SecurityRatty: tag: repeatable

Corrupted Heap Termination Redux

2008-06-07 04:00:00 by sdl in The Security Development Lifecycle

...repeatable heap based attacks Another down side of not using the native Windows heap manager (or if you use your own sub-allocation mechanism) is you cannot take advantage of Windows leak-detection tools because you are not using the Windows heap in the way it's meant to be used, or you're not using the Windows heap at all With all this said,...

Tags: heap, free block list, block, handle, bogus heap handle, invalid, invalid heap, custom heap, block header

Fundamentalism in Risk & Security

2008-07-08 13:16:04 by Alex in RiskAnalys.is

...repeatable, consistent or logical. One thing Rob and I talked about at length yesterday was the ability to disprove a model using realistic but substitute or sanitized data. Theres gonna be a TON of work to be done here, and that work will take not years but careers. Which begs a great question Is it the sharing of data that we need, or the...

Tags: risk, share, share specific data, data, agree, probability issue, rob writes, rob, security

"Walking" with the SDL - Part 1

2008-07-18 16:55:00 by sdl in The Security Development Lifecycle

...repeatable, mostly reusable process that makes security a part of your development culture. To relate the analogy to SDL a bit more closely, think of crawling as the SD in SDL. For this post, well talk about walking or adding the L in SDL I will be covering quite a bit on this topic, so I intend to split it up in to a multi-part series over a...

Tags: development, secure development practices, development culture, security development practices, sdl, security, security practices, perform security analysis, application security

Walking with the SDL Part 2

2008-07-21 16:56:00 by sdl in The Security Development Lifecycle

...repeatable, reusable process that makes security a part of your development culture. To relate the analogy to SDL a bit more closely, think of crawling as the SD in SDL. For this post, well continue to talk about walking or adding the L in SDL Lets jump into another component for adopting the Microsoft SDL to expand your own Security...

Tags: define security requirements, security requirements, requirements, security, security development lifecycle, development lifecycle, security pulse, perform security analysis, principles

Poor security quality in software. Someone is watching over me.

2008-07-30 14:51:49 by Chris Wysopal in Zero in a bit

...repeatable software security testing is an essential component of a safe and secure online environment. Without it we are stuck with the assumption of vendors perfoming software security as our imaginary security blanket that allows us to operate in the current online world

Tags: software, approach insecure software, insecure software, repeatable software security, secure online environment, environment, secure, secure software, software assurance

Poor Security Quality In Software; Someone Is Watching Over Me

2008-07-30 14:51:49 by Chris Wysopal in Zero in a bit

...repeatable software security testing is an essential component of a safe and secure online environment. Without it we are stuck with the assumption of vendors perfoming software security as our imaginary security blanket that allows us to operate in the current online world

Tags: software, approach insecure software, insecure software, repeatable software security, secure online environment, environment, secure, secure software, software assurance

IBM Raises The Stakes In Business and IT Continuity Services

2008-08-22 15:38:40 by Stephanie Balaouras in Security & Risk Management

...repeatable, scalable, productize services such as online backup and virtual recovery. These types of services don't require massive capital investment in an inventory of heterogeneous server and storage platforms, instead the service provider can focus its efforts on building a scalable pool of virtualized servers and shared storage built...

Tags: services, recovery, recovery services, continuity services, service, ibm, service provider, service offerings, cost

Wee-Fi: Indian Terror over Wi-Fi; Fastest Wireless; Health Fears; Wi-Fi Tub; and More

2008-09-15 10:03:26 by Glennf in Wi-Fi Networking News

...repeatable, well-conducted, academic tests so far indicate that there's no such health hazard associated with EMF. The concerned folks are raising an alarm about Wi-Fi being broadcast island wide, but are not paying attention, obviously, to the AM/FM radio, satellite radio, cellular, cordless, and thousand other wireless uses that are...

Tags: wi-fi, wi-fi network owned, wireless, wi-fi position, network, skyhook wireless, broadcast island wide, island, dbi external antenna

A Cryptographer and a Data Communications Guy Talk About Risk Management

2008-10-16 15:32:16 by Alex in RiskAnalys.is

...repeatable process, our measurements and conclusions will magically become accurate and wise. Risk models tend to be factors loosely measured by ordinal scales and then somehow multiplied together to create a relatively meaningless qualitative value. The State of the Union here is not good. But after reading such a superficial treatment of an...

Tags: risk management, management, risk, engineer risk management, methodologies, risk assessment methodologies, risk models, risk analysts, models

Your name:
Your email:
Describe a problem:
AntiSPAM Validation:

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo