SecurityRatty: tag: quality

In my world, quality implies security

2008-09-26 04:46:52 by Scott in Scott Wright's Security Views

If it isnt secure, then it doesnt work as intended; and if it doesnt work as intended, then it has a quality problem. Therefore, your service or product must have great security in it before you can say it has good quality. Consider the following aspects of quality that you might be familiar with: Usability Performance Scalability Reliability...

Tags: quality, security, imagine, secure, product, familiar, aspects, service

Quality and Assurance in Malware Attacks

2008-04-02 11:49:20 by HASH0x8b57b3c in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge

...quality of the crypting service by the authors themselves while advertising their malware or crypting services. And when a popular piece of malware known as Shark introduced a built-in VirusTotal submission to verify the low detecting rate of the newly generated server, something really had to change - like it did At the beginning of 2008,...

Tags: malware authors start, malware authors, malware, authors, services, malware services, start, malware product, malware campaign

Poor security quality in software. Someone is watching over me.

2008-07-30 14:51:49 by Chris Wysopal in Zero in a bit

...quality part of the requirements of the project and they say no. Then I ask them what evidence does the offshore developer provide to demonstrate they have a certain level of security quality in the software they are producing and they tell me they have never asked I can tell you what would happen if they did ask because I have also spoken...

Tags: software, approach insecure software, insecure software, repeatable software security, secure online environment, environment, secure, secure software, software assurance

Poor Security Quality In Software; Someone Is Watching Over Me

2008-07-30 14:51:49 by Chris Wysopal in Zero in a bit

...quality part of the requirements of the project and they say no. Then I ask them what evidence does the offshore developer provide to demonstrate they have a certain level of security quality in the software they are producing and they tell me they have never asked I can tell you what would happen if they did ask because I have also spoken...

Tags: software, approach insecure software, insecure software, repeatable software security, secure online environment, environment, secure, secure software, software assurance

New Unit of Reviewed Code Quality

2008-02-05 16:14:53 by Chris Wysopal in Zero in a bit

Now I can finally tell my non-technical friends and family what Veracode does. We offer a globally accessible, on-demand automated version of WTF reporting. However since our technology is automated we report quality in kiloWTF/sec

Tags: non-technical friends, report quality, on-demand, version, offer, veracode, kilowtfsec, wtf, technology

The role of control depth in assessment quality

2007-09-12 12:17:00 by Bryan in practical risk management

...quality of the control and whether it had actual value If you want to check boxes, surface audits are fine. But if you want to understand your true security exposure, you have to dig deeper. It's not enough to ask whether regular backups are taken and stored offsite. You have to ask how often. You have to ask where the tapes are stored...

Tags: audit, external sox audit, physical security, security audit, questions, pretty in-depth questions, dig deeper, control, surface

Maybe the NAC used car salesman can claim them as a customer too? In NAC quality counts!

2008-06-27 23:36:27 by HASH0x8b0a5c4 in StillSecure, After All These Years

...quality counts and buying a 2nd tier solution can cost you in time to implementation and total cost of ownership

Tags: nac, customer, nac solution, nac solutions, nac tools, nac setup, initial nac deployments, nac playbook, nac companies

The Economics of Finding and Fixing Vulnerabilities in Distributed Systems

2008-11-18 22:47:55 by Gunnar Peterson in 1 Raindrop

...Quality of Protection Keynote Alexandria, VA October 27. 2008 Gunnar Peterson Managing Principal, Arctec Group Blog: http://1raindrop.typepad.com When Andy Ozment asked me over the summer to do this talk at QoP, I knew back in August that the topic I wanted to address was security and economics. So to that end I would like to start by...

Tags: information security, information, information security spends, safety information security, versus information security, information security budgets, information security budget, software security, software security space

About the SDL Pro Network

2008-09-19 03:12:00 by sdl in The Security Development Lifecycle

...quality, and manageability of the SDL Pro Network pilot. We have all seen instances where individuals or consulting organizations have represented themselves to the IT community as having security expertise when in reality the "experts for hire" were simply reading a page or two ahead of the customer in whatever security tome was "in vogue"...

Tags: sdl, sdl pro network, sdl implementation, network, sdl delivery, sdl optimization model, quality, partner quality, security

Your name:
Your email:
Describe a problem:
AntiSPAM Validation:

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo