Entity

Time filter

Source Type

Security, France

Mansfield-Devine S.,Computer Fraud and Security
Computer Fraud and Security | Year: 2016

Open source software long ago shrugged off its fringe image and is now a core component in a great many solutions. These include commercial software, operating systems and bespoke code. But while much of the open source codebase has accrued a reputation for reliability and flexibility, there have also been some high-profile and highly dangerous vulnerabilities discovered in the code. In this interview, Patrick Carey, director of product marketing at Black Duck Software, explains how open source software can open the door to major threats - but also what you can do to enable the safe and effective use of the code. Open source software long ago shrugged off its fringe image and is now a core component in a great many solutions, including commercial software and operating systems. But while much of the open source codebase has accrued a reputation for reliability and flexibility, there have also been some high-profile and highly dangerous vulnerabilities discovered in the code. In this interview, Patrick Carey of Black Duck Software explains how open source software can open the door to major threats - but also what you can do to enable the safe and effective use of the code. © 2016 Elsevier Ltd.


Mansfield-Devine S.,Computer Fraud and Security
Computer Fraud and Security | Year: 2013

The information security world is awash with certifications and accreditations, created, sold and managed by a confusing array of bodies. Some of these bodies, such as CREST, ISACA, and (ISC)2, have solid reputations and offer highly respected qualifications. But there are also qualifications that require little more than a bit of self-study. In between are courses and certifications that have varying degrees of validity in various domains. How do we make sense of all this? Ian Glover, president of the Council for Registered Ethical Security Testers (CREST), talked to Computer Fraud & Security about a need for real professionalism in the infosecurity world. 1 © 2013 Elsevier Ltd.


Mansfield-Devine S.,Computer Fraud and Security
Computer Fraud and Security | Year: 2015

Malware is still rampant, and most of it depends on victims running outdated software on their systems. If all our computers were fully patched with the latest updates as soon as they appear, it would create a largely sterile environment as far as malware is concerned. So why doesn't this happen? In this interview, we spoke with Gavin Millard, EMEA technical director at Tenable Network Security. © 2015 Elsevier Ltd. All rights reserved.


Mansfield-Devine S.,Computer Fraud and Security
Computer Fraud and Security | Year: 2014

Distributed Denial of Service (DDoS) gained wide public attention thanks to their use by other political uses. The earliest uses of DDoS attacks, often mounted using botnets of infected machines, were for extortion. Particularly in industries such as online gambling, firms would be threatened with disruption of their business, often at an important time such as on the eve of a major sporting event. DDoS attacks range in a variety of dimensions, in terms of the bandwidth, the class of attack, spoofed attacks, targeted botnet attacks, multiple victims, varied frequency and variability to the attacks themselves, and a strong DDoS solution should be able to identify and isolate multiple vectors of an attack. There was a time when some specialists in the DDoS field claimed to have detected a shift from network-layer attacks to applicationlayer attacks.


Mansfield-Devine S.,Computer Fraud and Security
Computer Fraud and Security | Year: 2015

The Internet of Things (IoT) is finally upon us. And one of the areas in which we're seeing it deployed is in so-called 'smart' buildings, where systems such as lighting, heating and physical security are acquiring Internet connections and remote monitoring, reporting and management capabilities. But as Colin Tankard, managing director of Digital Pathways, explains in this interview - security isn't always high on the list when these systems are being designed and implemented. © 2015 Elsevier Ltd.

Discover hidden collaborations