Search:

Blog Posts Tagged with "Risk Assessments"

A762974cfbb0a2faea96f364d653cbc6

An Introduction to OSSTMM Version 3

July 15, 2010 Added by:Michael Menefee

As a security consultant, I've always looked for ways to increase consistency, efficiency and value when conducting security analysis on a client's network or business. With the impending release of OSSTMMv3 I'll share my thoughts on the success of the model...

Comments  (12)

69baa1f1851ad2bd24c61868329f76f7

Ending the Security Business of Guessing

July 13, 2010 Added by:Pete Herzog

In the research for factual security metrics, factual trust metrics, and reliable, repeatable ways for verifying security, including concretely defining security, we found that the practice of guessing forecasting risk was not only non-factual but also backwards...

Comments  (16)

69baa1f1851ad2bd24c61868329f76f7

Hackers May Be Giants with Sharp Teeth

July 06, 2010 Added by:Pete Herzog

Interestingly, the point of a risk assessment is to determine vulnerabilities, assets, and threats. So why does a 9-year-old know what so many security professionals don't? Why does she realize that imagining what the threat looks like is just an exercise in creativity, not prediction?

Comments  (3)

9259e8d30306ac2ef4c5dd1936e67634

Risk assessment tips for smaller companies

June 30, 2010 Added by:Dejan Kosutic

I have seen quite a lot of smaller companies (up to 50 employees) trying to apply risk assessment tools as part of their ISO 27001 implementation project. The result is that it usually takes too much time and money with too little effect.

Comments  (0)

A3e8b5e0becdbfb1b1c706b452b6c388

Road Map for an Application/Software Security Architect (Part 2)

November 02, 2009 Added by:Stephen Primost

Vulnerability testing at the acceptance stage of an application's Software Development Life Cycle (SDLC) will not compensate for the lack of an understanding of what is being done during the software development even though you may not have control over the development efforts. You need a plan that puts those controls in place and allows that governance. Ignoring vulnerabilities will not prevent b...

Comments  (0)

Page « < 1 - 2 - 3 - 4 > »
Most Liked


Latest Member Comments

"I thought this article discuss a very important issue of security.If we have well developed technology in one particular field then we ..."

Mobile Security Processes Could Be Applied t... Johnnie Nix on 05-21-2013

"ATM machine are for our convenience but if we are not careful they can compromise our safety. Discount theater tickets "

ATM Security (And Really Learning from the P... Johnnie Nix on 05-21-2013

"A expressive case study is used to explore causation in order to find underlying principles. Case studies may be prospective in which c..."

New Study Published on Mobile Malware... Caitlin Rachel on 05-21-2013

"In the social sciences and life sciences a case study or case report is a descriptive or descriptive analysis of a someone, group or ev..."

Case Study: A Cloud Security Assessment... Caitlin Rachel on 05-21-2013
Latest Posts