SEARCH RESULTS
 
Showing 1-10 of 224 records
 
Expand article

Cross-Device-Type Log Management vs Device-Specific Log Management

2008-06-02 14:38:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -
 
...specific basis is a cruel joke . What I mean here is when you gather Windows logs in one place, Linux logs in another place, database logs in yet another place; all in different formats, all in different systems not connected to each others, all managed by different people who don't talk to each other (and sometimes hate each other). Yuck!...
 
Tags: logs, pci relevant logs, log management, database logs, logs remain, gather windows logs, device-specific log management, server logs, type
 
 
 
 
Expand article

Overriding the timeout interval on specific terminals

2008-05-16 12:40:17 by Carol Woodbury in WhatIs: Enterprise IT tips and expert advice
 
If you've set your AS/400 job time-out interval to a short period for security purposes, but find it's too short for specific terminals, you need to write a program or get vendor software to do this for you says expert, Carol Woodbury
 
Tags: specific terminals, short, short period, vendor software, security purposes, carol woodbury, program, expert, set
 
 
 
 
Expand article

More trustworthy election systems via SDL?

2008-02-04 23:34:00 by sdl in The Security Development Lifecycle
 
...specific vendor, but rather am trying to illustrate examples of areas where application of the SDL could help contribute towards societys need for trustworthy computing in a very visible and important application Lets start with the Source Code Review of the Sequoia Voting System . Two examples from the executive summary are interesting...
 
Tags: machine security concerns, security concerns, election systems, election, security, security researchers, election systems margin, margin, election management system
 
 
 
 
Expand article

The STRIDE per Element Chart

2007-10-29 23:06:46 by sdl in The Security Development Lifecycle
 
...Specific Elements Another thing you might note is that the STRIDE chart is sorta vague. A process could be an exe, a .NET assembly, or an a.out executable running on Unix v7. Each of those will be vulnerable to different instantiations of threats. Your exe or a.out will be vulnerable to simple stack smashing overflows, but the .NET assembly...
 
Tags: element chart, chart, stride, specific, specific threats, cve data, data, stride chart, threats
 
 
 
 
Expand article

Can I just comment out these lines of code?

2008-05-23 10:53:20 by Burton Group in Security and Risk Management Strategies Blog
 
...specific code, which was generating error messages in a certain software quality assurance tool , happened to be a critical part of the random number generator in a cryptographic library package . By removing this code, the strength of the cryptographic key material was reduced to a point where cracking the key would take minutes instead of...
 
Tags: process purportedly, process, fix specific process, software development process, commercial development process, code, low-assurance process, development, specific
 
 
 
 
Expand article

Can I just comment out these lines of code?

2008-05-23 10:53:20 by Burton Group in Security and Risk Management Strategies Blog
 
...specific code, which was generating error messages in a certain software quality assurance tool , happened to be a critical part of the random number generator in a cryptographic library package . By removing this code, the strength of the cryptographic key material was reduced to a point where cracking the key would take minutes instead of...
 
Tags: process purportedly, process, fix specific process, software development process, commercial development process, code, low-assurance process, development, specific
 
 
 
 
Expand article

Loving customers frustrate security firms too

2008-06-13 19:45:37 by HASH0x8bfd9e8 in StillSecure, After All These Years
 
...specific examples of how security vendors just don't "show the love" to customers and prospective customers, with the result being lost business. Roger highlights three examples 1. Making renewals a manual process with those annoying phone trees . I agree, when I hear the press 1 for this and press 2 for this, my blood starts to boil. There...
 
Tags: security, security firms, customers, product, product sits, favorite product, prospective customers, software vendor, vendor
 
 
 
 
Expand article

Iowa DNR loses personal information on 7,000

The Article has images
2007-12-19 14:22:00 by Evan Francen in The Breach Blog
...specific Evan] A non-specific policy is doomed to fail as is the entire program built around it The department was already reviewing its security policies when the Salem incident happened and probably will ban the use of flash drives in similar situations, he said Evan] Probably? If the Iowa DNR decides not to ban them, I hope they at least...
 
Tags: iowa dnr, iowa, iowa dnr decides, iowa dnr lost, iowa department, dnr, computer flash drive, drive, information
 
 
 
 
Expand article

Localizing Cybercrime - Cultural Diversity on Demand

The Article has images
2008-02-21 17:06:11 by HASH0x8b1e62c in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...specific users only, would improve its authenticity. For instance, Ive come across harvested emails for sale segmented not only on cities in the country involved, but on specific industries as well, that could prove invaluable to a malicious attack, given todays growth in more targeted attacks, compared to mass ones It's been happening ever...
 
Tags: future, future malware trend, trend, malware, malware authors, demand, russian malware, services, demand translation services