SecurityRatty: tag: ratings

How Secure is Secure?

2008-05-08 16:46:00 by sdl in The Security Development Lifecycle

...ratings. Prisons provide security protections as well. Prisoners reside in different facilities that vary by security level. The US Bureau of Prisons uses a numbered scale from one to six to represent the security level. Both of these examples are similar in that the threats and risks each of them must protect against are reasonably well...

Tags: security metrics, software security metrics, implementation vulnerabilities, potential implementation vulnerabilities, metrics, secure, software, discretionary security protection, security protection

Severity Rating Systems - Part 1

2007-11-02 21:32:42 by jrjones in Jeff Jones Security Blog

...ratings as determined by the National Institute of Standards (NIST) for the National Vulnerability Database (NVD) - found at http://nvd.nist.gov So, let me say that in my opinion, some of the concerns raised by Red Hat have merit and mirror some of the issues I've raised myself On the other hand, the Red Hat motivation seems to be to impugn...

Tags: red hat, red hat motivation, impugn vulnerability comparisons, posts, follow-up posts, national vulnerability database, low severity ratings, systems, nist

Heroes, the (Fall TV) Legacy

2007-09-25 00:00:26 by jrjones in Jeff Jones Security Blog

...ratings, what does it mean? You can bet that TV executives will come up with shows in the same genre, shows that are similar, shows that try to change very part of the show to keep it similar, but make it just different enough to attract other viewers... how else to explain the thousands of reality shows that bombard us So the legacy of...

Tags: heroes, heroes success, legacy, detective, undead detective mick, touch, nbc, time, touch sends

Got Sopranos? Yet another thing I did not know as much about

2007-11-26 20:55:00 by Manu Namboodiri in Data Protection, Management and Leakage

...ratings on the trustworthiness of the seller! There is every reason to believe that terrorist organizations are using these methods to finance their nefarious goals The point to note here is this : there is a lot of money at stake. This makes cardholder data a target in this illegal and very organized crime business. For companies handling...

Tags: cardholder data, crime business, crime, card swipe data, recent trip, visa gold, breaches, nefarious goals, arms dealers

Users continue to ignore security policies, while security organizations are overlooking non-technical controls

2007-12-13 12:37:00 by Ryan Shopp in practical risk management

...ratings then controls in the technical and operational categories... Organizations must realize that a large proportion of information security problems extend far beyond technology and learn to appreciate the role that less technical controls, such as policy development, play in minimizing security breaches' impact on mission-critical...

Tags: non-technical controls, technical controls, security, controls, aka non-technical controls, non-technical, quality, quality security controls, technical

Q1 2008 - Client OS Vulnerability Scorecard

2008-05-14 23:04:00 by jrjones in Jeff Jones Security Blog

...ratings Download the attached paper for full details Share this post

Tags: severity vulnerabilities, vulnerabilities, microsoft windows vista, mac, apple mac, microsoft windows, users, windows vista users, client

Windows Vista vs Windows XP SP2 Vulnerability Report 2007

2008-05-14 22:50:00 by jrjones in Jeff Jones Security Blog

...ratings Download the short paper attached to this post for full details Share this post

Tags: windows vista, microsoft windows vista, microsoft windows, windows, sp2, vulnerabilities, fewer vulnerabilities, short paper, vulnerability report

Can Moodys solve your third party assessment problem?

2008-05-28 12:36:33 by Khalid Kark in Security & Risk Management

...ratings service. The main objective of this service is to reduce the overall burden of conducting risk assessments for organizations, as well as their service providers. The whole idea being that if Moodys can do a risk assessment on behalf of multiple subscribers, it can make the assessment process a lot more efficient. The service provider...

Tags: service provider environment, service, ratings service, vir service, service providers, service provider, assessment, service provider stays, moodys

McAfee's Site Advisor Blocking n.runs AG - "for starters"

2008-08-04 09:42:49 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge

...ratings There are even more surprising false positives, such as, Hack in the Box security conference, Defcon.org, Zone-H France, Invisiblethings.org, AME Info - Middle East business and financial news and more milw0rm.com hackinthebox.org defcon.org hitb.org invisiblethings.org zone-h.fr ussrback.com ameinfo.com Take for instance the...

Tags: site, site advisor, org due, org, dangerous site, specific site, malicious, harmful sites, sites

Your name:
Your email:
Describe a problem:
AntiSPAM Validation:

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo