Blog Posts Tagged with "vendors"

7fef78c47060974e0b8392e305f0daf0

Fear and Loathing in Infosec: A Savage Journey

April 17, 2012 Added by:Infosec Island Admin

The players mime their passion plays to obtain the almighty dollar and make their daily bread. Grimy hands slither over every inch of the client while pouring soothing words, cooing in their ear about how their solutions will cure ills and make them more virile than the next guy...

Comments  (1)

B451da363bb08b9a81ceadbadb5133ef

Pain Comes Immediately – Secure Development Takes Time

April 17, 2012 Added by:Alexander Rothacker

Once a patch to a vulnerability is released, the vendor should give as much guidance as possible to its customer base so that they can make an informed decision on how to mitigate — may it be a workaround, such as disabling some functionality, configuring compensating controls...

Comments  (0)

296634767383f056e82787fcb3b94864

China: Our Incompetent Master Adversary?

April 16, 2012 Added by:Jeffrey Carr

Either China is the greatest and dumbest adversary we've ever had, or the real dummies are those in infosec who can't be bothered to question the obvious when doing incident response, or who choose to cater to the rising tide of Sinophobia in the U.S. in order to boost their sale...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Zeus Trojan Takes Aim at Cloud Payroll Services

April 12, 2012 Added by:Headlines

"Zeus captures a screenshot of a Ceridian payroll services web page when a corporate user whose machine is infected... visits this website. This allows Zeus to steal the user id, password, company number and the icon selected by the user for the image-based authentication system..."

Comments  (0)

E313765e3bec84b2852c1c758f7244b6

Disagreement on Password Vault Software Findings

April 12, 2012 Added by:Brent Huston

Recently, some researchers have been working on comparing password vault software products and have found some issues. However, many of the vendors are quickly moving to remediate the identified issues, many of which were simply improper use of proprietary cryptography schemes...

Comments  (1)

Fc152e73692bc3c934d248f639d9e963

When Will PCI SSC Stop the Mobile Payment Insanity?

April 10, 2012 Added by:PCI Guru

The merchant is left to their own devices to know whether any of these mobile payment processing solutions can be trusted. I am fearful that small merchants, who are the marketing target of these solutions, will be put out of business should the device somehow be compromised...

Comments  (0)

E313765e3bec84b2852c1c758f7244b6

Credit Unions and Small Banks Need Strong Security Relationships

April 05, 2012 Added by:Brent Huston

Smaller organizations need to leverage simple, effective and scalable solutions to achieve success. They simply won’t have the manpower to manage overwhelming alerts, too many log entries or some of the other basic mechanisms of infosec...

Comments  (0)

Ebe141392ea3ebf96ba918c780ea1ebe

On Analyst Geometries

April 04, 2012 Added by:Wendy Nather

Sectors in security are blurring and merging, companies are building out portfolios, and everyone's adding discrete functionality from different categories. Static and dynamic analysis aren't separate revenue streams for some vendors, and it'll just get more muddled...

Comments  (0)

924ce315203c17e05d9e04b59648a942

Cloud Services Strategy: Security First - Growth Second

March 30, 2012 Added by:Richard Stiennon

Cisco, Juniper, Oracle, and Microsoft might have security initiatives and even good sales of security products. But security takes a back seat to functionality too often. Why are there no secure switches? Secure apps for Windows? Or secure databases?

Comments  (0)

4c1c5119b03285e3f64bd83a8f9dfeec

Cloud Security and the Enterprise

March 29, 2012 Added by:Ben Kepes

We need to ensure that legislation and regulations for cloud services truly reflect the realities of the cloudy world we live in and do not allow for a shotgun approach to compliance that primarily meets the needs of just one powerful interest group...

Comments  (0)

B8db824b8b275afb1f4160f03cd3f733

Vendor Research: Look These Gift Horses in the Mouth

March 29, 2012 Added by:Jack Daniel

The problem is that a lot of the data leaves me wanting more. More details on the data we get, just plain “more data”, and more context. I also want more honesty about the shortcomings of the reports and data. Let’s not even talk about some of the bizarre conclusions...

Comments  (0)

4c1c5119b03285e3f64bd83a8f9dfeec

Open, Closed, 1984 and the Evil Empire

March 22, 2012 Added by:Ben Kepes

I’m buoyed by the very existence of open API – technology that forces data interchange to become real. Sure there are ways vendors manipulate what should be open to achieve their aims, but the API is our equivalent of Excalibur – it has the ability to deliver us from evil...

Comments  (0)

68b48711426f3b082ab24e5746a66b36

Application Security: Why is Everybody Always Picking on Me?

March 19, 2012 Added by:Fergal Glynn

The recent explosion in Mobile application development paints a clear picture of the modern development landscape. Not only in terms of the incredible speed of production, but perhaps more importantly, the widening gap between speed-to-market and software security quality...

Comments  (0)

4c1c5119b03285e3f64bd83a8f9dfeec

On Security, Legislation and Cloud Vendors

March 16, 2012 Added by:Ben Kepes

Ever since the MegaUpload case, when innocent customers of an admittedly generally dodgy cloud service lost their data after a global take-down notice, it has concerned me that more mainstream vendors might have an impending issue they need to think about...

Comments  (0)

B8db824b8b275afb1f4160f03cd3f733

A Post BSidesSF and RSA Post

March 15, 2012 Added by:Jack Daniel

The RSA Conference was the RSA Conference. It was better than the past few years as far as content. It is not the place for cutting edge research, and the expo is all about selling security products. It can be disillusioning to see the crass commercial side of our business...

Comments  (1)

9f19bdb2d175ba86949c352b0cb85572

Understanding Cloud Security Part Two

March 14, 2012 Added by:Neira Jones

Organisations need to ask cloud providers to disclose security controls and how they are implemented, and consuming organisations need to know which controls are needed to maintain the security of their information. Lack of thoroughness can lead to detrimental outcomes...

Comments  (0)

Page « < 3 - 4 - 5 - 6 - 7 > »