04/21/2011 |
Security Development Life-Cycle
Whether through SaaS, PaaS or IaaS, the Cloud is probably paying your enterprise a visit. This is both a challenge and an opportunity for Information Security teams. How should Information Security
position its architecture and processes to deal with the Cloud?
In this talk we will explore four concrete patterns that you can use to embrace the challenge of leveraging the Cloud'
05/20/2010 |
Security Development Life-Cycle
Developing secure software, particularly web applications, is a formidable task. Historically developers have been focused on features and speed—not security. Incorporating security into the development lifecycle requires a change in behaviors and skills, and requires a new set of tools.
Organizations such as Fleishman-Hillard show that it is possible to orchestrate changes in
11/30/2009 |
Security Development Life-Cycle
Penetration testing (pen test) is used to provide a security assessment of a computer system, application or network by simulating an attack from a malicious source. This process can find vulnerabilities that attackers can exploit and determine areas of security that an organization needs to correct before the attackers can take advantage. These tests can be run automatically or
09/30/2009 |
Security Development Life-Cycle
The 2009 New England Information Security Forum held on September 30 and October 1 at the Boston Marriott Copley in Boston, Massachusetts, brought together more than 200 practicing information security professionals from 105 organizations. On average, delegates had more than 17 years of information security experience.
Delegates were from a wide variety of industries including
08/03/2009 |
Security Development Life-Cycle
There are various definitions of what consumerization is. The most common explanation is the adoption, use, and proliferation of consumer applications in the enterprise. IANS will take the definition one step further by adding the distinction of employees using their own hardware for work purposes. Applications such as instant messengers, email, and social networking programs are
06/30/2009 |
Security Development Life-Cycle
Whitelisting is the practice of allowing only “known” software applications to operate on a client machine or in a network. The whitelisting philosophy is opposite that of blacklisting by enumerating the number of good entities as opposed to enumerating the number of bad. Its main purpose is to control what software applications a company’s users are running. Specifically, its
06/24/2009 |
Security Development Life-Cycle
The 2009 Lone Star Information Security Forum, held on June 24 and 25 at the Cityplace Conference Center in Dallas, Texas, brought together 150 practicing information security professionals from 88 organizations. On average, delegates had 15 years of information security experience.
Delegates were from a wide variety of industries including healthcare, business services,
05/05/2009 |
Security Development Life-Cycle
The best way to secure web applications is not through reactive measures once an application is in production; it is by building secure applications from the beginning. The most secure applications are built when information security is involved early in the software development lifecycle and at each stage throughout the development process.
05/01/2009 |
Security Development Life-Cycle
On May 6, 2009, in Irving, Texas, IANS held a Partner Symposium titled “Digging into PCI” to understand what organizations are doing to comply with PCI. It was moderated by IANS Faculty Member, Chris Farrow.
All of the participants were from organizations that are subject to PCI and many came from large retailers.
04/28/2009 |
Security Development Life-Cycle
The purpose of this Working Group was for asset owners at bulk electrical systems to share their progress in complying with certain aspects of NERC CIP. NERC refers to mandatory standards of the North American Electric Reliability Council and CIP is Critical Infrastructure Protection. The participants represented some of the largest and most prominent bulk electrical systems in
Next Event
Space is limited, reserve your spot today