SecurityRatty: tag: jeff

The First Step on the Road to More Secure Software is admitting you have a Problem

2008-02-21 14:26:00 by sdl in The Security Development Lifecycle

...Jeff Jones performs in-depth security vulnerability analysis and reports his findings , not because of the content of his findings, but because of the incredible arm-chair commentary that follows Jeff and I have seen and heard it all This is FUD Yeah, but it's not an apples to apples comparison How can you believe this guy? He works for...

Tags: vulnerabilities, reduce security vulnerabilities, fewer security vulnerabilities, security vulnerabilities, source security bugs, bugs, major microsoft products, microsoft products, security

Countdown to RSA Conference 2008

2008-04-01 18:54:03 by jrjones in Jeff Jones Security Blog

...Jeff Williams Principal Group Manager Microsoft Malware Protection Center Jeff and four other Industry Experts will discuss Spyware in 2008, victims, the industry and how it is evolving FYI, Jeff is a colleague and co-contributor on the Microsoft Security Intelligence Report, so go ask him some hard questions and tell him I sent you Check...

Tags: rsa, rsa conference, rsa activities, conference, rsa central page, microsoft, microsoft rsa, microsoft people, led microsoft

Exploiting the War on Photography

2008-07-10 06:54:31 by schneier in Schneier on Security

...Jeff saw some interesting looking produce and pulled out his Canon G-9 Point-and-Shoot and took a few pictures. Within a few minutes a man came up dressed in plain clothes, flashed a badge, and told him he couldn't take photos in the store. My brother said "no problem" (after all, it's a private store, right?), but then the guy demanded my...

Tags: guy, guy simply, official store security, store, brother, jeff feels, jeff, canon g-9 point-and-shoot, photography

CEP is Not BPM, BAM, BRE, BRMS or SOA

2008-08-27 13:37:25 by Tim Bass in The Complex Event Processing Blog

...Jeff, it is not only Aleri but others, who continually misdefine business process management (BPM) as CEP Jeff usesthe example, Smart Order Routing as an example of taking an event and routing the resulting market order match based on some simple rules. Routing a order kicked off by a simple order match against a deep liquidity pool (or other...

Tags: cep, cep blog, current cep products, cep glossary, bpm, real cep capabilities, cep application, potential fraud, fraud

Microsoft Security Elves

2007-12-18 00:00:32 by jrjones in Jeff Jones Security Blog

...Jeff Jones), Michael Howard , Vinny Gullotto and Mike Reavey . Here is a snapshot from the video - you can also click on this picture to see the whole thing Best wishes during this Holiday Season Jeff Share this post

Tags: holiday season, jeff jones, jeff, security improvement, michael howard, vinny gullotto, video, mike reavey, interaction

The First Rule of Programming: It's Always Your Fault

2008-03-23 10:36:58 by Stuart King in Stuart King's Security and Risk Management Blog

...Jeff Atwood entitled "The First Rule of Programming: It's Always Your Fault." Statistically, you understand, it is incredibly rare for any bugs or errors in your software not to be your fault. Programmers have a tendency to become very defensive about their work. Recently, when being asked to discuss how his code was working, a programmer in...

Tags: code, debug code, fault, guilty code, software security presentations, software, project code, days, secure software

OWASP Twin Cities Mini-Conference

2008-10-17 19:58:13 by Gunnar Peterson in 1 Raindrop

...Jeff WIlliams , RIchard Stallman and a number of others. Brian and Jeff are both very engaging presenters. I am curious to hear what Stallman says, I am not sure I have heard of him being associated with OWASP or security work in general before, and I have read any number of his comments that seem to directly oppose security mechanisms. In...

Tags: owasp, successful owasp leaders, owasp leaders, owasp mini-conference, kuai, chapter, kuai hinojosa, local owasp conferences, minnesota chapter

Severity Rating Systems - Part 1

2007-11-02 21:32:42 by jrjones in Jeff Jones Security Blog

Read the full Part 1 on CSOonline Recently, Red Hat has raised some objections to my use in analysis of the High, Medium and Low severity ratings as determined by the National Institute of Standards (NIST) for the National Vulnerability Database (NVD) - found at http://nvd.nist.gov So, let me say that in my opinion, some of the concerns raised...

Tags: red hat, red hat motivation, impugn vulnerability comparisons, posts, follow-up posts, national vulnerability database, low severity ratings, systems, nist

Microsoft Security Intelligence Report - 1st Half 2007

2007-10-23 16:35:43 by jrjones in Jeff Jones Security Blog

The third volume of the Microsoft Security Intelligence Report (SIR) is now available for download at: www.microsoft.com/sir - this link will take you to a summary portal that has links to the downloadable document, upcoming webcasts about the SIR results, and so on As one of the primary authors for the vulnerability trends information, I will...

Tags: total vulnerabilities, vulnerabilities, report, severity vulnerabilities continue, software vulnerabilities, malicious software, sir results, software, results

Your name:
Your email:
Describe a problem:
AntiSPAM Validation:

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo