SEARCH RESULTS
 
Showing 1-10 of 43 records
 
Expand article

Real Artists Ship

2008-09-03 11:23:08 by Gunnar Peterson in 1 Raindrop
 
...ship code.A lot of the success in software security is predicated by who you choose to partner with, it is more effective and easier to add security into a functional development group that ships code
 
Tags: tata, tata workers, tata motors, security, india, india mulls, information security, functional development, software security
 
 
 
 
Expand article

The STRIDE per Element Chart

2007-10-29 23:06:46 by sdl in The Security Development Lifecycle
 
...ship updates. Thats tremendously important, so Ill repeat it. They were looking for classes of things that would cause us to ship an update. If we wouldnt update for it, it doesnt exist in the chart. Thats not to say it doesnt exist. If theres an elevation of privilege against an external entity, well, by definition, we cant fix it. Its...
 
Tags: element chart, chart, stride, specific, specific threats, cve data, data, stride chart, threats
 
 
 
 
Expand article

High-tech sits behind high-seas drama

2008-01-17 00:00:00 by Martyn Williams in Network World on Security
 
...ship in the Southern Ocean, images of the action quickly flashed on the world's TV sets, followed by photos from the Japanese ship after the protestors were taken into custody. Getting these images out is crucial if either side is to win the global PR battle, but doing so can be problematic when you're at sea, thousands of kilometers from the...
 
Tags: japanese ship, japanese, environmental protestors, ship, cell phone network, protestors, southern ocean, tv sets, action quickly
 
 
 
 
Expand article

NGO Security Scenario #18 - High Seas Horror

The Article has embedded video
2008-02-11 02:43:00 by NGO Security in NGO Security
 
...ship suddenly rolled, tipping an estimated 15 degrees on its side. 240 people were injured during the incident Here is a security video footage from the ship's casino as the incident took place. This was not a common occurrence and the force generated by the roll is apparent Review the last video and comment on human behavior...
 
Tags: video, security video footage, behavior, human behavior, crisis situation, similar behavior, ship, passengers, passengers react
 
 
 
 
Expand article

The Other Side of Life

2008-03-21 16:06:00 by sdl in The Security Development Lifecycle
 
...ship a product - but thats outside the scope of this blog. So instead, Ill try to describe three real experiences that illustrate things that shouldnt be controversial either, but arent usually covered under the rubric of security. They are crucial nonetheless Security is not the point , its the needs of the customer. Its easy to believe that...
 
Tags: team, product team, engineers, security engineers, security, balance security, security professional, test managers, test
 
 
 
 
Expand article

Oh No! Security Metrics!

2008-04-18 12:43:00 by sdl in The Security Development Lifecycle
 
...shipped it. We don't count vulnerabilities that don't affect customers, regardless of the vendor We hire some security researchers to be part of our teams executing the SDL because they're among the best and brightest at performing component design reviews, code reviews, black box testing and other security procedures needed to make our...
 
Tags: bugs, implementation bugs, fewer security bugs, fewer, security bugs include, security, metrics, security metrics, security bugs
 
 
 
 
Expand article

On CEP as a Discipline

2008-08-05 08:46:27 by Tim Bass in The Complex Event Processing Blog
 
...ship lands on the shore of a distant land and they call this new land CEP because they feel they have discovered a new land. Nevermind the big cities that already exist or the many people already in the fields of their new land. TheseCEP explorers are seemingly in some kind of modern day epic struggle to define themselves as discoverers or...
 
Tags: cep, move cep, land cep, multisensor data fusion, data, complex event, event, prior art, art
 
 
 
 
Expand article

XBOX 360 Dies Again

2007-08-26 21:57:00 by Eric Marvets in The Security Samurai
 
...ship it to them in, and then another 4 to 8 weeks for them to fix it and send it back I thought about it for a minute, and decided I rather buy a new one rather than sit around and wait on them for two months. First though, I looked around online for a fix and saw that quite a few people were having the same problem. Everyone had an opinion...
 
Tags: fan shroud, fan, rear fan, replacement talismoon fan, days ago, fix, days, xbox, gpu
 
 
 
 
Expand article

July 2007 - Operating System Vulnerability Scorecard

The Article has images
2007-08-16 22:47:26 by jrjones in Jeff Jones Security Blog
...shipping components of the products May - July 2007 Client and Server charts for all vulnerabilities for all shipping components of the products Year-to-date 2007 Client and Server charts for vulnerabilities for all shipping components of the non-Linux products reduced set of components for the Linux products May - July 2007 Client and Server...
 
Tags: server, linux server builds, server charts, charts, ytd charts, non-linux products, linux products, linux products comments, common server roles
 
 
 
 
Expand article

The Trouble with Threat Modeling

2007-09-26 19:11:00 by sdl in The Security Development Lifecycle
 
...ship, and Microsoft shipped code without threat models for a long time. The further something is from the process of building code, the less likely it is to be complete and up to date. That problem was made worse because there werent a lot of people who would say let me see the threat model for that. So there wasnt a lot of pressure to keep...
 
Tags: threat, threat models, threat model, reasons threat, service threat, term threat, threat effectively, playsound threat model, development process