Oracle
Roadmap to Enterprise Cloud Computing
Compliance
 Today’s software development is geared more towards building upon previous work and less about reinventing content from scratch. Resourceful software development organizations and developers use a combination of previously created code, commercial software, open source software, and th...May. 4, 2012 10:00 AM EDT Reads: 969 |
 With Cloud Expo 2012 New York (10th Cloud Expo) now just six weeks away, what better time to introduce you in greater detail to the distinguished individuals in our incredible Speaker Faculty for the technical and strategy sessions at the conference...
We have technical and strategy...May. 3, 2012 04:30 AM EDT Reads: 6,138 |
 Advanced malicious content and attacks are starting to threaten conventional network filtering technologies that are not able to keep up with the increased volume and complexity of network traffic. Currently, one in every 14 downloads contains malicious content that may create operatio...Apr. 24, 2012 08:00 AM EDT Reads: 752 |
 When we aren’t fighting crime, taking over the world, or enjoying a good book by the fire, we here on the eEye Research team like to participate in the Any Means Possible (AMP) Penetration Testing engagements with our clients. For us, it’s a great way to interact one-on-one with IT fol...Apr. 5, 2012 10:00 AM EDT Reads: 1,465 |
 Here's a common scenario and one that will become more common with the ever increasing penetration of Tablet Devices in the Enterprise... Your Senior Exec just got their iPad. They love it. They use it everywhere. Literally everywhere! That’s a scary word for anyone involved in securi...Mar. 15, 2012 10:37 AM EDT Reads: 941 |
 In most organizations today, there is sensitive data that is overexposed and vulnerable to misuse or theft, leaving IT in an ongoing race to prevent data loss. Packet sniffers, firewalls, virus scanners, and spam filters are doing a good job securing the borders, but what about insider...Mar. 5, 2012 06:00 AM EST Reads: 982 |
 Social media, including Facebook, Twitter and LinkedIn, is used extensively by many functional areas in companies today to communicate about and promote their efforts, and to interact with their constituencies. For the marketing department, in particular, social media can help build br...Feb. 7, 2012 06:45 AM EST Reads: 1,676 |
 Have to agree that this writer gets it right. At the end of his blog post, he highly recommends everyone take a good look at Google's terms of service.
And, that is more sense than we usually get from people writing about our data service suppliers, such as Apple, Facebook, Google, an...Jan. 29, 2012 10:00 AM EST Reads: 1,111 |
 We saw what typically happens when trying to use static rule-based log correlation to perform real-time incident management... combinatory explosion and lack of scalability. How do you automate non-deterministic attacks in a few discrete steps???
Today, we'll look at more scenarios fo...Dec. 20, 2011 09:00 AM EST Reads: 2,204 |
 You’ve spent months fixing the red items on an internal audit report and just passed a regulatory exam. You’ve performed a network vulnerability assessment and network pen test within the last year and have fixes in place. You’ve tightened up your information security policy and recent...Nov. 24, 2011 03:00 PM EST Reads: 1,948 |
 The goal of the scanning phase is to learn more information about the target environment and discover openings by interacting with that target environment. This article will look at some of the most useful scanning tools freely available today and how to best use them. During this proc...Oct. 12, 2011 01:00 PM EDT Reads: 1,837 |
 Web applications are vulnerable to multitude of security attacks. This exposes the underlying businesses and the consumer data wide open to public view.However for the internet application multiple programming practices need to be followed to prevent such attacks.
This paper details i...Oct. 12, 2011 06:00 AM EDT Reads: 1,568 |
 The recent spike in insider threats, coupled with a rise in compliance considerations, has forced organizations to ensure only authorized users access sensitive application functionality and data. Historically, user entitlements or authorization logic has been embedded inside an applic...Aug. 25, 2011 10:15 AM EDT Reads: 7,100 |
 I will demonstrate how to ARP poison a connection between a Windows 7 and Windows 2008 R2 Server using Cain.
The Microsoft Remote Desktop Protocol (RDP) provides remote display and input capabilities over network connections for Windows-based applications running on a server. RDP is ...Jul. 15, 2011 07:30 AM EDT Reads: 3,710 |
 In the wake of yesterday's FBI seizure of servers, it is interesting to note that one of the industry's most seasoned executives, Abiquo CEO Pete Malcolm, has been anticipating just such an eventuality for a while. In a SYS-CON.tv Power Panel recorded on the eve of Cloud Expo New York,...Jun. 22, 2011 12:00 PM EDT Reads: 3,337 |
 This week let's review why logs are such a popular and powerful tool when performing forensics, and how to insure that investigators are working from a clean stream of data.
Logs used in forensics have several distinct advantages.
First, logs can be used not only to solve the IT crim...Jun. 3, 2011 12:11 PM EDT Reads: 1,552 |
 As enterprises struggle to remain profitable in an ever-changing risk environment, the current economic crisis has elevated the need for effective business risk management. Information security is a key parameter that affects business risk. The academic definition of information securi...Feb. 9, 2011 06:00 AM EST Reads: 3,886 |
 The WikiLeaks security fiasco has shed a lot of light on document security and its inherent irony: namely that the more confidential a document is, the more it’s likely to be shared.
Web Security Journal reached out to the CEO of Brainloop, Peter Weger, to discuss the notion of so-...Feb. 5, 2011 05:15 AM EST Reads: 2,796 |
 You may think IT compliance is nothing more than big government sticking its nose into everyone’s business. Compliance equals Big Brother. OK, so there is some truth in that government compliance regulations are a little over the top, and perhaps there are just too many of them that fu...Jan. 26, 2011 07:00 PM EST Reads: 2,388 |
 Users are the weakest link when it comes to information security. Without intending to, they cost more money in security breaches than outside hackers. This is why all regulations require the demonstration of strong access security. But focusing purely on regulatory compliance proofs a...Jan. 12, 2011 12:15 PM EST Reads: 3,235 |
 The x86 architecture has become the CPU of choice not only for network appliances, but also for embedded communication equipment in wireline and wireless networking. As the need to cater to higher-performance networking while supporting security and virtualization becomes more prevalen...Sep. 24, 2010 11:00 AM EDT Reads: 3,825 |
According to Intel, the reason this makes sense are:
Acquisition enables a combination of security software and hardware from one company to ultimately better protect consumers, corporations and governments as billions of devices - and the server and cloud networks that manage ...Aug. 19, 2010 01:15 PM EDT Reads: 6,137 |
 The draft specification of CloudAudit - an API aimed at providing a common interface and namespace to enable automated the auditing of cloud infrastructures with respect to any number of compliance frameworks - has just been released to the IETF. CloudAudit, according to the draft, pro...Aug. 16, 2010 07:45 AM EDT Reads: 4,140 |
 Cybercrime saw significant growth in 2009. It increased in prevalence and geographic spread. The only thing that didn’t grow was the skill level required to participate. It was easier for non-skilled attackers to conduct sophisticated attacks because of the availability of toolkits. Th...Jun. 7, 2010 11:15 AM EDT Reads: 2,850 |
 Data is the lifeblood of any organization and, in the last decade, increasing emphasis has been placed on protecting that data so organizations can recover the information that they need in the time frame they need it. Replication is now rapidly emerging as a viable form of data protec...Jan. 13, 2010 12:00 PM EST Reads: 5,977 |
 This article discusses Open Source compliance and the challenges faced when establishing a compliance program, provides an overview of best practices, and offers recommendations on how to deal with compliance inquiries. Jan. 10, 2010 02:00 PM EST Reads: 8,056 Replies: 1 |
 The CSA domain structure–even without the benefits of the guidance–at least serves as a concrete reminder of what’s behind the slogan.
Have a close look at the guidance. Read it; think about it; disagree with it; change it–but in the end, make it your own. Then share your experienc...Dec. 25, 2009 12:45 PM EST Reads: 3,154 |
 Modern inter-networked software architecture created for today’s “on-demand” business needs have fundamentally increased the susceptibility of applications and, more important, data to security-related attacks and compromises. The rapidly changing environment: increased data breach/los...Dec. 21, 2009 01:15 PM EST Reads: 7,515 Replies: 1 |
Subscribe to Web Security Journal Email News Alerts
Subscribe via RSS
