January 24, 2012 Added by:Josh Shaul
Advanced systems for protecting databases have been available for several years now, and have become mature and reliable technology. Databases can be locked down with secure configurations, strong access controls, and effective patch management strategies...
January 18, 2012 Added by:Alexander Rothacker
This time ere are only TWO fixes. This is the lowest number ever since the CPU program has started in 2005. Oracle, what happened? Did you throw in the towel on DBMS fixes? I know it’s not because the Database is finally fixed for good and is now suddenly secure...
January 12, 2012 Added by:John Linkous
SIEM tools are highly focused on events. Even in cases where a SIEM can look outside of the world of events at one or two other pieces of data - say, at network traffic - that’s still woefully inadequate. We certainly need events and network traffic data...
December 31, 2011 Added by:Larry Karisny
Curt Massey spent a 35-year career protecting our national security. His military service, civilian law enforcement, corporate security and military contracting experiences have imbued him with the unpleasant knowledge of our core vulnerabilities and a visceral drive to build a team capable of finding answers...
December 21, 2011 Added by:Emmett Jorgensen
Solid state disks are more reliable because SSDs do not contain any moving parts. There are no read heads, actuator arms or spinning platters that can break down in an SSD. SSDs can be moved around freely while in use and have a higher tolerance against shock and vibration than HDDs...
December 18, 2011 Added by:Josh Shaul
If you are a gamer and you use any online gaming network or service, please be vigilant and cautious. Don't click on any offer that comes in via email, and don't signing up for anything gaming related unless you are doing so direct from the software manufacturer or gaming network...
October 19, 2011 Added by:Alexander Rothacker
Oracle released its October Critical Patch Update with 57 vulnerabilities across multiple products. This low number of patches continues a trend where Oracle appears to be losing focus on database security, probably due to the many new products offerings and acquisitions...
October 18, 2011
Data has to be independently classified based on availability, integrity and confidentiality. It needs to be data centric, not focusing on the systems or databases so that while data “travels” through the infrastructure it will keep these attributes without relying on source systems...
October 12, 2011 Added by:Emmett Jorgensen
When will manufacturers stop using Flash as the primary storage? Consider that in 2002 many experts assumed that Flash cells would not be stable when scaled past 45nm and predicted that it would need to be replaced by 2010. We know now that those predictions proved to be false...
October 12, 2011 Added by:Simon Heron
The trouble is that technology is just one element of the solution. There is little doubt that while DLP software and devices can help, there is no single solution that can encompass all aspects of DLP, as different types of data have different threats and hence need different controls...
October 05, 2011 Added by:Danny Lieberman
One of the crucial phases in estimating operational risk is data collection: understanding what threats, vulnerabilities you have and understanding not only what assets you have (digital, human, physical, reputational) but also how much they’re worth in dollars...
September 29, 2011 Added by:Chris Schellman, CPA, CISSP, PCI QSA
SSAE 16 is one of the most widely known tools for providing assurances to data center customers. Yet, a myth that the SSAE 16 standard is not applicable to the industry persists. Data center providers have no choice but to arm themselves with the following facts about SSAE 16 applicability...
September 29, 2011 Added by:Headlines
"Business owners will need to understand what the cloud is and what it can do for their businesses in the areas of cost control, data security, data protection, accessibility, efficiency and productivity to facilitate a smooth running technological platform for their business..."
September 18, 2011 Added by:David Navetta
Richard Blumenthal (D-CT) introduced bill that would levy significant penalties for identify theft and other “violations of data privacy and security,” criminalize software that collects “sensitive personally identifiable information” without clear and conspicuous notice and consent...
August 31, 2011 Added by:Stephen Marchewitz
No matter what you are told, simply writing a check to a software vendor and installing some code will not prevent all data loss. Depending on the intricacies of the organization, the money that DLP solutions require may likely be better spent on other security initiates...
August 28, 2011 Added by:Brian Smithson
Multipass disk overwrite and the “DoD 5220-22-M standard 3-pass wipe” are, at best, urban legends. At worst, they are a waste of time. A single pass overwrite with any arbitrary value (randomly chosen or not) is sufficient to render the original HDD data effectively irretrievable...
Mobile Security Processes Could Be Applied t... Johnnie Nix on 05-21-2013
ATM Security (And Really Learning from the P... Johnnie Nix on 05-21-2013
New Study Published on Mobile Malware... Caitlin Rachel on 05-21-2013