7 matches found
OpenSCAP Libraries 1.4.4
The openscap project is a set of open source libraries that support the SCAP Security Content Automation Protocol set of standards from NIST. It supports CPE, CCE, CVE, CVSS, OVAL, and XCCDF...
Zero Trust for Data Helps Enterprises Detect, Respond and Recover from Breaches
AUTHOR: Mohit Tiwari, CEO and Co-Founder, Symmetry Systems Compromised credentials and identities, third-party breaches, API attacks, and application exploits are all foundational entry points for today’s hackers. Recent months have brought many high-profile breaches from Samsung and Nvidia to Ok...
Citrix ADC FIPS Compliance/Validation FAQ
General Overview 1. What are Federal Information Processing Standards FIPS? FIPS are standards and guidelines for federal computer systems that are developed by National Institute of Standards and Technology NIST in accordance with the Federal Information Security Management Act FISMA and approve...
Second NSA Crypto Tool Found in RSA BSafe
A team of academics released a study on the maligned Dual EC DRBG algorithm used in RSA Security’s BSafe and other cryptographic libraries that includes new evidence that the National Security Agency used a second cryptographic tool alongside Dual EC DRBG in Bsafe to facilitate spying. Allegation...
Passive Security Community Turned Activist
Security people like to call themselves a community, but until June some might say its greatest community achievement is turning Twitter into its own private and contentious echo chamber. But since the Snowden leaks, there’s been a palpable change and a marked swell in stand-taking. Tweeters have...
NSA Crypto Questions Resemble a 'Hall of Mirrors'
There’s been no shortage of discussion and debate in recent week about the possibility that the NSA has intentionally weakened some cryptographic algorithms and cipher suites in order to give it an advantage in its intelligence-gathering operations. If you subscribe to the worst-case scenario lin...
GAO Warns Of Cyber Insecurity on Smart Grid
The U.S. Government’s watchdog, the Government Accountability Office GAO has warned that the rapid adoption of so-called “smart grid” infrastructure in the U.S. electric industry is going forward without adequate planning for cybersecurity and the combined physical and cyber attacks that are like...