October, 2012

article thumbnail

Another Type of Correlation – Vulnerability Correlation

NopSec

The other day I was thinking about the concept of “event correlation” embedded into various SIEM products. Security events can be verified and false positives eliminated via correlation with other information such OS fingerprinting, netflows, vulnerability information, etc. It is the value proposition of SIEM and their added value even though it does not work all the times.

Risk 40
article thumbnail

“CRTC encourages businesses to start preparing for Canada’s anti-spam legislation”

Privacy and Cybersecurity Law

Canada’s Anti-Spam Law (CASL) is expected to enter into force in 2013, together with two sets of regulations that will […].

article thumbnail

What’s the matter with vulnerability management?

NopSec

Every day I get tot talk to a lot of infosec professionals and business people regarding vulnerability management. They tell me that using the various $BRANDS of commercial vulnerability scanners out there and they tell me they are very frustrated. Information overload The average scanner produced a huge amount of “raw” data that they to sort through.