Blog Posts Tagged with "Remediation"

A88973e7d0943d295c99820ab9aeed27

Tackling Modern Malware

August 15, 2012 Added by:Simon Heron

With conventional antivirus products, their signature bases are never completely up to date. When a new infection emerges, it simply roams freely across all endpoints. Conversely, WSA leverages behavioural monitoring to pick up infections when it isn’t sure whether a file is malicious or not...

Comments  (0)

68b48711426f3b082ab24e5746a66b36

Five Reasons Why You Need an Application Security Program

June 28, 2012 Added by:Fergal Glynn

Many organizations looking at application security for the first time struggle with why they should take a programmatic approach to tackling application security. The simple fact is that if someone wants your intellectual property, they are going to use software you bought, built or outsourced to get at it...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Are Enterprises Really Hacking the Hackers?

June 27, 2012 Added by:Rafal Los

Active defense is using technology which can confuse an attacker, mislead them into spending time on worthless parts of an application, or slowing the response rate of the network or application down. That's active defense. Striking back involves actually going on the offensive, which is likely highly illegal...

Comments  (1)

B8db824b8b275afb1f4160f03cd3f733

Vulnerabilities: Context Matters

May 13, 2012 Added by:Jack Daniel

You do need to assess how the vulnerability is exposed, what mitigations are in place or even possible, how hard the threat may be to execute against your situation, and whether there is a graceful failure mode if the opportunity turns out to be inopportune...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Checking Your System for the DNS Changer Malware

April 23, 2012 Added by:Headlines

The deadline for for systems infected with the DNS Changer malware is fast approaching. Failure to rid a device of the malware prior to the July 9 deadline could result in loss of Internet connectivity. To see if your system is infected, simply visit the following website...

Comments  (0)

C70bb5cfd0305c9d18312d92f820c321

We Need Better Defensive Tools

April 02, 2012 Added by:Gabriel Bassett

Marketers, Google, Facebook, can piece information together to identify you even when you don't say who you are. Banks, online video games, and major web services can degrade service based on perceived threats. It's time for infosec to build such tools to execute a better defense...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Metrics, KPIs and Making Business Sense of Infosec

March 27, 2012 Added by:Rafal Los

Does a 10% increase in IT Security spending really make us 10% safer? I refuse to buy-in to the saying that security is either avoiding cost, or a cost center and nothing more. This is simply untrue in my experiences. Good security is good for business, pure and simple...

Comments  (0)

48f758be63686a73484a7380e94f73d0

Vulnerability Remediation: No More Traffic Signals

March 22, 2012 Added by:Ed Bellis

When you dig into the issue of prioritization it can be complex. Adding to the complexity, factors are often different from organization to organization. I am all for breaking things down to their simplest parts by obfuscating the complex factors, not by eliminating them...

Comments  (2)

0a8cae998f9c51e3b3c0ccbaddf521aa

Quantifying Risk Reduction with an Unknown Denominator

March 07, 2012 Added by:Rafal Los

The problem that exists with all these risk reduction measurements is that they're impossible to quantify. There is simply no way to say that by doing X you've reduced risk by Y% - at least not when you don't know the total number of issues that exist. And therein lies the problem...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Straight Talk about Compliance from a Security Viewpoint

February 09, 2012 Added by:Rafal Los

Odds are, you can usually close out multiple compliance requirements across multiple requirements regulations by doing something singular in a security program. Performing software security audits during various phases of your SDLC solves many compliance requirements...

Comments  (0)

637466d18cc35f545740244d707c0482

Achieving Network Security

February 07, 2012 Added by:Kevin Somppi

Today's networks are complex, with most organizations supporting various server, operating system and Web platforms. This requires an accurate, comprehensive, and up-to-date way to identify the latest system vulnerabilities and configuration errors...

Comments  (0)

B64e021126c832bb29ec9fa988155eaf

Four Reasons to Use a Vulnerability Scanner

February 01, 2012 Added by:Dan Dieterle

A vulnerability scanner is a tool that can automatically scan your network and the systems connected to it, examining each one for vulnerabilities that could be exploited. Malicious users frequently use scanners to hunt for ways to compromise your systems...

Comments  (0)

C787d4daae33f0e155e00c614f07b0ee

Enterprise Information Security Resolutions for 2012

December 18, 2011 Added by:Robb Reck

Successful information security is about making progress. It’s not reasonable or sustainable to expect all risks to be remediated as soon as they are discovered. Instead, my goal for 2012 will be to establish a positive trend, working toward improving security consistently...

Comments  (0)

82ac4cd789b46af43c0cde730625317e

Common Errors in Firewall Configurations

December 06, 2011 Added by:Christopher Rodgers

With the "ANY" port accessible vulnerability, clear text protocols could be used when both a secure and less secure clear text service are running on the same system, and vulnerabilities found for specific services such as SMB could be launched against vulnerable machines...

Comments  (0)

7c5c876d1933023ac375eead04302e1a

Ineffective CISOs Foster Shady Vendor Practices

November 23, 2011 Added by:Boris Sverdlik

The question remains how much faith is too much to put in the hands of your vendors? Without a thorough analysis of the inner workings of your organization, it is impossible for any external entity to make recommendations on where your reactionary dollars are best spent...

Comments  (0)

Ad5130e786d13531cc0f2cde32dacd0f

Decrypting QSA Qualifications in a Diluted Market Place

November 21, 2011 Added by:Andrew Weidenhamer

One of the biggest challenges is how to determine which 3rd party QSA company to use. With 120+ QSA companies certified to perform On-Site Assessments in the USA, there is not an easy answer, unless of course price is the only consideration. Unfortunately, sometimes this is the case...

Comments  (0)

Page « < 1 - 2 > »
Most Liked