Blog Posts Tagged with "vendors"
January 24, 2012 Added by:Josh Shaul
Advanced systems for protecting databases have been available for several years now, and have become mature and reliable technology. Databases can be locked down with secure configurations, strong access controls, and effective patch management strategies...
January 23, 2012 Added by:Danny Lieberman
Who needs an anti-virus? If I have a solid operating system like Ubuntu 11.10, IP tables, good control of the services on my notebook and practice safe email, why should I add additional layers of content security and feed the Symantec stock price?
January 23, 2012 Added by:Bill Mathews
Often merchants just sell your information outright to make revenue off the data they’ve collected. Usually this is reserved for more nefarious merchants, and sometimes it is done out of ignorance of their own policies. But make no mistake – it DOES happen...
What we really need in this industry is a complete shake up. We need true innovative thought that uses cyber intelligence, counterintelligence and active defense and offensive measures in our programs. No more sitting around waiting for the penetration...
January 10, 2012 Added by:Headlines
The rule requires contractors and subcontractors to provide details on how their products and services meet federal IT regulations. The rule also requires contractors and subcontractors to submit to audits on practices and procedures to ensure mandates are satisfied...
January 02, 2012 Added by:Bill Gerneglia
"Instead of requesting that a third-party security vendor conduct testing on the enterprise's behalf, the enterprise will be satisfied by a cloud provider's certificate stating that a reputable third-party security vendor has already tested its applications."
December 29, 2011 Added by:Headlines
SP 800-155 explains the fundamentals of BIOS integrity measurement to determine if the BIOS has been modified and how to report changes. The publication provides detailed guidelines to vendors that develop products to support secure BIOS integrity measurement mechanisms...
December 19, 2011 Added by:Rafal Los
I don't know of a bigger detractor to security than a broken enterprise change management process... whether you work for a million node global corporation, or a company with 100 laptops and an outsourced IT - poor change management will be the death of your security posture, period...
December 14, 2011 Added by:Mike Meikle
Carefully crafted and monitored SLAs to keep vendors in check, mandating FIPS 140-2 certification of potential vendors and benefiting from vendor technology investments (economies of scale) can add significant weight to cloud solution providers being more secure than in-house solutions...
November 28, 2011 Added by:Ali-Reza Anghaie
Consider three fields when pondering infosec strategies: Defense, Economics, and Healthcare. All three have grasped nonlinear preventative and swarm tactics in a way we would be wise to consider. And like infosec, all three also have snake oil salesmen and demons to satiate...
November 22, 2011 Added by:Josh Shaul
When you measure the impact on share price, it’s not worth it to build secure software. Buyers are gobbling up the vulnerable stuff as quickly as they can get their hands on it, and the people who pay the price are those whose data is stolen and whose lives are turned upside down in the aftermath...
November 21, 2011 Added by:Andrew Weidenhamer
One of the biggest challenges is how to determine which 3rd party QSA company to use. With 120+ QSA companies certified to perform On-Site Assessments in the USA, there is not an easy answer, unless of course price is the only consideration. Unfortunately, sometimes this is the case...
November 16, 2011 Added by:Rafal Los
We're cynical. Many security professionals and information security management alike are getting fed up with vendors who don't take the time to understand the issues they're facing - and simply to to sell, sell, sell...
November 16, 2011 Added by:Joel Langill
First, you need to expand your concept of an “embedded web server” beyond something that a user would use when launching a browser and entering a URL for the device. Vendors actually use embedded web servers for a number of reasons, and many of these vendors are leaders in the industry...
November 15, 2011 Added by:Scot Terban
I am sure there are many of you out there who feel like you are being branded the “Security Cassandra”. You come to them with dark prognostications of compromise, and they look upon you as either a paranoid delusional individual or someone to just be patted on the head...
November 08, 2011 Added by:Scot Terban
We have seen this from the perspective of magic boxes that promise to negate security vulnerabilities as well as teams of consultants who will “securitize” the company. The net effect is that those paying for such products and services may as well be buying a handful of magic beans instead...
Mobile Security Processes Could Be Applied t... Johnnie Nix on 05-21-2013
ATM Security (And Really Learning from the P... Johnnie Nix on 05-21-2013
New Study Published on Mobile Malware... Caitlin Rachel on 05-21-2013