SD Elements--A Solution To The Web App Security Conundrum
It’s an interesting approach – instead of using either a pre-configured software security requirement list, or an after-the-fact automated scanning tool, SD Elements works alongside and at the same time as the development process, it’s also a dynamic tool, taking into account new found vulnerabilities and approaches to security. It’s also compatible with existing scanning products so sits nicely in the web app security lifecycle process.
Study Shows Those Responsible for Security Face Mounting Pressures
"When we speak to CIOs, CISOs, IT Managers/Directors, we almost always hear that their Board of Directors has asked them what they are doing to protect the companys valuable information. When the Board asks questions, there is more pressure. However, security has been a board-level issue for some time," Cole explained. Today, the difference is in the type of questions being asked by the board. It used to be a matter of answering the question, 'what are we doing to prevent data loss?"
US seeks information on industry ability to hold bulk phone data
The RFI has been posted to the Federal Business Opportunities site that lists federal government procurement opportunities. The government is looking for information on whether commercially available services can, among other things, provide secure storage and high availability to U.S. telephone metadata records for a sufficient period of time, and ensure that there are no unauthorized queries of the database and no data is provided to the government without proper authorization.
10 Scientific Insights That Could Make You A Better Designe
As designers, we can take advantage of findings from fields like behavioral economics and cognitive psychology, and become more mindful about exactly how we’re influencing people through our designs. Insights from these fields can help us better understand why people behave the way they do, design more effective products and services that positively influence behavior, and make more informed predictions about how our designs will ultimately impact people when we let them loose in the real world.
Intel wants to be the 'operating system' for big data
Fedder declined to share how many customers Intel has for its Hadoop distribution. A lot of the work for it began as a lab project in China. To date, most customers are in China although there are users in Europe and the U.S. as well, he said. Those looking to pinpoint Intel's intentions for Hadoop should know one thing, according to Fedder. "Where we differ from other players is we're not trying to build an end-to-end solution," he said. Instead, Intel wants to be the "operating system" for big data, letting third-party vendors and customers themselves create the application layer on top, he added.
Can You Keep a Secret, App?
That’s where Secret comes in. Like a more established app called Whisper, Secret is free and lets users post an image along with several lines of text. Yet while Whisper posts can be seen, searched for, and commented on by all users, Secret shows you posts from your contacts who are also using the app, and, under certain conditions, secrets from friends of those contacts and beyond. If your contacts tap a heart icon to indicate they love one of your secrets, it’s sent on to their contacts, and continuous “loving” spreads secrets throughout the app’s user group. While this means you will see secrets from beyond your initial group of contacts, you can only comment on secrets posted by your friends and friends of friends.
'The Moon' worm infects Linksys routers
The worm, which has been dubbed TheMoon because it contains the logo of Lunar Industries, a fictitious company from the 2009 movie "The Moon," begins by requesting a /HNAP1/ URL from devices behind the scanned IP addresses. HNAP -- the Home Network Administration Protocol -- was developed by Cisco and allows identification, configuration and management of networking devices. The worm sends the HNAP request in order to identify the router's model and firmware version. If it determines that a device is vulnerable, it sends another request to a particular CGI script that allows the execution of local commands on the device.
The Problems measuring Innovation
There are several difficulties when measuring innovation. The first is in the definition of innovation. After all, innovation is a relatively generic umbrella term that contains a lot of different activities and outcomes. Incremental product innovation is more definable and predictable than disruptive business model innovation, more familiar and probably easier to measure. Given the range of activities, processes, definitions and outcomes, talking about measuring innovation is a bit difficult, especially when the range of outcomes is so broad.
Big Data Analytics: Descriptive Vs. Predictive Vs. Prescriptive
With data in hand, you can begin doing analytics. But where do you begin? And which type of analytics is most appropriate for your big data environment? In a phone interview with InformationWeek, Wu explained how descriptive, predictive, and prescriptive analytics differ, and how they provide value to organizations. "Once you have enough data, you start to see patterns," he said. "You can build a model of how these data work. Once you build a model, you can predict."
No More Technical Debt - Invest in Quality
But if you neglect the Technical Debt of the project, that might backfire at one point: If you need to change code with a lot of Technical Debt, the changes might be prohibitively expensive and therefore not feasible. Developers usually know and fear these kinds of situations - working with code that has a lot of Technical Debt is not just little fun - it is also very risky because bugs might sneak in and estimates might be easily proven wrong. So while software quality might be very important for the success of a software project, the Technical Debt metaphor is just not enough.
Quote for the day:
"Take your life in your own hands, and what happens? A terrible thing: no one to blame." -- Erica Jong
It’s an interesting approach – instead of using either a pre-configured software security requirement list, or an after-the-fact automated scanning tool, SD Elements works alongside and at the same time as the development process, it’s also a dynamic tool, taking into account new found vulnerabilities and approaches to security. It’s also compatible with existing scanning products so sits nicely in the web app security lifecycle process.
Study Shows Those Responsible for Security Face Mounting Pressures
"When we speak to CIOs, CISOs, IT Managers/Directors, we almost always hear that their Board of Directors has asked them what they are doing to protect the companys valuable information. When the Board asks questions, there is more pressure. However, security has been a board-level issue for some time," Cole explained. Today, the difference is in the type of questions being asked by the board. It used to be a matter of answering the question, 'what are we doing to prevent data loss?"
US seeks information on industry ability to hold bulk phone data
The RFI has been posted to the Federal Business Opportunities site that lists federal government procurement opportunities. The government is looking for information on whether commercially available services can, among other things, provide secure storage and high availability to U.S. telephone metadata records for a sufficient period of time, and ensure that there are no unauthorized queries of the database and no data is provided to the government without proper authorization.
10 Scientific Insights That Could Make You A Better Designe
As designers, we can take advantage of findings from fields like behavioral economics and cognitive psychology, and become more mindful about exactly how we’re influencing people through our designs. Insights from these fields can help us better understand why people behave the way they do, design more effective products and services that positively influence behavior, and make more informed predictions about how our designs will ultimately impact people when we let them loose in the real world.
Intel wants to be the 'operating system' for big data
Fedder declined to share how many customers Intel has for its Hadoop distribution. A lot of the work for it began as a lab project in China. To date, most customers are in China although there are users in Europe and the U.S. as well, he said. Those looking to pinpoint Intel's intentions for Hadoop should know one thing, according to Fedder. "Where we differ from other players is we're not trying to build an end-to-end solution," he said. Instead, Intel wants to be the "operating system" for big data, letting third-party vendors and customers themselves create the application layer on top, he added.
Can You Keep a Secret, App?
That’s where Secret comes in. Like a more established app called Whisper, Secret is free and lets users post an image along with several lines of text. Yet while Whisper posts can be seen, searched for, and commented on by all users, Secret shows you posts from your contacts who are also using the app, and, under certain conditions, secrets from friends of those contacts and beyond. If your contacts tap a heart icon to indicate they love one of your secrets, it’s sent on to their contacts, and continuous “loving” spreads secrets throughout the app’s user group. While this means you will see secrets from beyond your initial group of contacts, you can only comment on secrets posted by your friends and friends of friends.
'The Moon' worm infects Linksys routers
The worm, which has been dubbed TheMoon because it contains the logo of Lunar Industries, a fictitious company from the 2009 movie "The Moon," begins by requesting a /HNAP1/ URL from devices behind the scanned IP addresses. HNAP -- the Home Network Administration Protocol -- was developed by Cisco and allows identification, configuration and management of networking devices. The worm sends the HNAP request in order to identify the router's model and firmware version. If it determines that a device is vulnerable, it sends another request to a particular CGI script that allows the execution of local commands on the device.
The Problems measuring Innovation
There are several difficulties when measuring innovation. The first is in the definition of innovation. After all, innovation is a relatively generic umbrella term that contains a lot of different activities and outcomes. Incremental product innovation is more definable and predictable than disruptive business model innovation, more familiar and probably easier to measure. Given the range of activities, processes, definitions and outcomes, talking about measuring innovation is a bit difficult, especially when the range of outcomes is so broad.
Big Data Analytics: Descriptive Vs. Predictive Vs. Prescriptive
With data in hand, you can begin doing analytics. But where do you begin? And which type of analytics is most appropriate for your big data environment? In a phone interview with InformationWeek, Wu explained how descriptive, predictive, and prescriptive analytics differ, and how they provide value to organizations. "Once you have enough data, you start to see patterns," he said. "You can build a model of how these data work. Once you build a model, you can predict."
No More Technical Debt - Invest in Quality
But if you neglect the Technical Debt of the project, that might backfire at one point: If you need to change code with a lot of Technical Debt, the changes might be prohibitively expensive and therefore not feasible. Developers usually know and fear these kinds of situations - working with code that has a lot of Technical Debt is not just little fun - it is also very risky because bugs might sneak in and estimates might be easily proven wrong. So while software quality might be very important for the success of a software project, the Technical Debt metaphor is just not enough.
Quote for the day:
"Take your life in your own hands, and what happens? A terrible thing: no one to blame." -- Erica Jong
No comments:
Post a Comment