Risk assessments metrics and frameworks
- March 06, 2012
Too often, organizations jam all their compliance tasks into the quarter when the audit is due. Read advice for reducing compliance fatigue.
- March 01, 2012
RSA Conference 2012 panelists discussed court rulings on liability for hacked bank accounts, and gave advice to security pros for protecting financial assets.
- February 07, 2012
While organizations focus on mobile security and other emerging threats, an analysis of more than 2,000 penetration tests conducted by Trustwave found older threats often overlooked.
- February 06, 2012
A researcher calls the state of industrial control system security “laughable” and warns of the consequences of unpatched critical infrastructure that is reachable over the Internet.
- October 04, 2011
Even the most mature organizations are using multiple risk-management frameworks and various processes to make risk-based decisions.
- August 03, 2011
Cross-site scripting flaws enable security researchers to bypass Chromebook security and silently steal sensitive data by hijacking browser sessions.
- June 23, 2011
Eric B. Parizo discusses the top themes from the 2011 Gartner Security & Risk Management Summit, including the rediscovery of enterprise risk management.
- January 04, 2011
Security researcher Michal Zalewski said his new cross_fuzz has helped identify about 100 bugs in prominent browsers that include Internet Explorer, Firefox and Opera.
- December 15, 2010
The new Core Insight pen testing suite can lay out the history of testing campaigns and the relative threat level of an enterprise's systems.
- December 07, 2010
Survey finds some enterprises are overburdened with compliance issues and are using piecemeal patch testing and deployment processes.
- September 17, 2010
Forrester analyst Khalid Kark said a good information security program starts with a risk assessment.
- September 15, 2010
OpenPages will be integrated with IBM's business analytics software portfolio.
- September 02, 2010
New campaign aims to present detailed binary analysis of known exploits and a new zero-day vulnerability each day.
- August 06, 2010
The annual Black Hat hacker confab makes for good security theater, according to Andrew Plato, but the hype is having a negative effect on enterprise risk management, and that needs to change.
- August 03, 2010
TippingPoint's vulnerability disclosure team will give vulnerable vendors six months to create a patch.