Blog Posts Tagged with "Guidelines"

A7290c5bd7bc2aaa7ea2b6c957ef639b

NIST Releases Final Definition of Cloud Computing

November 03, 2011 Added by:David Navetta

NIST intends the definition "to serve as a means for broad comparisons of cloud services and deployment strategies, and to provide a baseline for discussion from what is cloud computing to how to best use cloud computing..."

Comments  (0)

Fc152e73692bc3c934d248f639d9e963

This Year’s PCI SSC SIG Proposals

November 02, 2011 Added by:PCI Guru

This SIG is to be created to guide merchants and service providers in what should be the result of a proper risk assessment, not create another risk assessment methodology. While such an Information Supplement is an admirable ideal, you understand why this SIG is a losing proposition...

Comments  (0)

A7290c5bd7bc2aaa7ea2b6c957ef639b

SEC Issues Guidance on Security Incident Disclosure

October 31, 2011 Added by:David Navetta

What the guidance document does stress, however, is process and risk assessment. One read of this guidance is that companies internally are going to have to more carefully forecast and estimate the impact of cyber incidents and the consequences of failing to implement adequate security...

Comments  (0)

1156f97fa8f23821bd838fe7d9283d90

Welcome to the PCI Prioritization Approach

October 27, 2011 Added by:David Sopata

Organizations often start implementing security controls on all of their systems throughout the company without really knowing what systems should be in scope or which systems should not be in scope for PCI. Hence, the PCI DSS Prioritization Document and Tool was developed...

Comments  (0)

B64e021126c832bb29ec9fa988155eaf

BackTrack 5 Wireless Penetration Testing Beginner’s Guide

October 22, 2011 Added by:Dan Dieterle

This includes everything from bypassing authentication & cracking encryption, to advanced techniques like man-in-the-middle attacks and attacking WPA-Enterprise, with discussions Wireless penetration methodology, testing and reporting...

Comments  (3)

3e35900ae6facc6c146a85c435c71d82

The CERT Oracle Secure Coding Standard for Java

October 18, 2011 Added by:Ben Rothke

The CERT Oracle Secure The CERT Oracle Secure Coding Standard for Java is an invaluable guide that provides the reader with the strong coding guidelines and practices in order to reduce coding vulnerabilities that can lead to Java and Oracle exploits...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Federal Cloud Technology Roadmap to be Introduced

October 18, 2011 Added by:Headlines

NIST’s role is to help accelerate the secure and effective adoption of cloud computing. The agency leads efforts to develop standards and guidelines and advance cloud computing technology in collaboration with standards bodies, businesses, and government agencies...

Comments  (0)

A7290c5bd7bc2aaa7ea2b6c957ef639b

Look Around...The FTC is Really Busy

October 17, 2011 Added by:David Navetta

One of the most important elements in this publication is the FTC’s statement that all of the laws applicable to consumer protection offline apply online too. The FTC advised that we should use the same factors we use to determine if a disclosure is conspicuous...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

NIST Guide for Monitoring Information Systems Security

October 17, 2011 Added by:Headlines

Information Security Continuous Monitoring for Information Systems and Organizations provides guidance for information security monitoring in all types of systems – a term that encompasses not only computer networks but also a host of other interconnected devices and software...

Comments  (0)

9259e8d30306ac2ef4c5dd1936e67634

Activation Procedures for Business Continuity Plans

October 10, 2011 Added by:Dejan Kosutic

Having a business continuity plan is nice, but if you don't know when and how to start using it, the money you've invested in it was spent in vain. Even worse, you'll likely lose quite a lot of money because your business operations will be disrupted...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

DHS Releases Cyber Security Evaluation Tool (CSET)

September 27, 2011 Added by:Headlines

The Department of Homeland Security's National Cyber Security Division (NCSD) has released a Software tool set to better enable organizations to examine risks to industrial control systems (ICS) and implement more secure protocols for protecting the nation's critical infrastructure...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Risk Assessment Guide for Federal Information Systems

September 22, 2011 Added by:Headlines

The revised guidance has been expanded to include more information on a variety of risk factors essential to determining information security risk, such as threat sources and events, vulnerabilities and predisposing conditions, impact, and likelihood of threat occurrence...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

NIST Guidelines: Security Content Automation Protocols

September 20, 2011 Added by:Headlines

Bringing order and security to the patchwork quilt of computing environments in a large organization can be a daunting task. NIST recently released four new publications that detail specifications to be used by the latest version of the Security Content Automation Protocol (SCAP)...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

NIST Releases Secure Cloud Computing Guidelines

September 15, 2011 Added by:Headlines

NIST is responsible for accelerating the federal government’s secure adoption of cloud computing by leading efforts to develop standards and guidelines in close consultation and collaboration with standards bodies, the private sector and other stakeholders, including federal agencies...

Comments  (0)

6429389c5e8a4c9555be876f8484331a

Guide: A Vulnerability Management Buyer's Checklist

September 07, 2011 Added by:Sasha Nunke

Without proven, automated technology for precise detection and remediation, no network can withstand the daily onslaught of new vulnerabilities. Qualys provides this free 12-point guide that will help you determine what will work best for your organization...

Comments  (0)

6429389c5e8a4c9555be876f8484331a

Guide: How to Pass an IT Audit

September 01, 2011 Added by:Sasha Nunke

The purpose of this document is to pass along tips we learned that may be useful as you consider adopting QualysGuard PC. This guide covers the steps and procedures to passing an IT GRC audit — as told by an enterprise end-user who deployed QualysGuard Policy Compliance...

Comments  (0)

Page « < 2 - 3 - 4 - 5 - 6 > »