SEARCH RESULTS
 
Showing 1-10 of 98 records
 
Expand article

Thumbscrew: Software USB Write Blocker

2007-10-17 01:25:03 by Editor in Irongeek's Security Site
 
New Script: Thumbscrew: Software USB Write Blocker Thumbscrew is my attempt at a poor man's USB write blocker. When used, it allows you to quickly enable or disable writing to all USB mass storage devices on your Windows system. It may be of use to some of you who are studying forensics
 
Tags: usb, software usb, thumbscrew, blocker, quickly enable, windows system, script, forensics, attempt
 
 
 
 
Expand article

Write-Once Read-Many Memory Cards

2008-07-28 05:04:22 by schneier in Schneier on Security
 
SanDisk has introduced Write-Once Read-Many Memory (WORM) cards for forensic applications
 
Tags: write-once read-many memory, forensic applications, cards, sandisk, worm
 
 
 
 
Expand article

Fuzz Testing at Microsoft and the Triage Process

2007-09-20 18:52:00 by sdl in The Security Development Lifecycle
 
Scott Lambert here. I work on the Security Engineering Tools team where we're responsible for researching, developing and publishing tools to internal product and service teams. These include fuzzing, binary analysis and attack surface analysis tools Previously, James Whittaker posted a blog entry on Testing in the SDL in which he mentioned that...
 
Tags: chance exceptions, exceptions, exception handler, exception, divide-by-zero exception, exception code, triage process, process, first-chance exceptions
 
 
 
 
Expand article

Security Between Virtual Machines?

The Article has images
2008-06-22 15:30:57 by John Peterson in Security In The Virtual World
Is there security needed between virtual machines? Some say no, some say yes. I've been out talking to a number of virtualization users and non users on this topic and I'm finding that some say no and some say yes. The users of virtualization technology tend to say yes while others looking at virtualization from the outside tend to say no. Why...
 
Tags: web, web page, web site sends, server, file server, database backend server, web front, vulnerable web site, database server
 
 
 
 
Expand article

Security Between Virtual Machines?

The Article has images
2008-06-22 15:30:57 by John Peterson in Security In The Virtual World
Is there security needed between virtual machines? Some say no, some say yes. I've been out talking to a number of virtualization users and non users on this topic and I'm finding that some say no and some say yes. The users of virtualization technology tend to say yes while others looking at virtualization from the outside tend to say no. Why...
 
Tags: web, web page, web site sends, server, file server, database backend server, web front, vulnerable web site, database server
 
 
 
 
Expand article

Golf Driven Security

2008-08-26 17:00:50 by Gunnar Peterson in 1 Raindrop
 
I don't have anything against the sport, in fact I think that if the software security people want to get in the enterprise security game they have to get a lot better at golf. I blogged about how the network security sector is about fifteen times larger than software security sector, prompting one person to write saying that we have invested...
 
Tags: software security, software security sector, software security people, network security sector, network security, people, golf, internal processes, reason attempt
 
 
 
 
Expand article

(ISC)2s Newest Cash Cow: The CSSLP Certification

The Article has images
2008-09-29 15:08:38 by Chris Eng in Zero in a bit
Earlier this week, during the OWASP AppSec 2008 Conference , the people behind the ubiquitous CISSP certification announced their latest creation the Certified Software Security Lifecycle Professional (CSSLP). In front of a captive audience waiting for a 42 plasma TV to be raffled, the Executive Director of (ISC)2 outlined this new certification...
 
Tags: csslp, csslp experience assessment, experience assessment, certification, experience, isc, personal experience, ubiquitous cissp certification, cissp
 
 
 
 
Expand article

Systems programmers help people

2007-02-13 13:49:52 by Liudvikas Bukys in Liudvikas Bukys
 
Way back in the 1970s, I attended a banquet at RIT , for incoming or prospective students. My assigned seat placed me next to another intended Computer Science major I had cut my teeth in high school on some Basic programming (on a Xerox Sigma mainframe and a Wang 2200B), then self-taught myself APL and IBM/360 assembly language (paying for...
 
Tags: application programs, programs, system programmers, system, assembly language programs, people, major, computer science major, ibm360 assembly language
 
 
 
 
Expand article

Hackers get busted

2007-11-30 11:08:26 by Dan Cvrcek in Light Blue Touchpaper
 
There is an article on BBC News about how yet another hacker running a botnet got busted . When I read the sentence he is said to be very bright and very skilled , I started thinking. How did they find him? He clearly must have made some serious mistakes, what sort of mistakes? How can isolation influence someones behaviour, what is the...
 
Tags: hackers, procedures, reconstruct operational procedures, hacker themself, tools, mistakes, hacker, bright, bbc news
 
 
 
 
Expand article

Privacy Policies Best Practices

2008-03-28 08:19:18 by Jen Albornoz Mulligan in Security & Risk Management
 
Here at Forrester I get a number of questions about how companies should write their privacy policies and I wanted to share some of the top tips with you. You have probably come across some illegible privacy policies if you've ever stopped to read them. They are pages and pages long and finding the information you actually want is difficult if...
 
Tags: main privacy policy, privacy policy, policy, privacy policies, level policy, policy apply, apply, illegible privacy policies, potential customer