SEARCH RESULTS
 
Showing 1-5 of 5 records
1
 
Expand article

Poll: How Important is a POC When Getting Someone to Fix a Security Issue

2007-11-27 08:37:00 by Security Retentive in Security Retentive
 
...POC when demonstrating a vulnerability exists I've only ever had to do this once, and yet it seems that every time I read about a penetration test I see people spending lots of time crafting sample exploits rather than spending more time on finding more vulnerabilities, or fixing classes of vulnerabilities that are similar and offering...
 
Tags: issue, people, vulnerability, vulnerability exists, time, poc, lots, exploits, security vulnerability
 
 
 
 
Expand article

XSS on Whois

2007-12-30 20:55:53 by RSnake in ha.ckers.org web application security lab
 
...PoC However, Thrill then posted an screenshot of this on one of the several domain registrars that we found to be vulnerable to this. So now we proof that this can be done. Of course the usefulness of this is probably limited to only a few sites, but sites which often take credit card information for payment processing of domains. Which,...
 
Tags: apparently vulnerable, vulnerable, credit card information, domain, cool stuff, domain registrars, stuff, usefulness, sql injection
 
 
 
 
Expand article

Some Burning Logging Questions - Answered!

2008-04-23 16:20:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -
 
...PoC or pilot first. Then with the chosen vendor: phased approach based on location + type of log source (e.g. firewalls, then routers, then OS, then proxies, etc) + network topology (e.g. DMZ, then internal) + log source criticality (e.g. critical servers first; the rest next). This might be handy to look at Q3: What kind of storage...
 
Tags: data, raw log data, logs compress, logs, analyze unknown logs, unknown, data retrieval commands, measure logs, log data
 
 
 
 
Expand article

Is an incorrectly implemented security program better than a non-existent one ?

The Article has images
2008-09-03 16:02:00 by Random InfoSec Guy in Security Coin
...PoC is well established and in place. But then things change. Leaders change. Managers change. People's roles change. What doesn't, is the documentation regarding the project. But documents usually tend to highlight what the project does , not what it doesn't do . Nobody seems to remember there are additional tasks that need to get completed....
 
Tags: security, security program, program, security controls, change, leaders change, programs, security programs, roles change
 
 
 
 
Expand article

Another Google Bug Put Users At Phishing Risk Due To Domain Flaw And Frame Injection Possibility

2008-10-10 23:05:05 by CyberInsecure in CyberInsecure.com
 
...PoC) attack, published by Adrian Pastor of the GNUCitizen ethical hacking collective, exploits
 
Tags: sensitive google services, users login credentials, spoof pages, adrian pastor, security flaws, google calendar, security expert, attack, collective
 
 
 
 
 
Showing 1-5 of 5 records
1
 
TOP SEARCH
Expand / MinimizeClose Widget
  •  
RECENT SEARCH
Expand / Minimize
  •  
RELATED VIDEO
Expand / Minimize
SecurityRatty FAQ
Sergey Zarubin, 31yo
CISSP, CCSP
Moscow, Russia