk vulnerability, SANS paper on VoIP security, SPIT, tons of listener comments and much more...

2008-02-11 15:31:42 by Dan York in Blue Box: The VoIP Security Podcast
 
...paper on VoIP security, SPIT, tons of listener comments and much more Welcome to Blue Box: The VoIP Security Podcast #75, a 38-minute podcast from Dan York and Jonathan Zar covering VoIP security news, comments and opinions Download the show here (MP3, 17MB) or subscribe to the RSS feed to download the show automatically You may also listen...
 
Tags: voip, voip-news top, voip-news, voip blogs, voip security news, security, voip security podcast, listener comment line, comment line
 
 
 
 
Expand article

Fun Paper: "Logs vs Web Hacking"

2008-02-14 13:18:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -
 
...paper like this for a long time, but never found time to do it. I am soooo happy somebody else did it So, enjoy " Detecting Attacks on Web Applications from Log Files " in SANS Reading Room : logs vs OWASP Top 10 web attacks - the battle of the century - who will win (bet on logs One thing I miss in the paper is that all suggested...
 
Tags: logs, paper, attacks, web attacks, time, owasp top, web applications, log files, soooo happy