Items Tagged with "vendors"


94c7ac665bbf77879483b04272744424

Outsourcing SIEM and Log Analysis

April 29, 2012 Added by:Marc Quibell

What are the risks of MSSPs managing the detection and analysis of network activity data for your company? There are some events that, if detected early, may avert lawsuits, data breaches and other embarrassing or career-ending moments for a company...

Comments  (4)

201d6e4b7cd0350a1a9ef6e856e28341

Are ICS Vendors Really to Blame for Insecure Systems?

April 27, 2012 Added by:Joe Weiss

The implication is that vendors aren’t interested in securing their legacy products. I do know that many ICS vendors supporting the electric industry are frustrated because the utilities may not be required to actually secure these systems to be NERC CIP compliant...

Comments  (0)

68b48711426f3b082ab24e5746a66b36

AppSec Mistakes Companies Make and How to Fix Them

April 24, 2012 Added by:Fergal Glynn

We’re pleased to present responses from an array of security experts including Bill Brenner, Andrew Hay, Jack Daniel and Chris Wysopal. Common themes arose, including the idea of taking AppSec more seriously and committing to a programmatic approach vs. ad hoc manual testing...

Comments  (0)

924ce315203c17e05d9e04b59648a942

Tearing Away the Veil of Hype from Palo Alto Networks’ IPO

April 24, 2012 Added by:Richard Stiennon

At long last the much hyped Palo Alto Networks (PAN) has filed its S-1 in preparation for an IPO. Now that we have some visibility into PAN’s real finances it is time to address some of their claims, and perhaps throw cold water on the exuberance being expressed in some circles...

Comments  (0)

3e35900ae6facc6c146a85c435c71d82

Good Security Starts at Home

April 23, 2012 Added by:Ben Rothke

Not a day goes by without yet another spate of privacy and security issues. Threats to the security, privacy and personal information continue to increase in scope and complexity. To maintain competitive edge, vendors and service providers are scrambling to keep up...

Comments  (22)

7fef78c47060974e0b8392e305f0daf0

Fear and Loathing in Infosec: A Savage Journey

April 17, 2012 Added by:Infosec Island Admin

The players mime their passion plays to obtain the almighty dollar and make their daily bread. Grimy hands slither over every inch of the client while pouring soothing words, cooing in their ear about how their solutions will cure ills and make them more virile than the next guy...

Comments  (1)

B451da363bb08b9a81ceadbadb5133ef

Pain Comes Immediately – Secure Development Takes Time

April 17, 2012 Added by:Alexander Rothacker

Once a patch to a vulnerability is released, the vendor should give as much guidance as possible to its customer base so that they can make an informed decision on how to mitigate — may it be a workaround, such as disabling some functionality, configuring compensating controls...

Comments  (0)

296634767383f056e82787fcb3b94864

China: Our Incompetent Master Adversary?

April 16, 2012 Added by:Jeffrey Carr

Either China is the greatest and dumbest adversary we've ever had, or the real dummies are those in infosec who can't be bothered to question the obvious when doing incident response, or who choose to cater to the rising tide of Sinophobia in the U.S. in order to boost their sale...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Zeus Trojan Takes Aim at Cloud Payroll Services

April 12, 2012 Added by:Headlines

"Zeus captures a screenshot of a Ceridian payroll services web page when a corporate user whose machine is infected... visits this website. This allows Zeus to steal the user id, password, company number and the icon selected by the user for the image-based authentication system..."

Comments  (0)

E313765e3bec84b2852c1c758f7244b6

Disagreement on Password Vault Software Findings

April 12, 2012 Added by:Brent Huston

Recently, some researchers have been working on comparing password vault software products and have found some issues. However, many of the vendors are quickly moving to remediate the identified issues, many of which were simply improper use of proprietary cryptography schemes...

Comments  (1)

Fc152e73692bc3c934d248f639d9e963

When Will PCI SSC Stop the Mobile Payment Insanity?

April 10, 2012 Added by:PCI Guru

The merchant is left to their own devices to know whether any of these mobile payment processing solutions can be trusted. I am fearful that small merchants, who are the marketing target of these solutions, will be put out of business should the device somehow be compromised...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

ENISA: Guidelines for Monitoring Cloud Computing Contracts

April 05, 2012

Cloud computing services are increasingly important for governments and businesses, and information security is a key pain-point. To help solve this problem ENISA released a guide focusing on continuous security monitoring throughout the life-cycle of a cloud contract...

Comments  (0)

E313765e3bec84b2852c1c758f7244b6

Credit Unions and Small Banks Need Strong Security Relationships

April 05, 2012 Added by:Brent Huston

Smaller organizations need to leverage simple, effective and scalable solutions to achieve success. They simply won’t have the manpower to manage overwhelming alerts, too many log entries or some of the other basic mechanisms of infosec...

Comments  (0)

Ebe141392ea3ebf96ba918c780ea1ebe

On Analyst Geometries

April 04, 2012 Added by:Wendy Nather

Sectors in security are blurring and merging, companies are building out portfolios, and everyone's adding discrete functionality from different categories. Static and dynamic analysis aren't separate revenue streams for some vendors, and it'll just get more muddled...

Comments  (0)

924ce315203c17e05d9e04b59648a942

Cloud Services Strategy: Security First - Growth Second

March 30, 2012 Added by:Richard Stiennon

Cisco, Juniper, Oracle, and Microsoft might have security initiatives and even good sales of security products. But security takes a back seat to functionality too often. Why are there no secure switches? Secure apps for Windows? Or secure databases?

Comments  (0)

4c1c5119b03285e3f64bd83a8f9dfeec

Cloud Security and the Enterprise

March 29, 2012 Added by:Ben Kepes

We need to ensure that legislation and regulations for cloud services truly reflect the realities of the cloudy world we live in and do not allow for a shotgun approach to compliance that primarily meets the needs of just one powerful interest group...

Comments  (0)

Page « < 3 - 4 - 5 - 6 - 7 > »