Blog Posts Tagged with "Reporting"

Fc152e73692bc3c934d248f639d9e963

It is Time to Address PCI Compliance Reporting

September 22, 2011 Added by:PCI Guru

The QA process: it all comes down to having used the correct language in responding to the ROC, rather than whether or not you actually assessed the right things. To add insult to injury, the PCI SSC advises QSACs to develop a template for the ROC with all the correct language written and proofed...

Comments  (3)

Ebb72d4bfba370aecb29bc7519c9dac2

Top Ten Criteria for an SIEM

August 15, 2011 Added by:Anton Chuvakin

I spent years whining about how use cases and your requirements should be driving your SIEM purchase. And suddenly Anton shows up with a simple Top 10 list. This list was built with some underlying assumptions which I am not at liberty to disclose. Think large, maybe think SOC, think complex environment...

Comments  (0)

E376ca757c1ebdfbca96615bf71247bb

Computer Incident Response and Product Security

January 31, 2011 Added by:shawn merdinger

Having a team and process in place to handle incoming vulnerability reports from external sources is a sign of vendor maturity. Not having either can quite likely result in a vendor having a "zero day" vulnerability and proof-of-concept exploit published on a public mailing list...

Comments  (0)