SEARCH RESULTS
 
Showing 1-10 of 347 records
 
Expand article

Common Criteria and answering the question 'Is it Safe'

2007-12-20 16:57:00 by sdl in The Security Development Lifecycle
 
...questions that may come up is Is it Safe? (Apologies for the lame and over-used Marathon Man movie reference ) . I choose this imprecise reference to safe since most people dont think deeply about what it means beyond I dont want bad things to happen to me or people/property/data I care about. In terms of software security, all of the...
 
Tags: criteria, fails, common criteria fails, common criteria, common criteria arguably, common, arguably, arguably deficient, security
 
 
 
 
Expand article

A question of trust and identity

2008-06-10 00:00:00 by Andreas M. Antonopoulos in Network World on Security
 
What is the right balance between security and privacy? This is a common starting point in many policy discussions, especially in government. Its a trick question because it presets the conversation as a balancing act between two values as if they are antithetical they are not. In practical terms, privacy is security
 
Tags: policy discussions, practical terms, security, privacy, trick question, government, antithetical, values, common
 
 
 
 
Expand article

A Question of Integrity: To MD5 or Not to MD5

2008-06-25 19:50:57 by Craig Balding in Cloud Security
 
...questions are asked as to whether the corruption caused by the loadbalancer was affecting both incoming and outgoing traffic. The conclusion was yes. If you are hosting media on S3, and the browser is using partial GET requests (to download in chunks) then the corruption will not be automatically detectable If your business relies on Cloud...
 
Tags: amazon prior, amazon, aws, aws status page, md5, load balancer, single load balancer, status, data
 
 
 
 
Expand article

FaxBox: the latest in password scams

2008-01-07 18:09:34 by Steve Riley in Steve Riley on Security
 
...Question It [mailto:question it@fanboxapps.com Sent: Monday, January 07, 2008 2:34 To: Steve Riley Subject: Ratul has asked you a question on FanBox Ratul asked you a question. View the question and answer it FanBox.com is the web-based desktop that instantly turns every computer into your computer. It includes over 10,000 web applications...
 
Tags: email, question itfanboxapps, email address, question, fanbox, junk email folder, faxbox, ratul, named ratul
 
 
 
 
Expand article

Fun TLR Log Management Questions

2008-03-14 12:04:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -
 
...questions from the audience during our "Log Management Thought Leadership Roundtable Webcast" ( recording , some comments ). Since they would be useful to my readers, I am answering some of them here (questions are anonymous and slightly rewritten for clarity Q1: When you mention "forensics", are you speaking in term of legal forensic...
 
Tags: log, log ownership issues, log services, log messagessecond, log management, log management solution, management, log sources, incident response team
 
 
 
 
Expand article

Should We Treat Contractors The Same as Employees?

2008-03-26 13:47:43 by Alex in RiskAnalys.is
 
...QUESTION OF TRUST Youre probably already saying in your mind, that the level of trust we afford anyone on the magic-packet-carpet-ride we call a network or system should be a direct inverse correlation to the Probable Impact a malicious actor would cause. More simply put, be more paranoid when there is more at stake. You would be correct,...
 
Tags: threat, threat communities, threat agent applies, threat agents, threat event results, threat community, employees, risk tolerance, risk
 
 
 
 
Expand article

What Are You Managing Towards? (And On Disproving Risk Management)

The Article has images
2008-06-03 14:41:11 by Alex in RiskAnalys.is
...question for you all. Its a question that, if I have a comfortable relationship with the organization I like to first ask the senior manager, and then subsequently ask the direct reports When you think about it, Sales & Marketing managers have goals they manage towards. CFOs have goals that they manage towards. COOs have goals and measurement...
 
Tags: management, risk management, term risk management, management focuses, management approach, risk management process, patch management, cost management, upper management
 
 
 
 
Expand article

Ask the Auditor: Who is Responsible for Information Security?

2007-12-29 06:24:50 by Editor in Security Links
 
...questions submitted by real readers. This week, certified internal auditor and certified information systems auditor Dan Swanson answers the question of who is responsible for information security By Dan Swanson A Reader Asks: Who is responsible for information security The Auditor Responds: In short, the board of directors, management (of...
 
Tags: information, information security, information policy, information security risks, information assurance, information security governance, information security managers, information security management, assign information security
 
 
 
 
Expand article

Larry Sutos Paper Drama

2008-01-02 14:53:30 by RSnake in ha.ckers.org web application security lab
 
...question would be which ones dont I use This is by no means an authoritative list of all the things I use in fact, Ive written a number of tools that I dont discuss, and its certainly not all the commercial scanners I have access to (most companies I deal with dont want me to discuss my relationship with them for whatever reason - fair...
 
Tags: paper, larry sutos paper, scanners, commercial scanners, test environment, environment, test, time, people
 
 
 
 
Expand article

Antivirus software -- who needs it?

2007-09-23 04:14:44 by Steve Riley in Steve Riley on Security