SEARCH RESULTS
 
Showing 1-10 of 40 records
 
Expand article

The Economics of Finding and Fixing Vulnerabilities in Distributed Systems

2008-11-18 22:47:55 by Gunnar Peterson in 1 Raindrop
 
...pure statistical approach can only take us so far. Buffett said he would be a lot poorer if all he did was listen to Ben Graham. Book value is great to see the diametric opposition mentioned above, but it doesn't really tell us much about the efficacy of the security mechanisms What we do get out of this statistical approach is a screen. The...
 
Tags: information security, information, information security spends, safety information security, versus information security, information security budgets, information security budget, software security, software security space
 
 
 
 
Expand article

Playing With Homemade Explosives

2007-08-07 17:30:00 by Eric Marvets in The Security Samurai
 
...pure hydrogen in my balloons. In my mind, I was making mini-Hindenburgs. I would take them out to my fort and blow them up. Those made some nice explosions. It wasnt until a later experiment that I learned I was collecting oxygen in addition to hydrogen through electrolysis That later experiment occurred when I discovered dads acetylene tanks...
 
Tags: gas, lawn mowers gas, tank, cars gas tank, time, time delay fuse, terrorist, empty gas, recent terrorist plots
 
 
 
 
Expand article

When the shoe is on the other foot

The Article has images
2008-08-06 10:16:46 by HASH0x8472b8c in StillSecure, After All These Years
...Pure, where Fortify was having a party. Some how or another JJ, Ryan and I got to the VIP entrance and were headed in. Martin had to go upstairs and change out of his shorts. Mitchell that Colorado country bumpkin was not allowed in because he was wearing sandals. What to do? Leave Mitchell outside, all of us not go in? I went back to my old...
 
Tags: time, uncivil time, black hat, mitchell, east coast time, mitchell walk, mitchell ashley, pure, club pure
 
 
 
 
Expand article

Vulnerability Bazaar

2008-01-07 09:15:52 by Editor in IEEE Security and Privacy
 
The commoditization of bugs is a long-standing tradition in the software industry. It started when companies began offering a cash incentive for each critical bug a developer squashed. This practice of attaching intrinsic monetary value to bugs is the spiritual predecessor of the "pure" vulnerability markets that this article discusses
 
Tags: vulnerability markets, bugs, software industry, critical bug, intrinsic monetary, spiritual predecessor, cash incentive, article discusses, pure
 
 
 
 
Expand article

Windows Live OneCare has a Broken Light

The Article has images
2008-01-16 04:27:00 by Keith Brown in Security Briefs
...pure goodness What bothers me about OneCare is that, at least for me, the taskbar icon glows yellow all the time. At first, I'd always go look at the OneCare dashboard to see what was wrong, only to find that OneCare thought my computer needed updates. There's a button there that takes you to Windows Update, so naturally I'd click it to see...
 
Tags: onecare, windows, windows live onecare, contact onecare support, onecare dashboard, light, wrong, firewall, replacement firewall
 
 
 
 
Expand article

Top 10 Security Stories of 2007

2007-12-27 04:53:17 by Bill in Grumpy Security Guy
 
...pure play desktop scanner out there. They are clearly going insane, with there lame attempt to cash in on the virtualization craze . (I still laugh when I read that release.) It remains rather unclear where HP and IBM are going although it seems likely that SPI will end up part of Mercury and Watchfire will end up part of Rational. If the...
 
Tags: top, security stories, top security stories, business, russian business network, web application security, bad guys, pci, ibm acquires watchfire
 
 
 
 
Expand article

Are Microsoft's obits premature?

The Article has images
2008-02-14 13:26:10 by HASH0x8b3bd70 in StillSecure, After All These Years
...pure SaaS. But look at the chart to the left, that kind of revenue does not disappear It is natural to root for the underdog and we have been so used Microsoft being unbeatable, that Google appearing as the "great white hope is also natural. But are we know going to cast Microsoft as the underdog here? Have their fortunes sunk so low that we...
 
Tags: microsoft, microsoft live, cast microsoft, global community, increasingly global community, evil empires, child, saas, pure saas
 
 
 
 
Expand article

Got advertisement? Maybe you should shout your PCI compliance from the rooftops!

2007-11-30 14:57:00 by Manu Namboodiri in Data Protection, Management and Leakage
 
...pure and simple - and from sensitive information such as cardholder data. They are not here for the glory and peer recognition from other hackers, by breaking into a trophy account. In fact, if you advertise the fact you are PCI compliant, I think it will deter them from attacking you - you dont store swipe or card data anywhere (or the data...
 
Tags: data, card data, data safe, customer data, pci compliance, pci compliant, consumers care, consumers, cardholder data
 
 
 
 
Expand article

What is GRC vs. IT GRC - How does it help IT Security mature to the next level?

2008-02-04 13:27:00 by Ryan Shopp in practical risk management
 
AMR Research shows that total GRC spending approached $30B last year . The technology portion (e.g., software, hardware & integration services) of that spending is around a third of it (approximately $10B GRC is a very broadly defined space - very broad! To gain a better understanding and appreciation for that, here is a newly released map that...
 
Tags: grc, total grc, grc ecosystem, current, current maturity, security management investments, configuration policy management, securityworks play, security investments