SEARCH RESULTS
 
Showing 1-10 of 29 records
 
Expand article

Great tutorial on Information Security Program Metrics

2008-03-10 13:37:00 by Ryan Shopp in practical risk management
 
...slides called "Measuring Security Slide 15 nails what are the questions security programs should answer on the head How secure am I Am I better off than this time last year Am I spending the right amount of money How do I compare to my peers What risk transfer options do I have Slide 36 has a great quote on "Risk Management The essence of...
 
Tags: security, security workers, security standards, security staff, security team consultations, questions security programs, programs, percentage, data
 
 
 
 
Expand article

Are your digital devices Certified Pre-0wned?

2008-03-17 16:11:45 by Chris Wysopal in Zero in a bit
 
...slides for a presentation he just delivered on it. About 10 people passed it around and copied off the slides. It came back with a virus on it. And this was at a security conference
 
Tags: devices, malware, low volume malware, drive, tech devices, usb drive, previously unknown malware, digital picture frame, inexpensive digital devices
 
 
 
 
Expand article

How do you present your security proposition?

The Article has images
2008-04-04 21:18:18 by Editor in Security x.0
...slides is most likely to bore the audience to death So, why not make your presentation a bit more colourful? A bit more visual? More concise? As Antoine de Saint-Exupéry said Perfection is achieved not when you have nothing more to add, but when you have nothing left to take away So, is it possible or indeed necessary to communicate all...
 
Tags: security, web application security, security professionals, effectively security, presentation, presentation slides, visual, visual delivery style, security vendor
 
 
 
 
Expand article

SDL Threat Modeling: Past, Present and Future

The Article has images
2008-06-17 21:59:50 by sdl in The Security Development Lifecycle
...slides from the recent Layer One conference [link], where I talked about "SDL Threat Modeling: Past, Present and Future There are a few points that I wanted to emphasize. The first is that I'm talking about threat modeling from the perspective of the SDL. We have other threat modeling processes here at Microsoft, and we're working to bring...
 
Tags: sdl threat, sdl, threat, slides, lots, conference link, future, past, address
 
 
 
 
Expand article

We're so big and other marketing games

2008-06-27 10:41:01 by HASH0x8b0794c in StillSecure, After All These Years
 
...slides that find themselves into almost every deck you see. Whether it is for analysts as Andy says or for customers or partners, from the biggest to the smallest, companies seek to show how good they are by how big they are. Numbers of customers, nodes, sensors, yada, yada. Usually these "we're so big" slides are followed by the obligatory...
 
Tags: vendor revenue reports, vendor, revenue, people, machines andor people, analysts base, obligatory circular diagrams, andy jaquith, analysts
 
 
 
 
Expand article

Relay attacks on card payment: vulnerabilities and defences

2008-01-09 00:01:52 by Steven J. Murdoch in Light Blue Touchpaper
 
...slides (PDF 9.6M) | video (BitTorrent MPEG4, 106M The CCC is a great conference to attend and a good source of ideas for papers. There were many excellent talks , but here are a few I can particularly recommend (Im still working though the videos of talks I couldnt attend in person): Current events in Tor development Roger Dingledine gives...
 
Tags: dns, security, cellphone jammer dns, security michael steil, talks, henryk pltz describe, chaos communication congress, annie machon describes, arbitrary tcp streams
 
 
 
 
Expand article

Blue Box #76: Cisco, Skype and BT vulnerabilities, when SIP looks like SPIT, VoIP security threat predictions and the FBI forgets to pay their bills,

The Article has audio podcast
2008-02-14 18:37:50 by HASH0x8ba57a0 in Blue Box: The VoIP Security Podcast
 
...slides at ETSI event Voice of VOIPSA : How do you differentiate between legitimate SIP usage and SPIT ? pointing to Dans Internet-Draft document RFC 5039 on SIP and Spam Sipera news release on Top 5 VoIP Threat Predictions of 2008 coverage in The Register: 2008 the year VoIP gets hacked? and IT Business Edge: VoIP Security Still Falling...
 
Tags: voip, voip infringements, voip security professional, voip threat predictions, voip security news, voip security, voip security podcast, comments, sip
 
 
 
 
Expand article

Blue Box #76: Cisco, Skype and BT vulnerabilities, when SIP looks like SPIT, VoIP security threat predictions and the FBI forgets to pay their bills,

2008-02-14 19:37:49 by Dan York in Blue Box: The VoIP Security Podcast
 
...slides at ETSI event Voice of VOIPSA : How do you differentiate between legitimate SIP usage and SPIT ? pointing to Dan???s Internet-Draft document RFC 5039 on SIP and Spam Sipera ???news release on Top 5 VoIP Threat Predictions of 2008 ??? coverage in The Register: 2008 ??? the year VoIP gets hacked? and IT Business Edge: VoIP Security Still...
 
Tags: voip, voip infringements, voip security professional, voip threat predictions, voip security news, voip security, voip security podcast, comments, sip
 
 
 
 
Expand article

RFID tech turned into spy chips for clandestine surveillance

2008-03-20 00:00:00 by HASH0x8b62710 in Network World on Security
 
An employee looking to steal confidential information from his employer sneaks into what should be a secure back room after hours. He pulls charts and files from a top-level financial meeting and slides them into his briefcase before heading back out
 
Tags: pulls charts, top-level financial, employer sneaks, confidential information, hours, slides, files, secure, briefcase