Life and Ruby and Security
In my previous post titled Bolting on Security, I mentioned that port 22 is generally not scrutinized as much as 445 when being allowed through a firewall. Obviously the situation varies from incident to incident, but I wanted to say that port 22 really should be looked at more closely. All is not always roses […]
To build security in your project, you need to make it a consideration from the start. Bolting it on afterward is always a recipe for disaster, and unless you start over with a complete application rewrite you are likely to fail to secure your application in some subtle manner or another. If you are in […]
Risk assessments are one of the main tasks I am faced with day-to-day with my security work. Most of the time it comes in as a request to “approve” some architecture. In my head, this is basically a security risk assessment where I also getting to decide for the business that the benefit of allowing […]
The Application is down! No, wait! Our Unix administrators just checked the server and it is running. They swear by it, and say it is the network team’s equipment dropping packets. The network team checks their systems and swear they are passing the traffic, and it must be an application configuration issue. The application folks, […]
It is the File Transfer Protocol. FTP has been an important part of the Internet for more than 20 years. Businesses depend on it to transfer data from system to system and from business to business. In today’s world of SOX, HIPPA, PCI, and other standards and regulations companies are not only required to get […]
You are currently browsing the archives for the Security category.
