SEARCH RESULTS
 
Showing 1-10 of 102 records
 
Expand article

Improve Security with "A Layer of Hurt"

2008-07-31 19:13:00 by sdl in The Security Development Lifecycle
 
...layer of code to an application to automatically mutate untrusted data as it comes into an application; I called that code layer "a layer of hurt Before I continue, I want to point out that fuzzing is an SDL requirement, but the idea in this blog post is not an SDL requirement, it's just another way to help meet SDL fuzzing requirements...
 
Tags: layer, code layer, code, decent code coverage, fuzz, void fuzz, ifdef fuzz, code examples, perform fuzz
 
 
 
 
Expand article

Cisco Acquires Securent - moving policy decisions to the network layer

2007-11-01 09:12:16 by Andras Cser in Security & Risk Management
 
...layer in the IAM space enters the market first with an Entitlement Management product. It is surprising, as only CA has an EM product today all other IAM vendors are still trying to build their own as the other serious competitors on the EM market, BEA ALES is not for sale as a startup. 2) Entitlement Management may be moving (along with to...
 
Tags: iam, iam vendors, network, entitlement management product, iam market, product, entitlement management, network operations, operations
 
 
 
 
Expand article

What is 802.1X? Here's a Technology Primer for You

2008-04-02 03:10:42 by JJ in Security Uncorked
 
...layer 1-type security to the edge. In a fully 802.1X-enabled environment, imagine every edge port is off, and completely inaccessible, until an authorized user attempts to connect through it. Its a great way to secure edge ports, as well as infrastructure connections. You can use 802.1X to authenticate your network devices to one another, or...
 
Tags: edge port, edge, edge ports, network access control, network access, wireless standard, standard, standard network traffic, network
 
 
 
 
Expand article

Layered Security: Solving the Cube

The Article has images
2008-05-04 01:06:31 by JJ in Security Uncorked
...layered security and defense in depth as strategies for securing the network. And, usually, were talking about these as good strategies. However, with more and more security stuff on the market, the layered security solutions are starting to lose some of their value Why? Well, the problem with layered security is that we tend to assume if...
 
Tags: security, email security, security products, security solutions, solution, solution does-, security fundamentals, security solution, basic security functions
 
 
 
 
Expand article

The Economics of Finding and Fixing Vulnerabilities in Distributed Systems

2008-11-18 22:47:55 by Gunnar Peterson in 1 Raindrop
 
...layers that kicked sand in their face in the dotcom era And its not just eCommerce, the "real" economy Fortune 500 types are all connected as well. Directly and indirectly the Web is seeping into all businesses. Major changes from when the security architecture of the web was built out. But has the security architecture changed to reflect...
 
Tags: information security, information, information security spends, safety information security, versus information security, information security budgets, information security budget, software security, software security space
 
 
 
 
Expand article

Verizon Business has a new report on data breaches

2008-06-12 20:21:39 by Chris Wysopal in Zero in a bit
 
...layer -39 OS/Platform layer - 23 Exploit known vulnerability -18 Exploit unknown vulnerability - 5 Use of back door -15 Attacks targeting applications, software, and services were by far the most common technique, representing 39 percent of all hacking activity leading to data compromise. This follows a trend in recent years of attacks moving...
 
Tags: data breaches, breaches, attacks, layer attacks, vulnerability counts, vulnerability, report, exploit unknown vulnerability, actual attacks
 
 
 
 
Expand article

Messaging and Event Processing

2008-07-13 09:02:47 by Tim Bass in The Complex Event Processing Blog
 
...layer is independent from the event processing layer, theoretically.Mostenterprise-class event processingsystem architectures will use a combination of both asynchronous and synchronous messaging To understand event processing I recommend you turn to network management and the practical use of Simple Network Management Protocol (SMNP) for a...
 
Tags: event, smtp event-object, event-object, cyber event-objects, snmp event-object, snmp, event bus, event-objects, event transport
 
 
 
 
Expand article

More on Why Routing is Not Complex Event Processing

2008-09-04 09:38:58 by Tim Bass in The Complex Event Processing Blog
 
...layers) arguethat rule-based message routing is CEP. I will argue thatrouting is not even close to CEP. Here is why Lets take a look at a router on the backbone of the global Internet.A backbone routerhas very sophisticated software developed over many decades. These routers run sophisticated, maturealgorithms to determine how to route...
 
Tags: complex, complex event, solve complex event, upwith cep, cep, event, cep defines, call routers cep, call
 
 
 
 
Expand article

Interop NY: Cloud Language: The Taxonomy of On-Demand Computing

2008-09-17 18:25:32 by Valerie Barber in ScienceLogic
 
...layers into a smaller bucket Andreessens Platforms - September 2007 Provided an early taxonomy model for emerging cloud platforms Platform being a system that can be programmed Access API - platform that provides web service endpoints Plug-In API - platform invokes your code, that you have deployed remotely Runtime Environment - your code...
 
Tags: cloud, cloud applications, croll cloud stack, cloud infrastructure, platforms process space, space, cloud space, cloud platforms, cloud services