SEARCH RESULTS
 
Showing 1-10 of 24 records
 
Expand article

Links for 2008-01-16 [del.icio.us]

2008-01-17 00:00:00 by Editor in Anton Chuvakin Blog -
 
...Rational Survivability: Security and Disruptive Innovation Part I: The Setup Storm, Nugache lead dangerous new botnet barrage This is the future of malware and it's not a pretty picture. What it is, is a nightmare: a new breed of malicious software developed, tested and sold by professionals and engineered to change on the fly, adapt to its...
 
Tags: security space saas, security space, security, disruptive innovation, information security risks, disruptive, rational survivability, security altogether, disruptive element
 
 
 
 
Expand article

Links for 2007-12-20 [del.icio.us]

2007-12-21 00:00:00 by Editor in Anton Chuvakin Blog -
 
...Rational Survivability: The Seesaw CISO...Changing Places But Similar Faces... 've talked about the fact that "security" should be a business function and not a technical one and quite frankly what Dennis is hearing has been a trend on the uptick for the last 3-4 years as "information security" becomes less relevant and managing ris Data And...
 
Tags: security, security investments, application security, information security, application, users data, data, data protection, security growth
 
 
 
 
Expand article

Links for 2008-01-09 [del.icio.us]

2008-01-10 00:00:00 by Editor in Anton Chuvakin Blog -
 
...Rational Survivability: Are Virtualization Laws That Are Immutable, Disputable If you thought 'Security '07' was hairy, just wait | Tech News on ZDNet Three predictions for identity management in 2008 - Network World EventSource Newsletters - Jan 08 The secret to effective log management is to gather ALL of the data. The aspects of LM that...
 
Tags: security, security predictions, log management, effective log management, data, data collection, predictions, security warrior, anton chuvakin blog
 
 
 
 
Expand article

Links for 2008-01-25 [del.icio.us]

2008-01-26 00:00:00 by Editor in Anton Chuvakin Blog -
 
...Rational Survivability: Pushing Reset On the IT vs. SCADA Security Debate Schneier on Security: Hacking Power Networks Vmyths on SCADA - SANS director confirms the CIA confirmed ... absolutely nothing Majority of VISA Merchants are Compliant as of Jan. 22, 2008 Payment Card Security & IT Controls Explained Targeted Trojan Attacks EETimes.com...
 
Tags: security, payment card security, scada, scada security, sets practical guidelines, sans director confirms, intel rosi paper, silent rampage wipes, apple hack news
 
 
 
 
Expand article

Benevolent Worms

2008-02-19 06:57:11 by schneier in Schneier on Security
 
...rational network administrator, regardless of intent A good software distribution mechanism has the following characteristics People can choose the options they want Installation is adapted to the host it's running on It's easy to stop an installation in progress, or uninstall the software It's easy to know what has been installed where A...
 
Tags: software worms spread, worms, software, bad software distribution, worm, successful worm, beneficial worms, software distribution mechanism, worm quieter
 
 
 
 
Expand article

Overcoming Bias: The Affect Heuristic

2008-01-03 21:32:58 by Chris Wysopal in Zero in a bit
 
...rational and dont understand statistics People believe that benefit and risk are intertwined. They think a highly beneficial thing is also a less risky thing even though you can have low risk and high risk things, both with great benefits. People also dont know how to calculate risk in percentages. Absolute numbers seem to resonate. Security...
 
Tags: simply people, low risk, people, risk, affect heuristic, highly beneficial, highly, security measurement, security metrics
 
 
 
 
Expand article

Top 10 Security Stories of 2007

2007-12-27 04:53:17 by Bill in Grumpy Security Guy
 
...Rational. If the products remain as standalone offerings though is unclear 4. Full Disclosure Dies - 2007 will go down as the year full disclosure died. Crappy treatment from vendors and now web site owners has driven the good guys out and the only people left are the bad guys that are in it for the money. Which leads to 3. Russian Business...
 
Tags: top, security stories, top security stories, business, russian business network, web application security, bad guys, pci, ibm acquires watchfire
 
 
 
 
Expand article

2008 - The Year of IT Risk Management?

2008-01-04 13:23:00 by Ryan Shopp in practical risk management
 
...Rational Survivability snip Compliance stops being a dirty word & Risk Management moves beyond buzzword Today we typically see the role of information security described as blocking and tackling; focused on managing threats and vulnerabilities balanced against the need to be "compliant" to some arbitrary set of internal and external...
 
Tags: risk management, risk management moves, risk, risk management strategy, accept risk management, management, risk assessment framework, security, information security
 
 
 
 
Expand article

SQL Server - Fact Checking Recent Vulnerability History

2008-03-05 22:53:36 by jrjones in Jeff Jones Security Blog
 
...Rational ClearQuest CVE-2007-4814. Disclosed in Sep-07, this is a vuln in client side control sqldmo.dll 2000.085.2004.00. I can't tell for sure, but this looks like a SQL 2000 component based upon the versioning Finally, I thought I'd check the Symantec-owned www.securityfocus.com web site and searched on their vulnerability search page A...
 
Tags: server, claim sql server, sql, sql server team, sql vulnerabilities, vulnerabilities, sql server, vulnerability, sql team
 
 
 
 
Expand article

Links for 2008-03-06 [del.icio.us]

2008-03-07 00:00:00 by Editor in Anton Chuvakin Blog -
 
PCI Compliance is not just a one off quick fix | Security Extra Rational Survivability: McGovern's "Ten Mistakes That CIOs Consistently Make That Weaken Enterprise Security 1 Raindrop: When Will We See Market Forces in Infosec