Risk assessments metrics and frameworks
- March 01, 2012
RSA Conference 2012 panelists discussed court rulings on liability for hacked bank accounts, and gave advice to security pros for protecting financial assets.
- February 07, 2012
While organizations focus on mobile security and other emerging threats, an analysis of more than 2,000 penetration tests conducted by Trustwave found older threats often overlooked.
- February 06, 2012
A researcher calls the state of industrial control system security “laughable” and warns of the consequences of unpatched critical infrastructure that is reachable over the Internet.
- October 04, 2011
Even the most mature organizations are using multiple risk-management frameworks and various processes to make risk-based decisions.
- August 03, 2011
Cross-site scripting flaws enable security researchers to bypass Chromebook security and silently steal sensitive data by hijacking browser sessions.
- June 23, 2011
Eric B. Parizo discusses the top themes from the 2011 Gartner Security & Risk Management Summit, including the rediscovery of enterprise risk management.
- January 04, 2011
Security researcher Michal Zalewski said his new cross_fuzz has helped identify about 100 bugs in prominent browsers that include Internet Explorer, Firefox and Opera.
- December 15, 2010
The new Core Insight pen testing suite can lay out the history of testing campaigns and the relative threat level of an enterprise's systems.
- December 07, 2010
Survey finds some enterprises are overburdened with compliance issues and are using piecemeal patch testing and deployment processes.
- September 17, 2010
Forrester analyst Khalid Kark said a good information security program starts with a risk assessment.
- September 15, 2010
OpenPages will be integrated with IBM's business analytics software portfolio.
- September 02, 2010
New campaign aims to present detailed binary analysis of known exploits and a new zero-day vulnerability each day.
- August 06, 2010
The annual Black Hat hacker confab makes for good security theater, according to Andrew Plato, but the hype is having a negative effect on enterprise risk management, and that needs to change.
- August 03, 2010
TippingPoint's vulnerability disclosure team will give vulnerable vendors six months to create a patch.
- July 29, 2010
An analysis of 120 security assessments at power plants, oil and chemical refineries and other critical systems revealed tens of thousands of security vulnerabilities, outdated operating systems and unauthorized applications.