auditing
Qualys FreeScan service expanded with vulnerability scanning and configuration auditing
At RSA Conference 2013, Qualys has expanded its popular FreeScan service to support scanning internal and external systems and web applications and also added new security and …
IS Decisions releases FileAudit 4
IS Decisions released FileAudit 4, its file audit, archiving and reporting tool. It is the only file auditing solution Microsoft-certified for compliance with Windows 8 and …
Log audit reveals developer outsourced his job to China
Log analysis can reveal a lot of security mistakes and fails, but a lot of security sins, too. Take for example the incident recently shared by Verizon’s Risk Team: …
Improve your firewall auditing
As a penetration tester you have to be an expert in multiple technologies. Typically you are auditing systems installed and maintained by experienced people, often protective …
Top 10 risks found by your auditor
KirkpatrickPrice offers a list of the most common risks they find. 1. No formal policies and procedures Formal guidelines of policies and procedures help provide your …
Security posture management from FireMon
FireMon announced Security Manager 6.0, a security policy and posture management solution that integrates risk analysis with configuration management, enforcement and auditing …
Nmap 6 released
Nmap is a free and open source utility for network exploration or security auditing. Nmap uses raw IP packets in novel ways to determine what hosts are available on the …
World renowned experts to examine SSL governance
Just two months from its inauguration date at the RSA Conference in San Francisco on February 29, the Trustworthy Internet Movement (TIM) announced today that it has chosen …
Nessus 5.0.1 vulnerability scanner released
Tenable release of Nessus 5.0.1, a vulnerability and configuration assessment solution for enterprises and security professionals. This release improves the stability on all …
Information auditing training at SANS Secure Europe 2012
SANS Secure Europe 2012, one of the region’s largest infosec training events will be offering a new course this year to help business and technical staff learn the …
A new security strategy for Sony
2011 was a tough year for Sony. Having been attacked over 20 times by hacktivists going after its websites, the PlayStation Network, its customers’ and company …
Cloud-based fuzzing for zero-day vulnerability discovery
Codenomicon released the Fuzz-o-Matic cloud-based software security Testing-as-a-Service (TaaS) platform for enterprise software and applications running on Windows, Linux, …