Implementing process improvements Another area to focus on for security metrics would be to sort of look around and figure out what’s broken and what needs fixing. A few areas that I’ve broken this down into are the process area and the technology area. And I actually think that in some cases process improvements are […]
Read more →Posted in: News
Leave a Comment (0) →
Getting started with measuring security So, now that we’ve talked about why you would do security metrics in the first place, I’m going to go into a little bit of how you would get started. And this for me was a little bit of struggle. When I started a few years ago I looked for […]
Read more →Posted in: News
Leave a Comment (0) →
Hi, my name is Caroline Wong. And today I’m going to be talking about a beginner’s guide to security metrics. I currently manage the security program at Zynga Inc., and I was formerly the Chief of Staff for the Global Information Security Team at eBay, where I developed eBay’s security metrics program from the ground […]
Read more →Posted in: News
Leave a Comment (0) →
Standards and Compliance Most people who perform software security assurance do it for one of two reasons. First, they might be motivated by desire to manage their risk, this is really an internally facing motivation – our business faces certain risks, we might lose revenue or customers, we need to take security activities to avoid […]
Read more →Posted in: News
Leave a Comment (0) →
Code Review Now my favorite probably – code review, as I said, I got into software security from a code review static analysis standpoint. The origins of what we do in code review today, really, come from formal methods and verification processes. One of the most seminal works in this area was a document called […]
Read more →Posted in: News
Leave a Comment (0) →
Hi, my name is Jacob West. I’m the Director of Security Research at Fortify Software, recently acquired by Hewlett Packard. Today I want to talk about the evolution of software security assurance, some of the origins of the practices that we take for granted today, and where I think some of those practices are going […]
Read more →Posted in: News
Leave a Comment (0) →
Hi! Today we’re going to talk to you about malicious software, also known as malware, and how you can protect your computer from infection. First let’s talk about how you get malware. Malware is often installed on your computer without your knowledge when you visit certain websites. Sometimes these are good sites that have been […]
Read more →Posted in: KnowledgeBase
Leave a Comment (0) →Microsoft news and product information from microsoft.com and product team blogs Security Update on Conficker.D We’ve received a lot of questions from customers about April 1, 2009 and the latest Conficker variant discovered earlier this month, Worm:Win32/Conficker.D (also known as Conficker.C or Downadup.C by some other companies). I wanted to let you know that we’ve […]
Read more →Posted in: News
Leave a Comment (0) →
This Solution Accelerator provides instructions and recommendations to help strengthen the security of computers running the Hyper-V role on Windows Server® 2008. It covers three core topics: hardening Hyper-V, delegating virtual machine management, and protecting virtual machines. This Solution Accelerator consists of a security guide and an overview packaged in a .zip file format. The […]
Read more →Posted in: News
Leave a Comment (0) →
This is the advance notification for the April Monthly Security Bulletin release. On Tuesday 14 April (US time; Wednesday 15th April AU time), MS expect to release the five (5) bulletins rated Critical, two (2) rated Important, and one rated Moderate, affecting Windows, IE, Excel, and ISA Server. Further details are below; no additional information […]
Read more →Posted in: News
Leave a Comment (0) →