Enterprise Security

201d6e4b7cd0350a1a9ef6e856e28341

DOE Cyber Security Procurement Language – Is It Comprehensive Enough

May 06, 2014 Added by:Joe Weiss

DOE recently issued their revised report on Cyber security procurement Language for Energy Delivery Systems dated April 2014.

Comments  (0)

Fafdf1720f4df1d41c6eacbd2429a06b

A Windows Authentication Flaw Allows Deleted/Disabled Accounts to Access Corporate Data

May 06, 2014 Added by:Tal Be'ery

Since Kerberos authentication and authorization is based solely on the ticket – and not on the user’s credentials, it means that disabling the user’s account has no effect on their ability to access data and services.

Comments  (0)

7ddc1f3000a13e4dfec28074e9e7b658

The White House Big Data Report: The Good, The Bad, and The Missing

May 05, 2014 Added by:Electronic Frontier Foundation

Last week, the White House released its report on big data and its privacy implications, the result of a 90-day study commissioned by President Obama during his January 17 speech on NSA surveillance reforms.

Comments  (1)

Bd07d58f0d31d48d3764821d109bf165

ICS-ISAC: Understanding and Implementing Shared Situational Awareness

May 01, 2014 Added by:Tripwire Inc

SARA (the Situational Awareness Reference Architecture) provides applicable steps for creating local and shared situational awareness.

Comments  (0)

666ef5d32e74e7402aab206bbe9cccda

Don't Let Your Data Fall Into the Wrong Hands: 10 Simple Tips

May 01, 2014 Added by:John Grady

Data breaches have become common news items: Newsfactor Business reports that Court Ventures — a subsidiary of credit-report company Experian — was recently breached, exposing millions of U.S. Social Security numbers to criminals.

Comments  (0)

Bd07d58f0d31d48d3764821d109bf165

When it's Time to Share Information: How Heartbleed Got it Right

April 30, 2014 Added by:Tripwire Inc

For all of the chaos and exposure that came with the Heartbleed OpenSSL vulnerability, there is one thing that the security community got right – broad, loud communication to everyone and their mother.

Comments  (0)

Ebb72d4bfba370aecb29bc7519c9dac2

Security Monitoring Planning Tool?

April 24, 2014 Added by:Anton Chuvakin

The easy stuff is for wussies – how about I dedicate my time to creating a structured approach for deciding which monitoring technology to use under various circumstances?

Comments  (0)

Bd07d58f0d31d48d3764821d109bf165

Verizon 2014 DBIR: Hide Your Servers and Call the Cops

April 23, 2014 Added by:Tripwire Inc

Know what you have, know how it’s vulnerable, configure it securely, and continuously monitor it to ensure it isn’t compromised and remains secure.

Comments  (0)

6d117b57d55f63febe392e40a478011f

NIST Abandons Cryptography Algorithm in Wake of NSA Backdoor Concerns

April 22, 2014 Added by:Anthony M. Freed

NIST has officially announced the decision to remove the cryptographic algorithm from its revised guidance on random number generators

Comments  (0)

E313765e3bec84b2852c1c758f7244b6

Let’s Get Proactive with End User Security

April 22, 2014 Added by:Brent Huston

Powerful malicious software apps are all over the Net, like website land mines, just waiting to explode into your computer if you touch them.

Comments  (0)

E595c1d49bf4a26f8e14ce59812af80e

Stop the Bleeding: How Enterprises Can Address the Heartbleed Bug

April 21, 2014 Added by:Patrick Oliver Graf

If your provider is not hurrying to patch the hole in their OpenSSL implementation and/or taking steps to better implement a defense in depth framework, you may be justified in hitting the panic button.

Comments  (0)

Fc152e73692bc3c934d248f639d9e963

An Open Letter to Executives

April 17, 2014 Added by:PCI Guru

I should have published this letter a long time ago as this is not a new issue.

Comments  (0)

A7290c5bd7bc2aaa7ea2b6c957ef639b

FAQs Concerning the Legal Implications of the Heartbleed Vulnerability

April 16, 2014 Added by:David Navetta

Overall, in most cases, the Heartbleed vulnerability and associated security and legal risk is manageable as long as organizations take swift action to remediate their risk.

Comments  (0)

Bd07d58f0d31d48d3764821d109bf165

Security Pros Need Better Security Awareness Training Options

April 16, 2014 Added by:Tripwire Inc

One of the basic security measures that every company should be taking is giving security awareness training to its employees.

Comments  (0)

65be44ae7088566069cc3bef454174a7

Would a Proprietary OpenSSL Have Been More Secure than Open Source?

April 16, 2014 Added by:Rebecca Herold

The OpenSSL Heartbleed vulnerability has resurrected the age-old debate of whether or not open source code is more or less secure than proprietary code.

Comments  (0)

Bd07d58f0d31d48d3764821d109bf165

Is User Experience Part of Your Security Plan?

April 15, 2014 Added by:Tripwire Inc

One common theme across the information organizations that I work with is that everyone wants to do the right thing. Unfortunately, that often means onerous and complicated security policies that translate into awkward steps that users must take.

Comments  (1)

Page « < 3 - 4 - 5 - 6 - 7 > »