Blog Posts Tagged with "Reporting"


It is Time to Address PCI Compliance Reporting

September 22, 2011 Added by:PCI Guru

The QA process: it all comes down to having used the correct language in responding to the ROC, rather than whether or not you actually assessed the right things. To add insult to injury, the PCI SSC advises QSACs to develop a template for the ROC with all the correct language written and proofed...

Comments  (3)


Top Ten Criteria for an SIEM

August 15, 2011 Added by:Anton Chuvakin

I spent years whining about how use cases and your requirements should be driving your SIEM purchase. And suddenly Anton shows up with a simple Top 10 list. This list was built with some underlying assumptions which I am not at liberty to disclose. Think large, maybe think SOC, think complex environment...

Comments  (0)


Computer Incident Response and Product Security

January 31, 2011 Added by:shawn merdinger

Having a team and process in place to handle incoming vulnerability reports from external sources is a sign of vendor maturity. Not having either can quite likely result in a vendor having a "zero day" vulnerability and proof-of-concept exploit published on a public mailing list...

Comments  (0)