The Evolution of Vulnerability Scanning

This Article has been formatted to be displayed in an HTML shopping client. If you are seeing this message your shopping client does not support HTML. To see the Article follow this link: 8bit This Article has been formatted to be displayed in an HTML shopping client. If you are seeing this message your shopping client does not support HTML. To see the Article follow this link: 8bit The Evolution of Vulnerability Scanning td }} a }} a:link }} a:visited }} a:hover, a:active }}Security Article - Apr 15, 2008Security Reference Guide Hosted by Cyrus Peikariand Seth Fogie Vulnerability scanners have long been a valuable tool for penetration testers and network administrators alike. However, for all their usefulness, the typical scanner is actually highly limited in the amount of value they offer with regard to detecting insecure systems. In this update we are going to take a look at the evolution of vulnerability scanning and highlight a few types of scanners that take the traditional idea of detecting exploitable application to the next level. While security scanners are a great way to stop would be attacks, the ultimate situation would be if all software were secure in the first place. One of the mainstream promoters of this idea is Gary McGraw, who takes a look at the TCO for Building Secure software and analyzes the financial reality of dealing with defective software during the development lifecycle, as well as tricks to get management on your side. Another couple of guys who are attempting to move mountains with regard to how software is viewed from a ROI viewpoint are David Rice and Ben Rothke, the authors of Geekonomics: The Real Cost of Insecure Software. However, instead of an article, these guys have provided several podcasts for your enjoyment on the subject of software security. Their three part series covers market incentives, the "cement" metaphor, and who should be accountable for vulnerable software, as well as several other interesting ideas! As always, be sure to send in your comments and questions! We appreciate your feedback! Visit The Security Reference Guide New Content Articles (See All)FISMA: Compliance vs. SecurityBy Randy NashBlogs (See All)Pay Someone To Take Your Exam For You?!?By Tim security--the new unknownBy John is the computer?By John Traenkenschuh New Books and Safari Books Store (See All)New School of Information Security, TheBy Adam Shostack, Andrew by Addison Wesley 26, 2008Premium Member Price: $29.99 USD CCNP Implementing Secured Converged Wide-Area Networks (ISCW 642-825) Lab Portfolio (Cisco Networking Academy)By David Kotfila, Joshua Moorhouse, Ross by Cisco Press–Mar 24, 2008Premium Member Price: $40.00 USD Safari Books (See All)Ajax by Addison Wesley 6, 2007 Our Featured Book Why is information security so dysfunctional? Are you wasting the money you spend on security? The New School of Information Security shows how to spend it more effectively. How can you make more effective security decisions? This book explains why professionals have taken to studying economics, not cryptography — and why you should, too. And why security breach notices are the best thing to ever happen to information security. It's about time someone asked the biggest, toughest questions about information security. Featured Security Blog: The Price of a Successful Security Plan So, lets say your job is to prevent policy violations at ACME. While you do this, you get bonuses for each person you catch. So, you install a monitoring system to catch people in the act. At first your software catches hundreds of people and the bonuses are HUGE, but then everyone at ACME realizes you mean business and they just STOP violating policies, which means no more bonuses...what do you do? Continue Reading. Free Safari Library Pass Get online access to more than 5,000 books and video from leading technology publishers, including Addison-Wesley, Cisco Press, Exam Cram, IBM Press, Prentice Hall, Que, and Sams Publishing. Learn how to get your Free Safari Library pass. Learn how to get your free Safari Library Pass. Grab Our Security RSS Feeds You can get our Security Reference Guide additions or our Security Articles and Sample Chapters in your RSS Aggregator. Become a Member and Save! Profile yourself with InformIT and you'll receive an additional discount off many titles in the InformIT Store. © Copyright 2008 Pearson Education, Inc. - InformIT division. All rights reserved. 800 East 96th Street Indianapolis, Indiana 46240 Change your shopping address or update your profile . To Purchase from this Article, or from all InformIT Articles, visit our Purchase page and follow the posted instructions. Suggestions, questions, or feedback on the site or the Article.

... Back to listing 5

... Back to article 856 | SITEMAP | Next to article 858 ...

We would like to express our gratitude to all those who are kindly providing this unique content, especially to:

office@a3ides.com
olga@bemobile.md
tirlik@brainchildhunter.com
office@bemobile.md
sharuha@causeni.info
info@webconsulting.md
irina.gorea@bemobile.md
office@milieukontakt.nl
igor.romanyuk@bemobile.com.ua
yuri.sekretar@olympia.net.ua
info@tophost.md
webmoldova@yahoo.com
admin@bemobile.md
webmaster@bemobile.md
emil@a3ides.com
olea@bemobile.md
yuri.sekretar@bemobile.com.ua
contact@a3ides.com
info@a3ides.com
vitaliy.lozovskiy@bemobile.md
drugg83@yahoo.com
flaviu.mateevici@gmail.com
flaviu@dataverity.com
rector@usm.md
gaugash@usm.md
acad.rudic@mail.md
acadrudic@yahoo.com
veaceslav.vasilache@gmail.com
s.bakker@milieukontakt.nl
katea.melnicenco@gmail.com
mkoe.moldova@vox.md
musteata@doctor.com
renat.buga@ase.md
s.molenkamp@milieukontakt.nl
si_problemme@mail.ru
willem.tjebbe.oostenbrink@planet.nl

Most popular links:

Security, software, Article, shopping, security, InformIT, scanners, security., Library, Reference, information, Vulnerability, support, message, formatted, displayed, Purchase, client., However,, detecting, 2008Premium, Featured, Information, Articles, several, bonuses,

Similar listing on: