Blog Posts Tagged with "Protocols"

Bd07d58f0d31d48d3764821d109bf165

Finishing the Security Automation Job

September 06, 2012 Added by:Tripwire Inc

SACM needs to grow upward and outward from where the SCAP efforts have gotten – move from controls into control frameworks and support the policies, processes, and procedures derived from Operational Risk Management. We’ve got a lot of work ahead. It’s all worth it...

Comments  (3)

E313765e3bec84b2852c1c758f7244b6

Smart Grid Security: Getting Better, But Needs Improvement

August 09, 2012 Added by:Brent Huston

There is still room for improvement in the smart grid space: Encryption versus encoding, modern development security, JTAG protection, input validation and the usual application security shortcomings that the web and other platforms are struggling with. Default passwords, crypto keys and configurations still abound...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

BYOD: Challenges of Protecting Data - Part One

July 30, 2012 Added by:Rafal Los

Whether we're talking about cloud computing, or BYOD, or hacking in general - the buck stops with data. Some believe you can't ever classify all of your data and you should move on, while others believe that without making data custodians responsible for classification of critical data nothing else can happen...

Comments  (1)

44fa7dab2a22dc03b6a1de4a35b7834a

The Benefits of the Cloud for Performance Testing

May 24, 2012 Added by:Bill Gerneglia

By allowing test teams to instantly deploy existing performance test scripts to cloud-based load generators, the load is created on pre-configured systems provisioned in the cloud. This eliminates the effort and cost related to extending the on-premise test infrastructure...

Comments  (0)

B64e021126c832bb29ec9fa988155eaf

Ninety Percent of HTTPS Websites Insecure

May 08, 2012 Added by:Dan Dieterle

Of the 200,000 HTTPS websites tested, only about 10% are properly secured. Changes need to be made to the secure online transaction system. Several of the issues have already been addressed, sadly it seems that the appropriate measures to secure SSL have just not been taken...

Comments  (5)

69dafe8b58066478aea48f3d0f384820

NIST: Secure Biometric Acquisition with Web Services

May 04, 2012 Added by:Headlines

Researchers at the NIST have developed a new protocol for communicating with biometric sensors over wired and wireless networks, called WS-Biometric Devices (WS-BD), allows desktops, laptops, tablets and smartphones to access sensors that capture biometric data using web services...

Comments  (0)

99edc1997453f90eb5ac1430fd9a7c61

CISSP Reloaded Domain Three: Telecoms and Network Security

March 19, 2012 Added by:Javvad Malik

Network security is so important yet because it’s complex, a lot of companies end up doing it wrong. Not as many people properly understand the security implications of the network and most companies don’t even know what their network is comprised of...

Comments  (1)

E313765e3bec84b2852c1c758f7244b6

Snort and SCADA Protocol Checks

January 25, 2012 Added by:Brent Huston

There are a wide variety of open source tools that can be leveraged around Snort, making it a powerful approach to visibility. Having people in the industry who know how the systems Snort work allows for better development of signatures for nefarious issues...

Comments  (0)

0ff0a77035f9569943049ed3e980bb0d

Stratfor Hack Proves a Few Things

January 03, 2012 Added by:

How many more companies believe they can get by with half-baked security? Why are budgets being cut for information security by CIOs who just don’t get it? Why is it that organizations do business with other organizations without performing due diligence on the entity?

Comments  (0)

4c1c5119b03285e3f64bd83a8f9dfeec

Closing the Gate Before the Horse Bolts – On Passwords for the Cloud

December 12, 2011 Added by:Ben Kepes

Passwords it seems are both the bane of our existence and, apparently, the most important thing in our lives. Unfortunately the Cloud doesn’t really change this, good password protocols are as important in the Cloud as they were in an on-premise world and potentially even more so...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

DHS Cyber Security Audit FAIL

October 20, 2011 Added by:Headlines

"Adequate security controls have not been implemented on the [Mission Operating Environment] to protect the data processed from unauthorized access, use, disclosure, disruption, modification, or destruction," the Inspector General concluded...

Comments  (1)

3ac1b4d00e292a1a670a4df0e460892a

Companies Using Secure Protocols in an Insecure Manner

September 16, 2011 Added by:Cor Rosielle

I only looked at the Fortune 500 companies with knowledgeable IT and security staff, and with a board and directors who should care about security and have sufficient budget to get these basic things right. Let's hope the companies are as disappointed about these results as I was...

Comments  (8)

D8853ae281be8cfdfa18ab73608e8c3f

Railgun Error Checking

August 30, 2011 Added by:Rob Fuller

One important thing to note about Railgun is that you are querying the API, and just as if you were using C++, the API you are calling just might not be there on the system. So here is a quick trick to find out if a the function (API) that you are trying to call is available to you...

Comments  (0)

4085079c6fe0be2fd371ddbac0c3e7db

Red Hat 5 STIG: Network Settings

August 23, 2011 Added by:Jamie Adams

I would caution administrators from rushing to add all because most are defaults. The settings must be implicitly set in the sysctl.conf config file. My recommendation is to review the entire STIG in order to define a complete sysctl.conf file, so that it can be deployed and tested all at once...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Pentagon Fails to Deliver Cyber War Policy Brief

July 22, 2011 Added by:Headlines

"The continued failure to address and define the policies and legal authorities necessary for the Pentagon to operate in the cyberspace domain remains a significant gap in our national security that must be addressed," wrote Senators Levin and McCain to Defense Secretary Panetta...

Comments  (0)

Fc152e73692bc3c934d248f639d9e963

VoIP and PCI Compliance

June 15, 2011 Added by:PCI Guru

When you start talking to security people about VoIP security, their knee-jerk response is to tell you that VoIP is secured by the corporate firewall. However, given that the VoIP protocols are stateless, even being behind a firewall really does not provide any protection...

Comments  (1)

Page « < 1 - 2 > »