 |
|
|
|
|
Vulnerability Risk Assessment
In this vulnerability and risk assessment resource, get tips and tricks on how to conduct a network vulnerability assessment, vulnerability reporting, scanning, assessment tools and reports.
|
|
 |
|
|
|
|
|
PCI QSA assurance program penalizes assessors
SearchSecurity.com | 05 Mar 2009
ARTICLE - Two firms certified to conduct PCI assessments have been placed into the PCI Council's remediation program for violating the QSA Validation Requirements.
|
|
|
| EXPERT TECHNICAL ADVICE: 1 - 3 of 45 |
|
|
|
|
|
| VULNERABILITY RISK ASSESSMENT EXPERTS |
|
|
|
|
|
|
Michael Cobb, featured expert
Founder and Managing Director, Cobweb Applications Ltd.
ASK A QUESTION |
|
|
|
|
|
|
|
|
Are Web application penetration tests still important?
05 Jun 2009
EXPERT ANSWER - Web application penetration tests continue to be an important part of the secure software development lifecycle process in order to reduce the number and severity of security-related design and coding errors.
|
|
|
| REFERENCE & LEARNING: 1 - 3 of 10 |
|
|
|
|
|
| MAGAZINE CONTENT (free subscription required): 1 - 3 of 18 |
|
|
|
|
|
The Pipe Dream of No More Free Bugs
Information Security Magazine | 07 May 2009
COLUMNS - Security researchers have declared they want vendors to compensate them for their independent search for vulnerabilities.
|
|
|
Product Review: Shavlik's NetChk Compliance
Information Security Magazine | 28 Nov 2008
HOT PICK & PRODUCT REVIEWS - Shavlik's NetChk Compliance automates compliance and provides control by actively managing system and security settings and allows the IT manager to identify and mitigate risks.
|
|
|
Solving the Internal Threat - Vendor Webcast
| PREMIERED: |
17 NOV 2005, 14:00 EST (19:00, GMT) |
| SUMMARY: |
Established information security vendors avoid claims of protecting companies from the internal or insider security threat. In today's high-tech world, organizations need a new approach to internal IT security which enables them to detect when their IT infrastructure, enterprise data, corporate policy and government regulations have been compromised. Discover new security solutions in this webcast. |
|
|
|
Preventing common application-level hack attacks
Published by: Gulf Business Machines (GBM) L.L.C. | 26 Jun 2009
WHITE PAPER - Organizations are more dependent on online software and the risk of malicious attacks is more serious. Such attacks can bring business to a standstill, cost a company millions, and potentially tarnish its brand image. This paper describes 12 of the most common hacker attacks and provides basic rules for creating hack-resistant Web applications.
|
|
|
Achieving Federal Desktop Core Configuration Compliance with Lumension Solutions
Published by: Lumension | 18 Jun 2009
WHITE PAPER - The Federal Desktop Core Configuration (FDCC) is an OMB mandated security configuration set applicable within United States Federal Government agencies. The FDCC v1.2.1.0 can be grouped into several categories, each addressing a different area of security. Read on to learn more about these categories and what they entail.
|
|
|
The Top Five Virtualization Mistakes
Published by: Vyatta Inc. | 17 Jun 2009
WHITE PAPER - This paper describes five mistakes common to many implementations of enterprise virtualization. Most of these mistakes relate to virtualization and networking infrastructure. Ideally, after reading this paper, you'll be sensitized to these issues so that you can plan for them and make your virtualization projects more successful.
|
|
|
gray hat
01 Jun 2001
WORD - Gray hat describes a cracker (or, if you prefer, hacker) who exploits a security weakness in a computer system or product in order to bring the weakness to the attention of the owners. Unlike a black hat, a gray hat acts ...
|
|
|
|
|
|
|
