SEARCH RESULTS
 
Showing 1-10 of 22 records
 
Expand article

Four stages to establishing a successful IT Risk Management Lifecycle

The Article has images
2007-11-27 13:24:00 by Ryan Shopp in practical risk management
...stages to establishing a successful IT Risk Management Lifecycle by: Ryan Shopp I recently came across this article from Symantec called IT Risk Management: Five Steps to Get from Good to Great . After reading it I found myself noticing it's similarity to a four step process I picked up in my early consulting days at International Network...
 
Tags: risk management lifecycle, risk management, management, step process, step life cycle, step, process, time, peers
 
 
 
 
Expand article

Two-Thirds of Our Readers Say CEP is Still Immature

2008-07-12 10:23:48 by Tim Bass in The Complex Event Processing Blog
 
...stages of maturity Only 6% of the those who responded to the poll, conducted from July 3 thru July 12th,voted that CEP was mature. If you include those who consider CEP getting close to maturity, 18% of our readers who voted said that CEP was in the final stages of maturity Howis it possible that31% of the folks who responded believe that CEP...
 
Tags: cep, cep relative, cep maturity cycle, myriad, myriad events, readers, readersenvision cep, maturity, events
 
 
 
 
Expand article

Fuzz Testing at Microsoft and the Triage Process

2007-09-20 18:52:00 by sdl in The Security Development Lifecycle
 
...stages in which the output of each stage can impact or influence both the current and next iteration through the stages (e.g. after completing analysis work in stage 5 you could decide to change how you malform and deliver fuzzed data [stage 2 and 3], which exceptions get logged [stage 4], which tests you re-run [stage 6] and even which...
 
Tags: chance exceptions, exceptions, exception handler, exception, divide-by-zero exception, exception code, triage process, process, first-chance exceptions
 
 
 
 
Expand article

The Arizona Office of the Auditor General finds plenty of holes

The Article has images
2008-06-23 12:28:27 by Evan Francen in The Breach Blog
...stages in developing formal programs to guide their information security efforts, but none have yet developed all the standards or procedures needed to support a complete information security program. The universities are in the beginning stages of implementing their information security programs, in part because the ISO positions are...
 
Tags: information, information security officer, personal information, information security staffs, confidential information, information security, university information, sensitive information, sensitive
 
 
 
 
Expand article

Information flow tracing and software testing

2007-09-17 09:32:00 by Niels Provos in Google Online Security Blog
 
...stages, it is available for download under the GNU Public License. External contributions and feedback are encouraged
 
Tags: input, flayer marks, initial input samples, flayer, fuzz, fuzz testers require, checks, dynamic analysis framework, sanity checks
 
 
 
 
Expand article

E-crime and Socioeconomic Factors

The Article has images
2008-01-21 07:49:29 by HASH0x8b5217c in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...stages of embracing new economic models will suffer from the inevitable unequal distribution of income due to their government's lack of experience or motivation. To me, however, it's more sociocultural than socioeconomic factors that contribute to these future developments. Several more key points worth discussing Malware is no longer...
 
Tags: malware, code malware, modern malware, malware generators, source tool, source, malware bot, source malware bots, e-crime
 
 
 
 
Expand article

Davidson Companies illegal network intrusion exposes clients

The Article has images
2008-02-01 14:51:54 by Evan Francen in The Breach Blog
...stages of the investigation This was a "very, very sophisticated hacker," Burchard said. "We don't know where this person is; we don't know who this person is Evan] I speculate (I like to speculate when there is little risk!) that this attack was not as technologically advanced as claimed. How "very, very sophisticated" does an attacker need...
 
Tags: davidson, clients, davidson companies president, davidson companies clients, sensitive personal information, davidson login page, personal information, davidson companies, davidson trust
 
 
 
 
Expand article

L.A. Dept. of Water of Power employees exposed

The Article has images
2008-02-19 17:11:13 by Evan Francen in The Breach Blog
...stages of the investigation, and very early to point fingers," he said. (Nahai DWP spokesman Joe Ramallo said the utility had no evidence that the missing information had been misused We're required by law to notify our employees that this theft occurred," he said. "But we don't have any knowledge at this point that the data was the target,...
 
Tags: employee information, information, information security practices, confidential information, information security policies, sensitive personal information, dwp, dwp officials, represents dwp employees
 
 
 
 
Expand article

Why Some Terrorist Attacks Succeed and Others Fail

2008-02-28 06:25:13 by schneier in Schneier on Security
 
...stages. These factors include Poor terrorist operational security (OPSEC). The case studies indicate that even plots that are otherwise well-planned and operationally sound will fail if there is a lack of attention to OPSEC. Security services cannot "cause" poor OPSEC, but they can create the proper conditions to capitalize on it when it...
 
Tags: vigilant security services, vigilant, recent terrorist plots, terrorist plots, information fits, information, intelligence information, security services, law enforcement