Blog Posts Tagged with "applications"


If Facial Recognition Creeps You Out, What You Can Do About It

August 24, 2012 Added by:Theresa Payton

Facebook’s software isn’t just about placing a name with a face. If you think about how people use the like button, connect to groups, connect to each other, a tagged photo gives additional context. Hackers would love to have this information about you...

Comments  (1)


Smart Grid Security: Getting Better, But Needs Improvement

August 09, 2012 Added by:Brent Huston

There is still room for improvement in the smart grid space: Encryption versus encoding, modern development security, JTAG protection, input validation and the usual application security shortcomings that the web and other platforms are struggling with. Default passwords, crypto keys and configurations still abound...

Comments  (0)


PA-DSS Validation Clarification

August 09, 2012 Added by:PCI Guru

The PA-DSS has a procedure that the PA-QSA can follow to determine that version changes have not affected cardholder data processing and the application’s PA-DSS validation. Without that validation, as a QSA, our hands are tied and we must conduct a full assessment of the application under the PCI DSS...

Comments  (0)


EU Weighs in on Face Recognition Applications

July 29, 2012 Added by:Electronic Frontier Foundation

Face recognition in online applications is particularly problematic as personal data is sometimes used out of context by employers and law enforcement. Therefore, European privacy officials’ opinion recommending various practices for these applications could not have come at a better time...

Comments  (0)


ICS-CERT: Windows XP Support End of Life

July 18, 2012 Added by:Infosec Island Admin

ICSCERT has identified three technology deployment areas to evaluate when considering the upcoming EOL of XP SP3 across ICS environments. Applications installed on Windows XP SP3 operating system builds on standard IT equipment, including engineering workstations, HMI servers, historian systems, etc...

Comments  (0)


Shodan: There is Now an App for That

July 11, 2012 Added by:shawn merdinger

Since October, 2010, Shodan has consistently made waves in the information security world. Like any security tool, Shodan can be leveraged by both malicious attackers and legitimate security operations to gain insights into the public IP exposure of an organization. Now enters the Shodan App...

Comments  (1)


Cloud Patch Management: Consistency and Automation

May 23, 2012 Added by:Rafal Los

If you've chosen wisely, you environments across your public and private clouds are consistent. The big question is - how do we keep our environments consistent in the face of security requirements to push patches? The answers rely very heavily on automation and policy...

Comments  (0)


Firewalls: Stop Blocking by IP and Port

May 08, 2012 Added by:Phil Klassen

There has been some good discussions on firewalls, and the majority of the feedback is that firewalls are still an important part of the security infrastructure. However, I am surprised that the discussion revolves around legacy features and not those required to meet today's needs...

Comments  (3)


An Enemies Application? Really?

April 20, 2012 Added by:Theresa Payton

We were all taught that if you can’t say anything nice, don’t say anything at all. So imagine our surprise when we found out that there is a free app on Facebook you can publicly name your enemies and give shout outs online as to who they are and why. This is not a good idea..

Comments  (0)


Understanding Cloud Security Part One

March 11, 2012 Added by:Neira Jones

The cloud provides an opportunity to re-architect older applications and infrastructure to meet or exceed modern security requirements. At other times, the risk of moving sensitive data and applications to an emerging infrastructure might exceed tolerance levels...

Comments  (0)


A Checklist for a Move to the Cloud

February 26, 2012 Added by:Ben Kepes

There’s s flip side to technology democratization in that the high level of accessibility also means that it’s very easy for organizations to set themselves up as vendors – sometimes without the necessary level of professionalism that would be optimal...

Comments  (0)


Application Software and Security: A Tale of Two Market Sizes

February 19, 2012 Added by:Fergal Glynn

We spend 0.3% of what we pay for software on ensuring that it is secure. Now you can argue that manual testing is not included. However, even when you account for this variance, the gap in what we spend to buy software and what we spend to secure it is huge...

Comments  (0)


That a Phone in Your Pocket or Are You Scanning My Network?

January 16, 2012 Added by:Malgorzata Skora

Smartphones have become much more powerful over the past few years. Combine this power with the right applications and you can scan a network from the inside in seconds, along with performing several other new types of attacks for information gathering...

Comments  (1)


Nothing Funny About CallerIDFaker

December 29, 2011 Added by:Theresa Payton

Companies are coming up with new technologies to not only spoof your number but to also disguise your voice. This could be scary in the wrong hands. One product, CallerIdFaker, asks you to tape the call as it happens and then share it on their website. Are you laughing yet?

Comments  (1)


The Cloud of Clouds: Amazon Web Services

November 22, 2011 Added by:Robert Siciliano

Security is paramount. Amazon states: “In order to provide end-to-end security and end-to-end privacy, AWS builds services in accordance with security best practices, provides appropriate security features in those services, and documents how to use those features..."

Comments  (1)


Keys To Successful Cloud Application Deployment

October 05, 2011 Added by:Bill Gerneglia

It is imperative to select and deploy a proven set of cloud core services. These include storage management controls, hypervisors, security policies and security software including firewalls, disaster recovery and governance, and database administration and replication services...

Comments  (0)

Page « < 1 - 2 - 3 > »