Risk assessments metrics and frameworks
- April 06, 2009
The latest version of Imperva's SecureSphere software assigns a risk score to databases based on data sensitivity, misconfiguration issues and database vulnerabilities.
- March 26, 2009
Companies need to spend more time refining security policies to align them with business objectives.
- March 23, 2009
SWFScan analyzes Adobe Flash to identify dozens of source code errors.
- March 12, 2009
A former national cybersecurity czar says risk models used by security organizations often lead to a faulty understanding of threats and flaws, and a misallocation of resources.
- March 05, 2009
Two firms certified to conduct PCI assessments have been placed into the PCI Council's remediation program for violating the QSA Validation Requirements.
- February 24, 2009
Though a payload hasn't been issued, the Conficker worm reminds security professionals to be actively protecting the network from attacks.
- February 16, 2009
While IT pros should evaluate their ongoing security processes and technologies, security vendors need to make an assessment of their overall value and adjust the business accordingly.
- February 10, 2009
The economy is forcing companies to accept more risk, but a new report offers tips to showcase the value of the security team.
- January 27, 2009
Archer's acquisition of Brabeion indicates convergence in the IT GRC market. Compliance and trend to risk management bode well for GRC companies' in wake of economic meltdown.
- January 14, 2009
State will demand software makers certify their software does not contain the coding errors listed in the CWE/SANS Top 25 Dangerous Programming Errors.
- January 12, 2009
A new list of common programming errors could give non-experts the ability to demand higher coding standards.
- December 24, 2008
An NSS Labs test of six business products yield disappointing results.
- December 04, 2008
A Carnegie Mellon University report illustrates the lack of understanding boards of directors have when it comes cybersecurity risks and their impact on overall business.
- November 19, 2008
Old-world risk assessment doesn't cut it in the fast-changing world of technology
- October 28, 2008
PricewaterhouseCoopers' annual Global State of Information Security Survey found mergers, Web 2.0 and other business initiatives driving spending nearly as much as compliance.