Site Sponsor:
Ask the Expert
Have a question for our resident expert? Email your questions to Dan or post a comment to the blog.
Search this site
Entries from Realtime Community | Messaging and Web Security tagged with 'vulnerability assessment'
Real Compliance Requires Technical Expertise
Network World published an interview with an Ex-Bear Stearns CISO on compliance which raises some pressing questions but I think falls short on the right answer....
Posted by Dan Sullivan on July 14, 2008 1:45 PM
IBM Security Pushing a Good Idea with a Terrible Name
Security is broken, or at least that's the word from Stuart McIrvine, director of IBM’s Corporate Security Strategy, and IBM is going to help fix it. Judging from the limited information we have so far, IBM is on the right...
Tags:
application security
database security
IBM
network security
perimeter defenses
risk management
security management
vulnerability assessment
Posted by Dan Sullivan on November 1, 2007 12:42 PM
New Oracle Vulnerabilities Reported
I work with Oracle database every day and the news today is exactly what I never want to hear. From ComputerWorld's Expert finds 'stupid' vulnerabilities in Oracle 11g were have reports of poor programming as well as design flaws. Then...
Posted by Dan Sullivan on September 4, 2007 6:58 PM
Data Breaches, Monitoring and Microsoft Changing Security Vendor's Market
A few stories recently are indicating a shift in the center of gravity in the security market. First, there is Symante CEO's comments on Microsoft's downward pressure on the desktop security market. Then there is Monster.com's recent announcement that they'd...
Tags:
application security
data breach
data loss prevention
database monitoring
Microsoft
Monster.com
security management
Symantec
vulnerability assessment
Posted by Dan Sullivan on August 30, 2007 7:54 AM
Automated Vulnerability Assessment Can Only Go So Far
In response to the attack on hosted Ubuntu servers, I mentioned that automated tools can help system admins keep up with vulnerability monitoring. A new article by David M. Piscitello of Core Competence at SearchNetworking points out the limits of...
Posted by Dan Sullivan on August 17, 2007 8:17 AM
Automatic Application Vulnerability Assessment
Automated vulnerability assessment can complement manual efforts to find and correct vulnerabilities in application code. In this podcast, Matt Moynahan, CEO of Veracode, discusses key issues in vulnerability testing, including: What is the process of automated application vulnerability analysis? What...
Posted by Dan Sullivan on August 14, 2007 7:56 AM
Scanning for SQL Injection Vulnerabilities
Vulnerabilities in Web database applications can provide the means to steal large quantities of proprietary and confidential information. A common class of vulnerabilities is SQL Injection attacks. Detecting the full range of SQL injection vulnerabilities is not trivial but fortunately...
Posted by Dan Sullivan on January 18, 2007 5:52 PM
Evaluating Web Scanning Tools with OWASP Site Generator
Continuing this week's discussion of Open Web Application Security Project projects, I'll disucss the OWASP Site Generator tool. The Site Generator is used to generate dynamic Web sites with known vulnerabilities using XML configuration files. The program can be used...
Posted by Dan Sullivan on January 17, 2007 6:13 PM
Attack on Vulnerability Disclosures Part 2: They Actually Do Some Good, Just Not What is Intended
I have a few more thoughts on yesterday's post about vulnerability disclosures. While I agree with Ranum that the rush to make public every vulnerability under the sun has not necessarily improved software security, it has certainly raised awareness of...
Posted by Dan Sullivan on January 16, 2007 1:51 AM
Securing Web Applications: The Open Web Application Security Project
Management practices are an important part of the security mosaic and a number of such frameworks are justifiably popular, especially ISO-17799 and COBIT. Other useful best practices are less well known than they should be. The Open Web Application Security...
Posted by Dan Sullivan on January 15, 2007 10:20 AM
Scathing Attack on Vulnerability Disclosures
Are vulnerability disclosures really improving security? ‘Vulnerability a day projects’ have made headlines but are we better off? Marcus Ranum says emphatically NO! In a piece published in CSO, he argues: Do you remember the original premise of the disclosure...
Posted by Dan Sullivan on January 15, 2007 3:39 AM
Protecting Messaging with Network Appliances
Network appliances can add to a defense in depth strategy with email filtering, IP reputation filtering, intrusion prevention, vulnerability assessment, as well as other services. This podcasts discussses what role network appliance play in messaging security, discusses some pros and...
Tags:
email filter
intrustion prevention
IP reputation filter
network appliance
security
vulnerability assessment
Posted by Dan Sullivan on November 27, 2006 9:39 PM
Feed Subscription
If you use an RSS reader, you can subscribe to a feed of all future entries tagged 'vulnerability assessment'. [What is this?]
Other Tags
Other tags used on this blog:
- 0 day (1)
- 2-factor authentication (1)
- 2008 Summer Olympics (1)
- access control (3)
- access controls (12)
- account sharing (1)
- Acer Aspire (1)
- ACLU (1)
- Active Management Technology (1)
- ActiveX (1)
- ActiveX vulnerability (1)
- ad blocking (1)
- Ad Words (1)
- adaptive design (1)
- AdBlock Plus (1)
- Adi Shamir (1)
- Adobe (2)
- Adobe Acrobat (1)
- Adobe Flash (1)
- Adobe Reader (1)
- adult content (1)
- adult sites (1)
- advertising (3)
- adware (6)
- AI (1)
- Air Force (2)
- air traffic control (1)
- AJAX (2)
- Ajax (6)
- Ajax security (3)
- Alienware (1)
- Altiris (3)
- Amazon (2)
- Amazon compute services (1)
- Amazon EC2 (1)
- Amazon S3 (4)
- Amazon Web Services (1)
- AMTSO (1)
- Amzaon EC2 (1)
- Amzon S3 (1)
- and Sun (1)
- Android (11)
- anit-malware (1)
- anit-virus (1)
- anonymizer (1)
- anonymizing data (1)
- anonymous browsing (1)
- anonymousizer (1)
- anti-forensic (1)
- anti-forensics (1)
- anti-Islamist (1)
- anti-malware (12)
- Anti-Malware Testing Standards Organization (1)
- anti-pharming (1)
- anti-phishing (14)
- anti-spam (8)
- anti-spyare (1)
- anti-spyware (5)
- anti-virus (53)
- anti-virus filtering (1)
- AOL (2)
- Apache (2)
- Apple (19)
- Apple Safari (1)
- appliance (1)
- applicaiton security (1)
- application backdoor (1)
- application development (4)
- application firewall (1)
- application firewalls (3)
- application security (35)
- Application security (1)
- application server security (1)
- application stack (1)
- application testing (4)
- application vulnerability (1)
- application vulnerability assessment (1)
- Arbor Networks (1)
- Aritficial intelligence (1)
- arrest (3)
- Ask (1)
- Ask.com (1)
- AskEraser (2)
- asset management (2)
- Asus (1)
- Asus Eee (6)
- Asus EEE (2)
- Asus eee (1)
- Asus Eee PC (3)
- AT&T (5)
- attack code (1)
- attackers (1)
- attacks (1)
- auction (2)
- audit (6)
- auditing (12)
- audits (1)
- authenticated email (1)
- authentication (11)
- authorization (5)
- AV (1)
- backup (7)
- backup and recovery (2)
- backups (1)
- badware (1)
- bandwidth (1)
- bank bailout (1)
- Bank fraud (1)
- bank fraud (4)
- Bank of America (1)
- Bank of New York Mellon (1)
- banking (2)
- Barack Obama (6)
- Barak Obama Blackberry smartphone mobile device security policy (1)
- Barracuda (1)
- bayesian filter (1)
- Bayesian filtering (1)
- BBC (1)
- BEA (1)
- BEA Weblogic (1)
- BearShare (1)
- behavior tracking (1)
- behavioral analysis (2)
- Beijing Olympics (1)
- best practices (8)
- BGP (2)
- Bhutto assassination (1)
- Biden (1)
- Bitlocker (1)
- BitLocker (3)
- Black Hat (3)
- Black Hats (1)
- black holes (1)
- blackberry (1)
- Blackberry (3)
- blacklist (2)
- Blacksberry (1)
- Blacksburg (1)
- blended threats (2)
- blocking (1)
- blog (2)
- blogs (1)
- Blue Coat (1)
- Bluethooth (1)
- Bluetooth (1)
- bonet (1)
- Boot and Nuke (1)
- boot n nuke (1)
- Border Gateway Protocol (2)
- border patrol (1)
- Boston Mass Transit Authority (1)
- bot (10)
- botnet (29)
- Botnet (1)
- botnets (22)
- bots (1)
- branding (1)
- brandjacking (1)
- Broadcom (1)
- brokerage accounts (1)
- brokerage firms (1)
- broswer (1)
- broswer security (2)
- browser (8)
- browser cache (1)
- browser extensions (2)
- browser interface (1)
- browser secuity (1)
- browser security (18)
- browser securtiy (1)
- browser sniffing (1)
- browser vulnerability (1)
- Bush (1)
- Bush administration (1)
- business alignment (1)
- business case for security (1)
- business computing (1)
- business continuity (1)
- business intelligence (1)
- cache poisoning (1)
- calendar (1)
- camera phone (1)
- campaign (1)
- campaigns (1)
- CAN Spam (1)
- Canada (1)
- captcha (1)
- CAPTCHA (1)
- career development (1)
- categorizing (1)
- cDc (1)
- cell phone (1)
- cell phones (1)
- cellphone (1)
- censorship (5)
- CERT (2)
- certification (1)
- CertifiedEmail (1)
- CES (1)
- change management (3)
- chaos (1)
- chat room (1)
- CheckPoint (2)
- child pornography (1)
- China (4)
- Chinese military (1)
- Chrome (2)
- CIO (1)
- Cisco (4)
- civil liberties (1)
- Clearwire (1)
- clickfraud (1)
- client security (3)
- Clinton (1)
- cloud computing (22)
- cloud security (4)
- CloudSQL (1)
- clustering (1)
- CMDB (1)
- cms (1)
- COBIT (6)
- code review (3)
- codecs (1)
- Colbert Report (1)
- collaboration (3)
- college (2)
- Comcast (2)
- Comcast net neutrality FCC (1)
- command and control (2)
- Common Cause (1)
- communication (1)
- complex event processing (1)
- complexity (3)
- compliance (33)
- compliance regulation (2)
- composting (1)
- compromised Web sites (2)
- computer crime (1)
- computer crime investigations (1)
- computer security (3)
- Computer Security Institute (1)
- computer survelliance (1)
- ComputerWorld (1)
- computing (1)
- computing services (1)
- Conficker (2)
- confidentiality (2)
- configuration (1)
- configuration management (2)
- consolidated security (1)
- constraint programming (1)
- constraint satisfaction (1)
- Consumer Electronics Show (1)
- content filter (5)
- content filtering (17)
- content filters (1)
- content management (2)
- content management system (3)
- control systems (1)
- copyright (4)
- copyright violation (2)
- copyrighted movies (1)
- copyrighted music (1)
- Core Security Technologies (1)
- Coreflood (1)
- counter-terrorism (1)
- counterfeit (1)
- counterintelligence (1)
- countermeasuer (1)
- countermeasures (2)
- Country Wide (1)
- Cox Communications (1)
- cracking (1)
- crawling (1)
- credit card (4)
- credit card fraud (7)
- credit card security (1)
- credit card theft (4)
- credit fraud (1)
- credit monitoring (3)
- credit reporting (1)
- crime (1)
- crimeware (3)
- critical infrastructure (2)
- critical patch (3)
- critical patch update (3)
- critical patch updates (1)
- cross site request forgery (1)
- cross site scripting (2)
- cross site scripting attacks (1)
- cross-doemain trust (1)
- cross-site scripting (2)
- cryptanalysis (1)
- cryptography (4)
- CSI (1)
- CSO (1)
- CSRF (3)
- CTIA (1)
- Cult of Dead Cow (1)
- customs (1)
- cyber attack (1)
- cyber attacks (1)
- cyber crime (1)
- cyber insurance (1)
- Cyber Monday (2)
- cyber-attack (2)
- cyber-security (1)
- cyberattack (4)
- cyberchat (1)
- cybercime (1)
- cybercrime (52)
- Cybercrime (2)
- cybereconomy (1)
- cybersecurity (14)
- cybersquatters (1)
- cybersquatting (1)
- cyberwar (2)
- cyberwarefare (1)
- cyberwarfare (6)
- cyptography (1)
- czar (1)
- Daily Show with John Stewart (1)
- Dan Kaminsky (1)
- DARPA (1)
- Darwin Awards (2)
- data breach (46)
- data breaches (2)
- data classification (3)
- data discovery (1)
- data inference (1)
- data integration (1)
- data leak (15)
- data leaks (11)
- data loss (19)
- data loss disclosure laws (1)
- data loss pervention (1)
- Data loss prevention (1)
- data loss prevention (88)
- data loss prevention disk wiping (1)
- data loss protection (5)
- data mart (1)
- data mining (2)
- data modeling (1)
- data privacy (1)
- data protection (1)
- data security (1)
- data standards (1)
- data warehouse (1)
- data warehousing (1)
- database (2)
- database administration (1)
- database auditing (2)
- database breach (1)
- database design (1)
- database encryption (2)
- database monitoring (4)
- database security (61)
- database vulnerabilitiy (1)
- database vulnerability (2)
- databasse security (1)
- David Blaine (1)
- DB2 (2)
- DBA (3)
- dban (1)
- ddos (4)
- DDoS (2)
- DDOS (4)
- dealing with evolving malware (1)
- debate (1)
- debit card theft (1)
- decryption (1)
- default passwords (1)
- DefCon (1)
- defense in depth (7)
- Dell (3)
- Democratic Party (1)
- Democratic primary (1)
- Democratic Primary (1)
- demographics (1)
- denial of service (8)
- denial of service attack (5)
- denial of service attacks (1)
- Department of Defense (4)
- Department of Homeland Security (1)
- Department of Justice (1)
- deregulation (1)
- dermatitis (1)
- design flaw (1)
- design flaws (1)
- desktop (3)
- desktop application security (1)
- desktop applications (4)
- desktop replacements (1)
- desktop search (2)
- developerWorks (1)
- development (1)
- development environment (1)
- development methodology (1)
- development tools (1)
- device security (1)
- DHS (4)
- Diebold (1)
- Diffie-Hellman (1)
- Digg (2)
- digital certificates (2)
- digital forensic (1)
- digital forensics (2)
- digital rights management (3)
- digital signatures (5)
- disgruntled employee (3)
- disk drive (1)
- disk encryption (1)
- disk recovery (1)
- disk scanning (1)
- distributed computing (1)
- distributed denial of service (1)
- DKIM (2)
- DLP (8)
- DNS (9)
- dns poisoning (1)
- DNS poisoning (2)
- DNS vulnerability (1)
- Do Not Track (1)
- DOC spam (1)
- document spam (1)
- DOD (1)
- DoJ (1)
- domain (1)
- domain hijacking (1)
- domain integrity (1)
- Domain Keys (1)
- Domain Keys Identified Mail (1)
- domain kiting (1)
- domain name system (1)
- domain registration (1)
- domain squatting (1)
- DomainKeys (2)
- DoS (2)
- DOS (2)
- Doubleclick (1)
- DoubleClick (1)
- drive by download (2)
- drive by downloads (5)
- drive-by downloads (3)
- drive-by malware (1)
- DRM (4)
- drunk texting (1)
- Dutch Shell (1)
- DVD (1)
- dynamic analyis (1)
- e-commerce (1)
- e-discovery (2)
- e-mail (1)
- e-voting (12)
- e-waste (1)
- Earth Day (1)
- Earthlink (1)
- eavesdropping (2)
- eBay (4)
- Ebay (1)
- eclipse (1)
- economic downturn (2)
- economics (1)
- economics of cybercrime (1)
- ediscovery (1)
- EEC (1)
- EEF (1)
- election (1)
- elections (2)
- electronic ballots (1)
- electronic voting (2)
- email (16)
- email abuse (1)
- email archiving (1)
- Email client (1)
- email discovery (1)
- email filter (1)
- email filters (1)
- email monitoring (1)
- email policy (1)
- email security (15)
- email spoofing (1)
- employee monitoring (2)
- encrypted e-mail (1)
- Encryption (1)
- encryption (47)
- encryption keys (1)
- end user education (1)
- end user secuity (1)
- end user security (1)
- end user training (2)
- endpoint encryption (1)
- endpoint security (1)
- energy consumption (1)
- enterprise infrastructure (1)
- EnterpriseDB (1)
- ESet (1)
- espionage (1)
- ETL (1)
- EU (4)
- European Commission (1)
- European Union (4)
- EV certificates (1)
- EV SSL (6)
- EV SSL certificates (1)
- Eve Online (1)
- event correlation (1)
- EverQuest (1)
- evolution (1)
- Exchange (1)
- executive management (2)
- eXo (1)
- expansion pack (1)
- Expedia (1)
- exploit (3)
- Express Scripts (1)
- Extended Validation SSL (1)
- extended validation SSL (1)
- Extended Validation SSL Certificates (2)
- extortion (1)
- F-Secure (1)
- FAA (1)
- Facebook (10)
- Fast Company (1)
- fast flux (1)
- fast-flux (1)
- FBI (1)
- FCC (6)
- FDIC (1)
- Federal Deposit Insurance Corporation (1)
- Federal Rules of Civil Procedures (1)
- federal security (1)
- Federal Trade Commission (1)
- feedback (1)
- FERC (1)
- file encryption (1)
- file sharing (6)
- Final Fantasy (1)
- financial services (2)
- fines (1)
- Finjan (1)
- Firefox (18)
- FIrefox (1)
- Firefox plugin (1)
- FirePhish (1)
- firewall (2)
- firewalls (5)
- fiscal stimulus (1)
- FISMA (1)
- Flash (3)
- flash drive (1)
- flash drives (1)
- foreign relations (1)
- forensic analysis (1)
- forensics (7)
- form grabber (1)
- Fortune 100 (1)
- Fortune 500 (1)
- fraud (33)
- free credit monitoring (1)
- free market (1)
- free WiFi (1)
- FreeBSD (1)
- FTC (1)
- ftp (1)
- full disk encryption (6)
- G Data (1)
- gaming (1)
- gaming assets (1)
- gaming inventory (1)
- GAO (2)
- GDI (1)
- GE (1)
- Geert Wilders (1)
- genetic engineering (1)
- Geogia (1)
- Georgia Tech (1)
- Germany (1)
- globalization (1)
- gmail (1)
- GMail (2)
- Gmail (10)
- Goggle phone (1)
- Goodmail Systems (1)
- Google (61)
- google (1)
- Google ads (1)
- Google Applications (2)
- Google Apps (10)
- Google apps (1)
- Google Apps Engine (1)
- Google Blogger (1)
- Google Books (1)
- Google Calendar (1)
- Google Chrome (2)
- Google desktop (2)
- Google Desktop (1)
- Google Docs (4)
- Google email (1)
- Google Gears (3)
- Google Goggles (2)
- Google Groups (2)
- Google mail (1)
- Google operating system (1)
- Google Pack (1)
- Google Phone (2)
- Google phone (10)
- Google Toolbar (1)
- Goolag (1)
- Governance (1)
- governance (4)
- Gphone (2)
- gPhone (1)
- Grand Prix (1)
- Great Britan (1)
- green bar (2)
- Greenborder (1)
- greenhouse gases (1)
- GroupWise (1)
- hack (3)
- hackers (1)
- hackikng (1)
- hacking (48)
- HAL (1)
- Hannaford (3)
- harassment (1)
- hard drives (1)
- hardware error (1)
- Harvard Business Review (1)
- hash functions (1)
- HD-DVD (2)
- health care records management (1)
- Heartland (1)
- Heather Mills (1)
- HerbalKing (1)
- hijacked (1)
- Hillary Clinton (4)
- HIPAA (1)
- Hitachi (1)
- hoax (1)
- holiday (1)
- homeland security (1)
- Homeland Security (2)
- honeypot (1)
- honeypots (1)
- honypots (1)
- host (1)
- host integrity (2)
- host intrusion prevention (2)
- host intrusion prevetions system (1)
- host security (1)
- hosted malware (1)
- hostile workplace (1)
- hotel security (1)
- housing and urban development (1)
- HP (2)
- HP Info Center (1)
- HPMini-Note PC (1)
- HTML (1)
- HTML Injection (1)
- HTML injection (1)
- HTTP (1)
- HUD (1)
- human factors (2)
- human resources (1)
- Hushmail (1)
- hypervisor (1)
- IBM (11)
- IBM DB2 (1)
- IBM Websphere Portal (1)
- ICANN (1)
- identity management (8)
- Identity theft (1)
- identity theft (45)
- IE (4)
- IE 7 (2)
- IE7 (1)
- IE8 (1)
- IEEE Computer (1)
- iFrame exploit (1)
- illegal downloading (2)
- illegal software (1)
- IM (4)
- image analysis (1)
- image spam (3)
- Imeem (1)
- incident management (2)
- incident response (4)
- Indiana Jones (1)
- industrial espionage (1)
- industry regulation (1)
- information classifictaion (1)
- information leaks (4)
- information security (8)
- information technology (2)
- information theft (1)
- infrastructure (1)
- infrastructure protection (1)
- ING (1)
- ING Direct (1)
- Injection attack (1)
- injection attack (4)
- injection attacks (2)
- insider abuse (10)
- insider attack (4)
- insider threat (3)
- insider trading (1)
- instant messaging (3)
- insurance (1)
- Intel (4)
- Intel Dual Core (1)
- intellectual property (9)
- intellectual property theft (1)
- intelligence (1)
- intelligence agency (1)
- intelligence gathering (1)
- Interent Explorer (1)
- interface design (1)
- Internet (4)
- Internet access (1)
- Internet Explorer (16)
- Internet Explorer 7 (1)
- Internet rumor (1)
- Internet security (1)
- intrusion detection (1)
- intrusion prevention (7)
- intrustion detection (1)
- intrustion prevention (1)
- IP address (1)
- IP reputation filter (1)
- IP spoofing (1)
- iphone (3)
- iPhone (15)
- iPhone 2.0 (1)
- iPod (2)
- IPOWER (1)
- IPS (4)
- IRC (1)
- Irish Potato Famine (1)
- IRS (3)
- ISO 27002 (1)
- ISO-17799 (1)
- ISP (14)
- Isreal (1)
- IT (2)
- IT budget (1)
- IT budgeting (1)
- IT infrastructure (1)
- IT management (2)
- IT security (1)
- IT services (1)
- IT spending (1)
- Italian Job 3 (1)
- Italy (1)
- ITIL (7)
- iTouch (4)
- iTunes (1)
- iTunes update (1)
- IXQuick (1)
- jail break (1)
- Japan (1)
- Java security (1)
- JavaFX (1)
- Javascript (7)
- JavaScript (1)
- JBoss (1)
- Jeremy Clarkson (1)
- John Mcain (1)
- John McCain (4)
- JScript (1)
- JSON (1)
- JSR 168 (1)
- Julius Baer Bank and Trust (1)
- Kaspersky (1)
- key management (2)
- keylogger (6)
- keyloggers (1)
- kiting (1)
- Kmart (1)
- Koobface (1)
- Kraken (1)
- kudzu (1)
- laptop (9)
- laptop security (5)
- laptop theft (5)
- Large Hadron Collider (1)
- least privilege (2)
- least privileges (1)
- legislation (3)
- Lending tree (1)
- Leopard (3)
- LHC (1)
- liability (2)
- Lieberman (2)
- Liferay (1)
- Limewire (2)
- LinkedIn (3)
- LinkedIn porn malware (1)
- Linux (14)
- Linux desktop (2)
- lock down (1)
- lock picking (1)
- locksmith (1)
- log analysis (2)
- log monitoring (1)
- lost laptop; stolen laptop; data loss protection; data leak; identity theft; Best Buy (1)
- Lotus Notes (1)
- Lotus Symphony (2)
- Mac (3)
- Mac OS (7)
- Mac OS X (11)
- mail delivery (1)
- malicious domains (1)
- malicious Web site (1)
- malicious Web sites (2)
- malware (138)
- Malware (3)
- malware detection (1)
- malware Trojans worms viruses defense in depth anti-virus anti-malware Mac OS X iPhone iTouch (1)
- man in the middle attack (3)
- man-in-the-middle attack (1)
- managed devices (1)
- managed security services (1)
- managing security budgets (1)
- market (1)
- mashup (1)
- mashups (1)
- Massachusetts (1)
- massacre (1)
- Mastercard (1)
- McAfee (15)
- McAfee Site Advisor (2)
- McAFee SiteAdvisor (1)
- McAfee SiteAdvisor (1)
- Mcain Palin (1)
- McCain (4)
- MD5 (1)
- Media Defender (1)
- MediaDefender (1)
- medical malpractice (1)
- merger (1)
- message digests (1)
- messaging (1)
- metadata (1)
- Metasploit (2)
- metrics (1)
- MI5 (2)
- MI6 (1)
- Micheal Jackson (1)
- Microsoft (61)
- Microsoft Access (1)
- Microsoft Data Engine 1.0 (1)
- Microsoft Exchange (1)
- Microsoft Host Integration Server (2)
- Microsoft Live (1)
- Microsoft Mobile (1)
- Microsoft Office (6)
- Microsoft Project (1)
- Microsoft security (2)
- Microsoft SQL Server 2000 Desktop Engine (1)
- Microsoft SQL Server 2005 Express Edition (1)
- Microsoft Sync Framework (1)
- Microsoft Threat Analysis and Modeling (1)
- Microsoft Threat Analysis and Modeling Tool (1)
- Microsoft Vista (1)
- Microsoft Windows (1)
- Microsoft Windows 2000 (1)
- Microsoft Word (1)
- Microsoft XP (1)
- midsized business (1)
- MiiVi.com (2)
- military network (1)
- mini notebook (1)
- mini-laptop (1)
- mismanagement (1)
- missle defense (1)
- MIT (1)
- MITM (1)
- Mitt Romney (1)
- MMS (1)
- mob (1)
- mobile (1)
- Mobile Armor (1)
- mobile banking (1)
- mobile computing (2)
- mobile device (1)
- mobile device security (6)
- mobile devices (6)
- mobile devices malware iPhone Blackberry Google Phone (1)
- mobile malware (1)
- mobile messaging services (1)
- mobile operating system (1)
- mobile phone (2)
- mobile phones (1)
- mobile security (4)
- mobile storage devices (1)
- money laundering (1)
- monitor (1)
- monitoring (9)
- Monster.com (1)
- Morris worm (1)
- mortgage lending (1)
- Motion Picture Association of America (2)
- Moziall Firefox (1)
- Mozilla (10)
- Mozilla Fireforx (1)
- Mozilla Firefox (2)
- MPAA (4)
- MPack (1)
- MS Exchange (1)
- MS Jet (1)
- MS SQL Server (1)
- MTV (1)
- multimedia messaging (1)
- multiplayer games (1)
- municipal WiFi (1)
- music download (1)
- music industry (1)
- music piracy (1)
- MySpace (4)
- MySQL (5)
- MySQL security (1)
- myth (1)
- NAC (1)
- NASA (1)
- national defense (1)
- national security (2)
- natural language processing (1)
- NeoSploit (1)
- Nessus (1)
- Net Neutrality (1)
- net neutrality (1)
- Netflix (1)
- network (1)
- network abuse (1)
- network access control (1)
- network access controls (1)
- network appliance (2)
- network engineering (1)
- network intrusion prevention (1)
- network monitoring (1)
- network protocols (1)
- network scanner (1)
- network security (64)
- network vulnerabilities (1)
- network vulnerability scanning (1)
- network worms (1)
- Nicholas Carr (1)
- nickle (1)
- Nigerian scam (1)
- NIST (1)
- NLP (1)
- Nmap (1)
- Novell (2)
- NPR (2)
- NSA (2)
- nuclear secrets (1)
- NV Labs (1)
- oauth (1)
- Obama (8)
- Obama administration (1)
- obfuscation (1)
- Office (1)
- office suite (1)
- Ohio (3)
- olap (1)
- OLAP (1)
- one time passwords (1)
- online (1)
- online activity tracking (1)
- online ads (1)
- online advertising (2)
- online applications (2)
- online banking (16)
- online desktop (1)
- online fraud (1)
- online gaming (6)
- online identity (1)
- online pornography (1)
- online security (1)
- online storage (1)
- online theft (2)
- open access (2)
- open source (3)
- Open Source Security Testing Methodologies Manual (1)
- OpenBSD (1)
- OpenDNS (5)
- OpenFlow (1)
- OpenID (5)
- OpenLaszlo (1)
- OpenOffice (3)
- OpenSocial (1)
- OpenSSH (1)
- OpenSSL (2)
- OpenSSL vulnerability (1)
- Opera (3)
- operatin g system (1)
- operating system (4)
- operating system development (1)
- operating system hardening (1)
- operating system market (1)
- operating system restore (1)
- operating system security (3)
- operating systems (1)
- Oracle (28)
- Oracle Data Vault (1)
- organizational management (1)
- OSSTMM (1)
- OTP (1)
- Outlokk (1)
- Outlook (1)
- outsourcing (1)
- OWASP (2)
- p2p (1)
- P2P (10)
- P2P networks (1)
- Pakistan (1)
- Palin (3)
- Palm (1)
- Palm Centrino (1)
- Palm OS (5)
- paper ballots (1)
- paper trail (2)
- parallel processing (1)
- Paralles (1)
- parental controls (1)
- passsword stealing (1)
- password (5)
- password crackers (1)
- password cracking (3)
- Password Hasher Firefox Extension (1)
- password management (1)
- password manager (1)
- password policy (1)
- Password Safe (1)
- password stealing (1)
- passwords (11)
- patch (13)
- patch management (19)
- Patch Tuesday (3)
- patching (23)
- patent (3)
- Payment Card Industry (1)
- Payment Card Industry Data Standards (1)
- PayPal (5)
- PC (1)
- PC security (4)
- PCI (5)
- PCI Data Security Standard (1)
- PCI Data Standards (1)
- PCI DSS (3)
- PDA (2)
- PDA security (1)
- PDF spam (2)
- peer-to-peer (1)
- Peer-to-Peer (1)
- penatration testing (1)
- penetration testing (3)
- Pennsylvannia primary (1)
- Pentagon (7)
- perimeter defenses (3)
- personal devices (1)
- personal financial services (1)
- personally identifiable information theft (1)
- Pew Internet & American Life (1)
- Pew Research (1)
- Pfizer (2)
- Phalanx (1)
- Phantom (1)
- pharming (4)
- phishing (80)
- Phishing (3)
- phisihing (1)
- PHP (3)
- PHP security (1)
- physical security (3)
- PII (1)
- piracy (4)
- PKI (1)
- planning and organizing (1)
- Playstation 3 (1)
- plug-ins (2)
- point of sale (1)
- Pointsec (1)
- policies (1)
- policies and procedures (1)
- policy (2)
- policy enforcement (3)
- Policy enforcement (1)
- policy frameworks (1)
- policy management (4)
- politics (1)
- polymorphic virus (1)
- pop-ups (2)
- porn (6)
- pornography (4)
- portal security (2)
- Portals (1)
- POS (1)
- Poste Italiane (1)
- Postini (2)
- potentially unwanted program (1)
- potentially unwanted programs (2)
- power grid (1)
- power saving (1)
- PowerPoint (1)
- Premier Election Solutions (1)
- Presidential campaign (1)
- presidential campaign (3)
- presidential candidates (3)
- presidential election (4)
- Presidential elections (1)
- primary election (1)
- privacy (40)
- Privacy (1)
- privacy directive (1)
- privacy directives (1)
- privacy legislation (1)
- privacy protection (1)
- PrivacyFinder.org (1)
- private investigation (1)
- privilege elevation (1)
- product evaluation (1)
- product selection (1)
- productivity (1)
- programming errors (1)
- project management (1)
- property rights (1)
- prosecution (1)
- public key cryptopgraphy (1)
- public policy (1)
- pump and dump (2)
- PUP (2)
- put options (1)
- Qualcomm (1)
- quality control (1)
- query interface (1)
- Radware (1)
- random js toolkit (1)
- randomness (1)
- ransomware (2)
- rash (1)
- RBN (1)
- Reader (1)
- recession (1)
- Reconnex (1)
- recording industry (2)
- recovery (3)
- regulation (4)
- regulation. Obama (1)
- regulations (1)
- Reh Hat (1)
- relational database (1)
- relational databases (1)
- remote access (4)
- remote access security (1)
- remote code execution (2)
- remote exploit (1)
- remote management (1)
- reporting (1)
- reputation (1)
- reputation management (1)
- requirements analysis (1)
- requirements management (1)
- resiliency (1)
- resiliency engineering (1)
- retail (1)
- retailer (1)
- reveneues (1)
- revolt (1)
- reward (1)
- RFID (4)
- Rhapsody (1)
- RIA (2)
- RIAA (6)
- rich internet application (1)
- rich internet applications (1)
- rich Web applications (1)
- Richard Clarke (1)
- Richard Stallman (1)
- risk (2)
- risk analysis (5)
- risk assessment (3)
- risk management (20)
- risk mitigation (3)
- Robert Alan Soloway (1)
- Rolls Royce (1)
- Ron Paul (2)
- root access (1)
- root kits (3)
- rooted (1)
- rootkit (1)
- rootkits (6)
- rotation of duties (3)
- rotation of dutities (1)
- RSA (4)
- RSA 2009 (1)
- Ruby (3)
- Ruby on Rails (3)
- Rudder (1)
- Russia (1)
- Russian Business Network (1)
- SaaS (3)
- Safari (6)
- SafeBoot (1)
- Salesforce.com (2)
- sampling (1)
- San Francisco (2)
- sand box (1)
- sandbox (1)
- SANS (1)
- SANS What Works (1)
- Sarah Palin (1)
- satellite (1)
- Scalia (1)
- scam (1)
- scareware (1)
- Scientific American (1)
- screen grabber (2)
- screen logger (1)
- script (1)
- script kiddie (2)
- scripting (1)
- search (2)
- search and siezure (1)
- search engine (1)
- search engines (1)
- Sears (1)
- Second Life (4)
- Secunia (1)
- Secure Computing (1)
- Secure mashups (1)
- secure programming practices (1)
- secure voting (1)
- SecureWorks (1)
- security (34)
- security appliance (1)
- security as a service (3)
- security audit (1)
- security awareness (11)
- security awareness training (2)
- security baseline (1)
- security best practices (3)
- security breach (1)
- security budget (2)
- security budgeting (1)
- security by obscurity (1)
- security domains (1)
- Security Exchange Commission (1)
- security hardware (1)
- security industry (1)
- security informaiton management (2)
- security information management (1)
- security investment (1)
- security management (114)
- security managment (2)
- security market (2)
- Security market (1)
- security methodologies (1)
- security metrics (1)
- security monitoring (1)
- security policies (9)
- security policy (14)
- security practices (2)
- security professionals (1)
- security reporting (1)
- Security research (1)
- security ROI (1)
- security testing (3)
- security threats (3)
- security training (7)
- security update (1)
- security vendors (5)
- security vulnerability (1)
- semi-managed devices (1)
- Sender Policy Framework (2)
- SenderID (1)
- sendmail (2)
- Sentrigo (1)
- separation of duties (2)
- server hardening (1)
- server management (1)
- server security (6)
- server vulnerability (1)
- servers (2)
- service management (1)
- service oriented architecture (1)
- sex scandal (1)
- shredding (1)
- signature base detection (1)
- signature-based analysis (1)
- Silverlight (2)
- SIM (1)
- simulation (1)
- single sign on (1)
- SIP (1)
- SitAdvisor (1)
- SiteAdvisor (1)
- skills (1)
- Skydrive (1)
- Skype (5)
- small and midsized business (1)
- small and midsized businesses (1)
- small business (1)
- small businesses (1)
- small mid-sized businesses (1)
- small midsized business (3)
- smartphone (10)
- smartphones (19)
- Smash (2)
- SMB (8)
- smb (1)
- SMM (1)
- SMS (3)
- Snort (1)
- SOA (1)
- sobriety tests (1)
- social engineering (26)
- social enterprise (1)
- social networking (8)
- society (1)
- sociological drivers (1)
- Société Générale (1)
- software as a servcies (1)
- software as a service (4)
- software as a services (1)
- software asset management (1)
- software design (1)
- software development (6)
- software development methodologies (3)
- software development methodology (1)
- software engineering (1)
- software life cycle (1)
- software life cycle management (1)
- software policy (1)
- software reliability (1)
- software security (1)
- Sony (1)
- Sophos (1)
- Souter (1)
- SouthPark (1)
- Spam (1)
- spam (60)
- spam filter (1)
- spam filtering (1)
- spam stimulus package porn adult film industry bankikng auto industry IRS (1)
- Spamassasin (1)
- Spamassassin (1)
- Spamhaus (2)
- spammers (2)
- spear phishing (1)
- SPF (2)
- spoofing (1)
- Sprint (1)
- spybot (1)
- spyware (19)
- spyware SpyBot Ad-Aware Mcafee Site Safe OpenDNS (1)
- SQL Injection (8)
- SQL injection (5)
- SQL injection attacks (1)
- sql injection scanner (1)
- SQL Server (5)
- SQL Server 2000 (1)
- SQL Server 2005 (1)
- SQL Server 7.0 (1)
- SQL Slammer (1)
- SQLNinja (1)
- SSH (1)
- SSL (5)
- stability issue (1)
- Star Office (1)
- state sponsored cybercrime (1)
- State Street (1)
- static analysis (2)
- statistical analysis (1)
- statistics (2)
- stealth update (1)
- Stephen Colbert (1)
- stimulus plan (1)
- stolen laptop (2)
- StopBadware (1)
- storage services (1)
- Storm (5)
- Storm bot (1)
- Storm worm (3)
- Sun (4)
- Sun Java System Portal (1)
- Sunbelt (1)
- Super Tuesday (1)
- supercomputing (1)
- superhackers (1)
- Supreme Court (1)
- SURBL (1)
- surveillance (7)
- survey (3)
- SUSE (1)
- Sylvania G Netbook (1)
- Symantec (12)
- Symbain (1)
- Symbian (4)
- Symbion (1)
- system administration (1)
- system resiliency (1)
- systems administration (1)
- systems complexity (1)
- systems reliability (1)
- T-Mobile (2)
- targeted attacks (1)
- taxes (1)
- TCP (6)
- technology (1)
- technology policy (1)
- telecommunications industry (2)
- telephony (1)
- telephony security (1)
- testing (4)
- testing methodology (1)
- testing standards (1)
- text messaging (1)
- text mining (1)
- The Economist (1)
- theft (1)
- Thinkfree (1)
- ThinkFree (1)
- threat analysis (2)
- threat assessment (1)
- threat management (1)
- threat modeling (1)
- threat modelying (1)
- threatening messages (1)
- threats (3)
- Thunderbird (1)
- Tiger (2)
- Time Warner Cable (1)
- timing attack (2)
- TJX (9)
- Tor (1)
- Torpig (1)
- TorrentFreak (1)
- tracking (1)
- training (3)
- transportation (1)
- Trend Micro (2)
- Treo (1)
- Tripwire (1)
- Trojan (17)
- trojan (1)
- Trojan horse (7)
- Trojan horses (3)
- Trojan Horses (1)
- Trojans (9)
- trust model (1)
- trustec computing paltform (1)
- trusted computing (3)
- Trusted Computing Platform (1)
- trusted computing platform (2)
- trusted path (1)
- trusted Web sites (1)
- Turing Test (1)
- Twitter (2)
- twitter (1)
- typosquatting (1)
- UAC (2)
- Ubuntu (6)
- UK (2)
- Ukraine (1)
- ultraportable (1)
- underground economy (1)
- unified communications (1)
- unified threat management (6)
- Unisys (1)
- university (1)
- unlock (2)
- unmanaged devices (2)
- unwanted content (1)
- update (1)
- URIBL (1)
- url blocking (1)
- URL filtering (1)
- URL redirect (1)
- US-Cert (1)
- usability (2)
- USB (1)
- USB flash drive (1)
- user authentication (1)
- user awareness (3)
- user training (2)
- utility computing (1)
- UTM (3)
- VA (2)
- Valentines Day spam (1)
- vandalism (1)
- VBScript (1)
- Verified Voting (1)
- Veritas (1)
- Verizon (4)
- Verizon Wireless (2)
- VerizonWireless (2)
- version control (1)
- Viacom (2)
- video (2)
- video conferencing (1)
- Virginia Tech (2)
- virtual criminology (1)
- virtual currency (1)
- virtual goods (1)
- virtual machine (1)
- virtual private database (2)
- virtual server (2)
- virtual server security (1)
- virtual servers (1)
- virtual theft (1)
- virtual world (1)
- virtual worlds (1)
- virtualizaiton (1)
- virtualization (13)
- virtualization security (1)
- virtualization sprawl (1)
- Virus (1)
- virus (18)
- viruses (4)
- virutalization (1)
- Visa (1)
- vishing (2)
- Vista (26)
- vitrualization (1)
- Viver (1)
- VMWare (4)
- VoIP (7)
- VoIP security (3)
- voter fraud (1)
- voter registration (1)
- voting (2)
- voting fraud (2)
- voting machines (3)
- voting security (1)
- VPD (2)
- VPN (2)
- vpn (1)
- vPro (2)
- VT (1)
- vulnerabilities (34)
- vulnerability (35)
- vulnerability assessment (12)
- vulnerability management (5)
- vulnerability scanner (1)
- vulnerability scanning (16)
- vulnerability testing (1)
- vunlernability scanning (1)
- W-Fi (1)
- Wabisabilabi (1)
- Wall St meltdown (1)
- war (1)
- warrantless wiretapping (1)
- weak encryption keys (1)
- weak keys (1)
- Web (1)
- Web 2.0 (15)
- Web 2.0 security (1)
- Web 2.0. (1)
- Web application (2)
- Web application security (19)
- web application security (4)
- Web browser (1)
- Web crawler (1)
- Web email (1)
- Web filtering (1)
- Web hacking (1)
- Web hosting (1)
- Web meeting (1)
- Web rediret (1)
- Web security (10)
- web security (1)
- Web server security (2)
- Web services (1)
- Web site (1)
- Web site attack (1)
- Web site defacement (1)
- Web site integrity (1)
- Web site security (8)
- Web sites (1)
- Web spoofing (1)
- Web surfing (1)
- WebLogic (1)
- WebOS (1)
- Website security (1)
- Website vulnerability (1)
- WEP (2)
- whistle blowing (1)
- white lists (1)
- whitespace (1)
- WhyFirefoxIsBlocked (1)
- whyfirefoxisblocked (1)
- wi-fi (1)
- Wi-Fi (1)
- WiFi (2)
- WiFi communications industry auto industry (1)
- WiFi security (3)
- wiki (1)
- WikiLeaks (1)
- Wikileaks (1)
- wikis (1)
- WiMax (2)
- Windows (16)
- Windows 7 (1)
- Windows administration (1)
- Windows Internal Database (1)
- Windows Live (1)
- Windows Mobile (3)
- Windows registry (1)
- Windows security (8)
- Windows Server 2003 (1)
- Windows Server Service (1)
- Windows Update (1)
- Windows Vista (6)
- Windows XP (3)
- Wired (1)
- wireless (5)
- wireless auction (1)
- wireless encryption (1)
- wireless network (1)
- wireless security (3)
- wiretapping (2)
- Wordpress (1)
- workflow (1)
- World Bank (1)
- World of Warcraft (3)
- worm (4)
- wormm SIS (1)
- worms (13)
- WoW (1)
- WPA (1)
- XACML (1)
- XDrive (1)
- Xen (1)
- XP (2)
- XSRF (2)
- XSS (5)
- Yahoo (6)
- Yahoo widgets (1)
- YouTube (7)
- Yugma (2)
- ZanghSearch (1)
- zero day (1)
- zero day vulnerability (2)
- zero-day attack (1)
- zero-day theats (3)
- zero-day vulnerability (1)
- Zimbra (1)
- Zoho (12)
- Zoho Meeting (1)
- zombie (1)
- zombies (2)
- Zonbu (2)