SEARCH RESULTS
 
Showing 1-10 of 53 records
 
Expand article

NIST revises SP800-60 Volume 1: Go forth and classify

2008-08-15 08:33:00 by Russ McRee in HolisticInfoSec.org
 
...Volume 2 . The two-volume Special Publication 800-60 Revision 1, Guide for Mapping Types of Information and Information Systems to Security Categories, is a revision of guidelines published in 2004 Asset and data classification is the keystone to building proper protective schemes. Simply, if you don't know what you have, you can't apply the...
 
Tags: volume, information system, information, information systems, two-volume special publication, special publication, nist, federal agency audience, proper protective schemes
 
 
 
 
Expand article

IT Vendor VAR Relationships 101

2008-05-31 20:52:07 by JJ in Security Uncorked
 
...volume of their product sold and/or 2) technical expertise. Each Manufacturer is different, but they usually offer 2-4 tiers of partner programs depending on those 2 things, and each tier may have a different discount offered to the Reseller Commodity items may just require a Reseller to request to be in the Partner Program, and sign a couple...
 
Tags: manufacturer, manufacturer directly, manufacturer partners, specific, specific product line, manufacturer sales rep, reseller, manufacturer relationship, resellers relationship
 
 
 
 
Expand article

Price Discrimination in the Market for Stolen Credit Cards

The Article has images
2008-06-03 07:23:29 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...volume basis propositions - the more you buy the cheaper it gets Let's go through this proposition differentiating itself on the basis of the balance available on a per bank basis Bank Of America/Between 2k - 50k/400 WellsFargo/Between 4k - 40k/300 Chase Bank/Between 2k - 30k/250 Citibank/Between 9k - 70k/300 Wachovia/Between 2k - 18k/275...
 
Tags: price, price discrimination, volume basis, basis, market, average price, bank basis, volume basis propositions, credit card
 
 
 
 
Expand article

The Impact of Dans DNS Debacle on Internet Risk

2008-07-30 08:11:30 by Burton Group in Security and Risk Management Strategies Blog
 
...volume site to a legitimate low-volume site thereby overloading the servers on the low-volume site Because of the point-to-point (user-to-website) nature of the attack, to do something that constitutes taking over the entire web is infeasible by a longshot The bottom line analysis for the effect on risk due to a change in consequences from...
 
Tags: dns servers, servers, impact, dns, dns servers cache, risk impact revolves, major dns vendors, risk, major dns vulnerability
 
 
 
 
Expand article

When Will the Media Industry Embrace the BORA Principle?

2007-03-22 10:06:00 by Eric Marvets in The Security Samurai
 
...volume had tripled which cut fraud as a percentage nearly in half Credit cards went from being used for credit to being used for convenience (what they were originally designed for in the 1950s when the banking system was fractured). This was a massive shift in the financial industry. Comparing ones own experiences in the checkout line at a...
 
Tags: credit card, credit, credit card industry, credit card fraud, industry, media industry, cut fraud, fraud, credit cards
 
 
 
 
Expand article

Logging Poll #5 "Top Logging Challenges" Analysis

The Article has images
2008-02-08 11:06:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -
...volume we have is very popular as well (#4). This proves the point that I used to not take very seriously in the past (by mistake): when megabytes become gigabytes and those flow into terabytes, many things that used to trivial (e.g. moving logs from A to B, saving logs to disk, etc) become grand engineering challenges... Indeed, to manage...
 
Tags: enable log collection, log, log management, log analysis tools, collect logs, logs, log security, poll, log volume
 
 
 
 
Expand article

Some Burning Logging Questions - Answered!

2008-04-23 16:20:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -
 
...volume: underestimating log volume is common and pretty nasty related to the last one: vendors being "optimistic" about their tool scalability time synchronization (of course!), specifically, lack thereof Q2: For those companies that have successfully implemented enterprise-wide logging, what was their implementation approach A2: Typically,...
 
Tags: data, raw log data, logs compress, logs, analyze unknown logs, unknown, data retrieval commands, measure logs, log data
 
 
 
 
Expand article

Communicating about risk - part 1

The Article has images
2008-05-05 18:12:14 by JonesJ in RiskAnalys.is
...volume of sensitive consumer records, but that has little or no authentication or authorization control in place Now, if all we provided management was a qualitative Medium/Low risk statement or a quantitative statement that probable loss event frequency is roughly once every ten years with a probable loss magnitude of $500k , then we havent...
 
Tags: risk, effective, cost-effective risk management, fragile condition exists, condition, unstable condition, risk qualifiers, risk condition, risk chart perspective
 
 
 
 
Expand article

Security Through Visibility - Montego, Lancope and NetFlow

The Article has images
2008-07-30 21:57:06 by John Peterson in Security In The Virtual World
...volume at an unuseal time of day? If that were occuring, could that be indicative of either a breach or some sort of problem? What if FTP isn't even an authorized service in the virtual environment but there is a high volume of it? Did someone install a rouge FTP service so they could steal information from the server at will These types of...
 
Tags: network, network visibility, visibility, environments, virtual environments network, security, network bandwidth, bandwidth, virtual