reava.blogspot.com
information security strategy: May 2009
http://reava.blogspot.com/2009_05_01_archive.html
An effective information security strategy makes an organization more valuable to its owners, customers and other stakeholders. Seek facts diligently, advice never." - Philip Carret, "The Art of Speculation," 1924. Friday, May 08, 2009. A FAIR measure of defense in depth. Recently, the owners of a system containing sensitive information where I work began planning an upgrade to the latest available version. In addition to performance improvements and bug fixes, the new release also modified authentic...
5thsentinel.wordpress.com
My Experience using FAIR for Risk | fifth.sentinel
https://5thsentinel.wordpress.com/2011/09/22/my-experience-using-fair-for-risk
Just another WordPress.com weblog. September 22, 2011. My Experience using FAIR for Risk. Recently I decided to make use of the FAIR. Risk model to document how the threats have dramatically changed over the first 6 months of 2011. Besides always liking the concepts of the FAIR model, I thought the risk assessment paper I had to write would benefit with the focus on Threat Populations/Communities rather than using technology as a driver. Podcast. From some of the discussions on Monte Carlo simulation...
owasp.org
Top 10 2010-Main - OWASP
https://www.owasp.org/index.php/Top_10_2010-Main
Injection →. What Are Application Security Risks? Attackers can potentially use many different paths through your application to do harm to your business or organization. Each of these paths represents a risk that may, or may not, be serious enough to warrant attention. 160;Threat Agent . 160;Attack Vector . 160;Weakness Prevalence . 160;Weakness Detectability . 160;Technical Impact . 160;Business Impact . Although previous versions of the OWASP Top 10 focused on identifying the most common vulnerabilit...
deeptrust.blogspot.com
A blog previous known as "Intrusion Detection on the Road": November 2007
http://deeptrust.blogspot.com/2007_11_01_archive.html
A blog previous known as "Intrusion Detection on the Road". I used to write about intrusion detetion and security issues, but from now I will write about what ever computer related I come up with. Friday, November 23, 2007. The most annoying security procedures. According to a Swedish survey. With 1200 participants, these are the three most annoying security procedures that are enforced at companies:. The USB port is blocked: 42%. Not being able to select password: 41%. Links to this post. Then assessing...
studia-analytica.blogspot.com
Studia Analytica: Март 2015
http://studia-analytica.blogspot.com/2015_03_01_archive.html
Събота, 14 март 2015 г. Разпознаване на риска: отново за определенията. В началото е познатото. Разпознаването на риска изисква преди всичко ясно определяне на това какво представлява самият риск. Съдържанието на понятието задължително трябва да бъде изпълнено с рационален смисъл и да не влиза в логически противоречия с цялостното разбиране за риска и свързаните с него понятия. Затова всеки изследовател е изправен пред избор. Откъде да започне? Сякаш лесното е в известното! Вече стана дума, че:. Риск е в...