SecurityRatty: tag: visual

"Crawling" Toward SDL

2008-03-06 22:13:00 by sdl in The Security Development Lifecycle

...Visual Studio 2005 SP1. The SP1 piece of this is important because some of the important defenses I discuss below were first made available in that version. Lets look at some of the tools you can use to get crawling toward SDL today Detailed awareness of your architecture and its attack surface Threat Modeling Even if you are past the design...

Trusted path

2008-04-04 21:18:17 by Editor in Security x.0

...visual channel is the best way to go We believe that our visual cryptogram can provide a trusted path from a bank to the customer in the way which is both secure and simple for consumers We chose the visual channel for the following reasons The image can contain encrypted data Most end user terminals can display images: from ATMs to Train...

Tags: path, security, security protocol, strong security protocols, protocols, user, user terminals, common, attack vectors

How do you present your security proposition?

2008-04-04 21:18:18 by Editor in Security x.0

...visual delivery style, making great use of images to amplify delivered messages. Could this style improve the chances of communicating effectively security to business I am sure most will agree on which of the following presentation slides is most likely to bore the audience to death So, why not make your presentation a bit more colourful?...

Tags: security, web application security, security professionals, effectively security, presentation, presentation slides, visual, visual delivery style, security vendor

2FA is dead

2008-04-29 09:19:31 by Editor in Security x.0

...visual cryptograms . Cronto's visual signing products are designed to give strong security assurances, while being acceptable to customers. Unlike CAP, as transaction details are encoded in a visual cryptogram, the user does not have to re-enter them into the trusted device, increasing speed, reducing errors and mitigating security problems....

Tags: real bank site, bank site, browser, browser attacks, bank, bank details, browser attack, 2fa, transaction

A Review of Hakin9 IT Security Magazine

2008-05-26 05:12:53 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge

...Visual materials The surplus of visual materials is perhaps what won me as a reader from the first moment. In fact, the issues are so rich on visual material illustrating the topic covered in such details, that you can actually take entire sniffing, and javascript obfuscation sessions offline with you, and never ever have to picture the...

Tags: magazine, content, review, hardcode technical content, quality magazine, javascript obfuscation article, article, content quality, issue

Server Launch : Security Highlights

2008-02-27 14:12:54 by jrjones in Jeff Jones Security Blog

...Visual Studio 2008 and SQL Server 2008. Click on the image to learn more general information and participate in the virtual launch I want to briefly salute some of the security improvement represented by these products. This is not a comprehensive list, and I will certainly dig into some of these in more detail later, but it should give you a...

Tags: security, incredible security record, windows, windows vista, sql server, security source code, windows server, network access protection, network access

The most insecure banking/sales terminal

2008-07-14 13:27:20 by Editor in Security x.0

...visual transaction signing solution. Based on our unique Visual Cryptogram , the Cronto solution supports multiple end user options allowing the bank to choose what is right for their customers whilst maintaining consistency in their backend systems

Tags: address, address security, security, secure, security features, banks, banks agree, secure software, internet company

Recent Symantec and IBM vulnerabilities, giblets, banned APIs and the SDL

2008-01-04 23:37:00 by sdl in The Security Development Lifecycle

...Visual Studio C++ /GS flag) or exception handler defenses (such as the Microsoft Link /SAFESEH flag) - both of which are SDL requirements. I also assume that the code is not linked with No-Execute (/NXCOMPAT), which is also an SDL requirement. Summary Bugs are interesting, you can learn a lot from your own bugs, but also from the bugs in...

Tags: linker sdl requirements, sdl requirements, ibm, sdl, requirements, symantec, bugs affect ibm, bugs, sdl refers

Sexy Development Lifecycle

2008-01-30 01:37:00 by sdl in The Security Development Lifecycle

...Visual C++, or the ValidateRequest page directive in ASP.NET. These security features provide excellent defenses against stack overruns and cross-site scripting attacks (respectively), and the best part is that developers get them essentially for free. If we can automate enough SDL requirements this way, developers could spend more time...

Tags: developer security, developer security issues, security issues, developer, love developer cons, security, attend developer cons, developer cons, sdl

Your name:
Your email:
Describe a problem:
AntiSPAM Validation:

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo