Security Testing: It Is About Coverage
Posted on | February 1, 2010 | No Comments
It is easy to do pentesting. My two year daughter can do it (well at least she broke through a screen-lock). But doing it well is the challenge. That is what coverage is about. Security test coverage, like any test coverage, is measuring how much of all the possible sensible options you cover with your testing. Let’s dig into this topic a bit more, and perhaps next time someone comes offering you pentesting services, you will have a few new questions to ask the auditors.
An Automated Approach to Compliance
Posted on | February 1, 2010 | No Comments
Simply ticking off boxes on audits is not enough to keep your information secure and consistently compliant. The checklist mentality treats compliance as a project rather than a process. Learn how to ensure compliance and safeguard data by moving from a manual compliance approach to an automated one.
The Future of PCI
Posted on | February 1, 2010 | No Comments
PCI DSS standards continue to evolve forcing organizations to bake compliance into their everyday operation to eliminate fire drills, contain costs, keep current customers and attract new ones. This paper covers key strategies for PCI DSS compliance and examines reasonable risk management, automating compliance, and compliance challenges in a virtualized environment.
Google joins the ‘kill-IE6′ campaign
Posted on | February 1, 2010 | No Comments
Google Docs will drop support for Microsoft’s nearly nine-year-old IE6 browser starting March 1.
Botnet targets major Web sites with junk SSL connection
Posted on | February 1, 2010 | No Comments
More than 300 Web sites are being pestered by infected computers that are part of the Pushdo botnet, according to security researchers.
Botnet sends fake SSL pings to CIA, PayPal, others
Posted on | February 1, 2010 | No Comments
The Pushdo botnet is trying to evade detection by using fake SSL connections to major Web sites, researcher says.
Originally posted at InSecurity Complex
In their words: Experts weigh in on Mac vs. PC security
Posted on | February 1, 2010 | No Comments
CNET asks a host of security experts which of the major operating-system platforms is more secure for consumers. Here’s what they have to say.
Originally posted at InSecurity Complex
Bank of America Web site goes down Friday
Posted on | February 1, 2010 | No Comments
The banking giant’s site is inexplicably unavailable to an unknown number of customers, a spokeswoman says.
Originally posted at InSecurity Complex
Google to pay bounties for Chrome browser bugs
Posted on | February 1, 2010 | No Comments
Google has unveiled a bug-bounty program that will pay researchers $500 for each vulnerability they report in the Chrome browser and its underlying open-source code
Wanted: Community Manager
Posted on | February 1, 2010 | No Comments
Today marks the end of the Era of Zonker at Novell, as Joe Brockmeier ends his tenure as Community Manager of openSUSE.
Meta
Categories
| M | T | W | T | F | S | S |
|---|---|---|---|---|---|---|
| « Feb | ||||||
| 1 | 2 | 3 | 4 | 5 | 6 | 7 |
| 8 | 9 | 10 | 11 | 12 | 13 | 14 |
| 15 | 16 | 17 | 18 | 19 | 20 | 21 |
| 22 | 23 | 24 | 25 | 26 | 27 | 28 |
| 29 | 30 | 31 | ||||
Archives
- February 2010 (20)
- January 2010 (83)
- December 2009 (41)
- November 2009 (117)
- October 2009 (33)
- September 2009 (122)
- August 2009 (55)
- July 2009 (90)