SEARCH RESULTS
 
Showing 1-10 of 235 records
 
Expand article

What to watch for - the Rest of the Fortune 500 Gets Their Software Security

2008-09-18 15:06:51 by Gunnar Peterson in 1 Raindrop
 
...rest of the F500 can't or wont be able to, this means that for the software security vendors, they will need to take market share . Its not just competing against each other, its making the business case for software security over other types of security that have ossified technically but still command a rosy price, like *cough* network...
 
Tags: software security, security, government customer, government, government people, people, financial people, software security vendors, financial services people
 
 
 
 
Expand article

More on Fallacy #4

2008-05-16 13:04:06 by Gunnar Peterson in 1 Raindrop
 
...Rest and Distributed Computing Fallacies One of the objections I've had about REST for a while is that it appears to ignore Deutsch's fallacies of network computing 1. The network is reliable 2. Latency is zero 3. Bandwidth is infinite 4. The network is secure 5. Topology doesn't change 6. There is one administrator 7. Transport cost is zero...
 
Tags: secure service, service, rest, rest specifies, service firewall pattern, network, fallacies, secure, pretty solveable
 
 
 
 
Expand article

Another stolen Pennsylvania DPW computer, more victims

The Article has images
2007-12-12 15:10:53 by Evan Francen in The Breach Blog
...rest locations within the department, then there is another breach just waiting to happen. Encryption is a must and Password protection = momentary nuisance to a crook. This is the second such breach at DPW this year The department today has began mailing notification letters to all 86 individuals who could potentially be affected in order...
 
Tags: dpw computer, dpw, pennsylvania, pennsylvania dpw computers, dpw clients, pennsylvania department, sensitive personal information, personal information, department
 
 
 
 
Expand article

Web Services and XML Security Training at OWASP

2008-08-28 08:55:59 by Gunnar Peterson in 1 Raindrop
 
...Rest, Federation and other technologies. The class looks at how Web services applications are built, what are common threats and vulnerabilities in Web services, and how to build your Web services application to defend against them I have often said that OWASP conferences are my favorite ones because they are in depth technically and very...
 
Tags: security, soa security standards, security standards, soa security, soa, security critical environment, information security, information, application security principles
 
 
 
 
Expand article

Diminutive XSS Worm Contest Drama and Status Update

2008-01-06 17:34:38 by RSnake in ha.ckers.org web application security lab
 
...resting Ive had in running this site in a long time, not only from a technical perspective, but the ethical debate on whether I am sheer evil or contributing to the greater good rose its ugly head once again. This was in regards to the diminutive XSS worm contest . One of my favorites was where I was being compared to arming people with...
 
Tags: browser companies, browser, browser security arena, code, people visit, people, worm code, diminutive xss worm, xss worm
 
 
 
 
Expand article

Fear Is Unhealthy

2008-01-17 07:35:09 by schneier in Schneier on Security
 
...rest to receive diagnoses of new cardiovascular ailments After controlling for various factors (age, obesity, smoking, other ailments and stressful life events), the researchers found that the people who were acutely stressed after the 9/11 attacks and continued to worry about terrorism -- about 6 percent of the sample -- were at least three...
 
Tags: people terrorists kill, terrorists, terrorism, actual terrorism, kill, people, fear, million people, fearful people
 
 
 
 
Expand article

J.C. Penney customers affected by lost GE Money backup tape

The Article has images
2008-01-18 10:24:59 by Evan Francen in The Breach Blog
...rest (potentially among other things Commentary We originally reported this breach on the Breach Blog a few weeks ago based on information we gleaned from the New Hampshire State Attorney General. This new information helps to clarify some of the missing information. I am sure there will be more to come As I stated earlier in my comments, I...
 
Tags: penney, penney customers, tape, backup tape, money, sensitive personal information, personal information, penney card immediately, information security practices
 
 
 
 
Expand article

Lost Horizon Blue Cross Blue Shield of New Jersey laptop

The Article has images
2008-02-11 13:52:36 by Evan Francen in The Breach Blog
...rest on laptops and other mobile media. If the laptop were encrypted and there was no reason to believe that the key had been compromised, then there would be no effective breach of data confidentiality. For those companies that do encrypt data at rest, be sure that users are not writing passwords (keys) down with the laptop, i.e. Post-it...
 
Tags: horizon, horizon bcbsnj takes, horizon bcbsnj, data, medical data, jersey, remotely destroy data, bcbsnj, laptop
 
 
 
 
Expand article

The First Step on the Road to More Secure Software is admitting you have a Problem

2008-02-21 14:26:00 by sdl in The Security Development Lifecycle
 
...rest of senior management Our group swung into action and helped the rest of the company come up to speed on security issues The Microsoft development processes changed to adopt the SDL You improve security by focusing on security. Not by wishing on a star. Not by believing age-old myths about "given enough eyeballs.... blah blah." If the...
 
Tags: vulnerabilities, reduce security vulnerabilities, fewer security vulnerabilities, security vulnerabilities, source security bugs, bugs, major microsoft products, microsoft products, security