SecurityRatty: tag: security

Misconceptions about outsourcing security

2007-12-13 14:05:54 by Khalid Kark in Security & Risk Management

...security. Here are the most common ones that I come across Outsourcing security is cheaper than doing it internally. Cost is usually the one of the reasons business gets interested to outsource but Forrester has consistently found that for security managers cost is not the primary reason they want to outsource. and outsourcing may not always...

Tags: security processes, establish security processes, security, processes, security controls, security managers cost, cost, security operations, security services

Automating web application security testing

2007-07-16 11:40:00 by Panayiotis Mavrommatis in Google Online Security Blog

...Security Team Cross-site scripting (aka XSS) is the term used to describe a class of security vulnerabilities in web applications. An attacker can inject malicious scripts to perform unauthorized actions in the context of the victim's web session. Any web application that serves documents that include data from untrusted sources could be...

Tags: web application, application, input, input parameters, accepts user input, xss, xss vulnerabilities, security, security team check

Federal Information Security and Management Act -- Five Years On

2007-12-18 02:00:00 by Shannon Kellogg in Speaking of Security, the RSA Blog and Podcast

...security: the Federal Information Security and Management Act (FISMA) just completed its fifth year on the books as a federal law As the follow up to the Government Information Security Act of 2000, FISMA established an updated legal framework for federal information security, including baseline security standards for federal agencies. I...

Tags: federal information security, management act, fisma, baseline security standards, information security community, mixed bag, federal law, focus, legal framework

U.S. House Passes Resolution on Cyber Security

2007-10-19 00:00:00 by Shannon Kellogg in Speaking of Security, the RSA Blog and Podcast

...security continue to heat up in the wake of several high profile data security breaches in the public sector -- and with increasing concern about cyber vulnerabilities in our nation's critical infrastructures, the U.S. House of Representatives passed a resolution this week recognizing the importance of the issue. The resolution, H. RES. 716,...

Tags: resolution, strong bi-partisan support, cyber security continue, congressman jim langevin, cyber vulnerabilities, house, computer security, public sector, critical infrastructures

National Cyber Security Month Kicks Off at the National Press Club

2007-10-03 00:00:00 by Shannon Kellogg in Speaking of Security, the RSA Blog and Podcast

...Security Awareness Month. To kick off this year's campaign, the 2007 National Cyber Security Awareness Summit was held at the National Press Club in Washington, D.C. on October 1st Below, you will find a post from the Summit I was encouraged by the strong turnout at the inaugural National Cyber Security Awareness Summit, the 4th time that...

Tags: national press club, october, october 1st, month, strong turnout, 4th time, start time, half, held

Security is Everybody's Job

2007-09-18 00:00:00 by Jamie Barnett in Speaking of Security, the RSA Blog and Podcast

...security market was not long for this world. Some in the audience must have thought he was Looney Tunes, making a claim like that at a longtime venue dedicated to all things security. In my role driving integrated solutions of RSA technology and EMC products, I speak with security, IT, and storage professionals regularly to understand their...

Tags: security, standalone security market, job, information infrastructure products, storage professionals regularly, s-job, looney tunes, art coviello, emc products

Speaking of Security Podcast #73

2007-08-20 00:00:00 by Podcast Producers in Speaking of Security, the RSA Blog and Podcast

Click here to listen/download (08:06 Matt Buckley discusses the state of data security with Paul Stamp , Principal Analyst, Forrester Research. Paul is a leading expert on enterprise security technology, focusing on security architecture, and data security technologies, such as enterprise encryption

Tags: data security technologies, data security, paul stamp, enterprise security technology, matt buckley discusses, paul, forrester research, security architecture, principal analyst

Speaking of Security Podcast #67

2007-06-25 00:00:00 by Podcast Producers in Speaking of Security, the RSA Blog and Podcast

...Security Engineer with Accuvant and prolific security blogger: An Information Security Place and for Computerworld . He talks about how performing a security assessment is like a trip to the dentist, about how educational organizations deal with security, and what he thinks are the hot issues in security for the second half of 2007. Please...

Tags: security, security assessment, information security, prolific security blogger, security engineer, security podcast team, listener appreciation month, educational organizations deal, short survey

Speaking of Security Podcast #55

2007-03-26 00:00:00 by Podcast Producers in Speaking of Security, the RSA Blog and Podcast

...Security Practice Manager for MTM Technologies , a leading provider of innovative IT solutions and services based in Stamford, CT. Steve speaks with Paul Joyal about using SIEM (Security Information Event Managerment) to aggregate massive amounts of network and security data while improving visibility into networks for compliance reporting,...

Tags: security practice manager, steve dolnack, security data, steve speaks, mtm technologies, services based, massive amounts, security forensics, paul joyal

Dialogue with America's Cyber Security Czar at the RSA Conference

2007-02-14 00:00:00 by Shannon Kellogg in Speaking of Security, the RSA Blog and Podcast

...Security and Telecommunications at the U.S. Department of Homeland Security, was seen early and often at the RSA Conference last week. Given that the Conference is the largest industry-wide event on information security in the world, he had plenty of folks to listen to. And, listen, he did. From my perspective, it was especially gratifying to...

Tags: conference, rsa conference, cyber security, assistant secretary, industry-wide event, industry, homeland security, greg garcia, solid start

Your name:
Your email:
Describe a problem:
AntiSPAM Validation:

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo