Home Projects Pictures Books About PGP Key

Organizations More Fearful of Auditors Than Hackers

March 18th, 2008 Anthony Towry

An article by RSnake at DarkReading.com opens up discussion on where compliance and regulation is carrying the corporate attitude toward security.

Failing to pass audits significantly impacts the c-level of an organization.  Which in turn affects the value of the organization.  The idea is that in the end, this sort of breakdown in security can be more damaging than getting owned by some hellbent hacker.

I wonder how many organizations are including compliance weights appropriately in their risk management strategies.

Posted in Management, Security | No Comments »

Web Application Firewall Evaluation Criteria

February 10th, 2008 Anthony Towry

The deadline for the PCI Data Security Standard requirement for securing web applications against known attacks is effective June 30, 2008, currently the recommendations are only "best practice". Which leaves just over four months to address your organization's card holder environment web application security needs. Read the rest of this entry »

Posted in Programming, Security | No Comments »

  • Recent Posts

    • New ProCheckUp ValidateRequest Bypass
    • Samurai Web Test Framework 0.1
    • Altering the Mac OS X Login Access Window Text
    • Summary on the State of Nmap
    • Android Security Team Says Hi

  • Archives

    • September 2008
    • August 2008
    • July 2008
    • June 2008
    • May 2008
    • April 2008
    • March 2008
    • February 2008
    • January 2008
    • December 2007
    • November 2007
    • October 2007
    • September 2007
    • August 2007
    • July 2007

  • Categories

    • Art
    • Books
    • Community
    • conferences
    • Hardware
    • Management
    • Operating Systems
    • Podcast
    • Programming
    • Projects
    • Security
    • Site News
    • Software
    • Testing
    • Uncategorized
    • Web development

  • Blogroll

    • Defcon 405
    • ha.ckers.org
    • Halvar Flake
    • OSVDB Blog
    • phed.org
    • Scott Berkun’s Blog

  • Tags

    .Net ASP.NET Beta Books browser buffer overflow C Community Compliance Concept conferences Credit Cards dc405 defcon Development exploit Future fuzzing hacking Linux malware Management Metasploit Microsoft oklahoma Open Source osvdb OS X Patterns PCI Perl Podcast Programming protocols Ruby secure coding Security Silverlight SQL Server Testing tools vulnerabilities vulnerability WordPress xss

Calculated Decision has Joomla! under the hood!

Podcast Powered by podPress (v8.8)