
	Where results make sense

Topic: Security Analysis

In the News (Thu 16 Feb 12)

EXECUTIVE POWER

Iran

ANALYSIS

Pakistan

Family compact

	CERT® Coordination Center Reports
		Security is strong when the means of authentication cannot later be refuted - the user cannot later deny that he or she performed the activity.
		Secure configuration guidelines for this service stress the need to ensure that the password file, archive tree, and ancillary software are separate from the rest of the operating system, and that the operating system cannot be reached from this staging area.
		To have a secure foundation for the critical Internet applications of the future, severe weaknesses must be addressed: lack of encryption to preserve privacy, lack of cryptographic authentication to identify the source of information, and lack of cryptographic checksums to preserve the integrity of data (and the integrity of the packet routing information itself).
	www.cert.org /encyc_article/tocencyc.html (9542 words)

	Book : Security Analysis: The Classic 1940 Edition (Site not responding. Last check: 2007-10-20)
		The first edition of Security Analysis, published in 1934, forever changed the theory and practice of successful investing.
		Security Analysis, Second Edition, published in 1940, is considered by many (including legendary Graham student Warren Buffett) to be vastly superior to the first.
		Overall, Security Analysis is a mixture of art and scienece that lays a timeless foundation for financial analysis.
	www.investitor.net /books/graham/security-analysis-1940.html (591 words)

	Investment Risks (Site not responding. Last check: 2007-10-20)
		Timing risk is the risk of buying the right security at the wrong time.
		Management risk is the risk that a company's management may run the company so poorly that it is unable to grow in value or pay dividends to its shareholders.
		This greatly affects the value of its stock and the attractiveness of all the securities it issues to investors.
	www.ameritrade.com /education/html/encyclopedia/tutorial2 (780 words)

	Network Security Analysis Results (Site not responding. Last check: 2007-10-20)
		Network Security Analysis and Summary in Taiwan Network Security Analysis and Summary in Taiwan With the increasing reliance on the Internet and computers, threats also increase.
		The SANS Institute, offering computer security training for system administrators, computer security professionals, and network administrators, is a cooperative research and education organization that has many consensus projects to return...
		Analysis of Local Area Network Security" and "Priorities for LAN Security: A Case Study of...
	www.security-assessment.org /directory/network-security-analysis.html (430 words)

	Security analysis of VTun
		secure enough instead." In my opinion, it is a rather dangerous statement as the definition of the 'enough' entirely depends on the user and not on the designer or implementor.
		The security has been analyzed from the source as the distribution doesn't contain any detailed description.
		When the security ultimately relies on a low-entropy password chosen by a user, dictionary attacks can't be stopped but they can be made sufficiently harder to be impractical (e.g.
	off.net /~jme/vtun_secu.html (878 words)

	Security Analysis and Audit
		A security analysis and audit is a systematic, measurable technical assessment of how a security policy is employed at a specific site.
		An analysis or audit, is a more comprehensive assessment of an information system that involves not just a testing of the vulnerabilities, but various other aspects including the overall design of the information system, and perhaps the system's resistance to social engineering tactics.
		Physical security This is an assessment of the physical security of a network including a review of the server room, wiring closets, network access points and workstation areas.
	aplawrence.com /MDesrosiers/securityaudit.html (854 words)

	Security Analysis
		Security analysis is about valuing the assets, debt, warrants, and equity of companies from the perspective of outside investors using publicly available information.
		The security analyst must have a thorough understanding of financial statements, which are an important source of this information.
		While there is much overlap between the analytical tools used in security analysis and those used in corporate finance, security analysis tends to take the perspective of potential investors, whereas corporate finance tends to take an inside perspective such as that of a corporate financial manager.
	www.quickmba.com /finance/securities (1930 words)

	network security analysis
		Security programs can be installed and upgraded centrally over the network with IT managers choosing the exact level of security they require to suit their organisation's needs by, department, group or individual PC.
		Security is a strategic concern that must be met by technologies, products, and services that support the IT security policy and the networking and IT infrastructure.
		Security is clearly not a product on its own that can be patched onto the infrastructure, but an important set of products that must be tightly integrated into the network.
	www.c-gate.com /networksecurityanalysis.php (557 words)

	Security Expert, Crowd Control, Expert Security Witness Security Company Premises Liability
		Somerson has originated strategies in risk assessment, security expert, security system design, crime prevention, foreseeability studies, adequacy of security analysis, crisis management consultant, security awareness, executive protection, crowd control, fraud prevention and the development of security management training and orientation curricula.
		He founded and operated a security company providing security guard resources, crowd control services, alarm system installations, security consultant and service, central station alarm monitoring, and special business investigations for more than 20 years.
		He is currently on the Editorial Advisory Boards of Security Journal, published in Association with the ASIS Foundation by Perpetuity Press, Leicester, UK; the College Security Report, Rusting Publications; and Security Management Bulletin, Bureau of Business Practices.
	www.securityoffice.com (330 words)

	Amazon.co.uk: Books: Security Analysis (Site not responding. Last check: 2007-10-20)
		The Securities Act of 1933 had just changed the rules of financial disclosure, and most public companies were manufacturers, mines, railroads or utilities — not the makeup of today’s blue-chip portfolio.
		The great thing is that allot of the companies that security analysis talks about have been around for years, and if someone was to perform a security analysis on some of the companies today, I'm sure they will come to some pretty good long range decisions.
		Coca-cola is one of the Companies that security analysis does talk about, and today that's one of Warren Buffets major purchases, it goes to show the value of the book.
	www.amazon.co.uk /exec/obidos/ASIN/0070244960 (861 words)

	Resources for Security Risk Analysis, Security Policies, ISO 17799 (or BS7799) and Security Audit
		The keys to sound security are often considered to be: deployment of a sensible security risk analysis approach, compliance with a recognized standard such as ISO17799 or BS7799, development of comprehensive information security policies and deployment of a detailed security audit programme.
		Security risk analysis is often presented in a confusing and over-complicated manner, ISO 17799 or BS7799 compliance can seem a daunting task, security policies can be totally ignored in practice, and security audit is sometimes less effective than it should be due to over-stretching of busy audit professionals.
		Getting a handle on security risk analysis, BS7799 / ISO 17799, security policies and security audit is critical in ensuring that appropriate security is delivered as productively and effectively as possible.
	www.securityauditor.net (544 words)

	network security analysis :: Nebraska Technologies
		Security issues are not to be taken lightly.
		To combat this issue, we employ a number of concepts and strategies to ensure your security is impenetrable.
		Finally, to assure that security is successfully achieved we take a global approach in assessing your systems and processes:
	www.neb-tech.com /networksecurity.asp (168 words)

	COBRA - Security Risk Assessment, Security Risk Analysis and ISO 17799 / BS7799
		The net result is a product which is proving invaluable in delivering security risk analysis and other key security services in countless organizations across the globe.
		In addition, as organizations seek a better and more visible return on their security budgets, many adopt new approaches to the traditional constraints of lack of expertise, time and finance.
		The result was a risk analysis methodology and tool that meets the most stringent of requirements, fully satisfying the changing demands placed upon the security or audit team.
	www.riskworld.net (427 words)

	Introduction to Security Risk Analysis & Security Risk Assessment
		Security risk analysis, otherwise known as risk assessment, is fundamental to the security of any organization.
		However, many conventional methods for performing security risk analysis are becoming more and more untenable in terms of usability, flexibility, and critically...
		This site is intended to explore the basic elements of risk, and to introduce a security risk assessment methodology and tool which is now used by many of the worlds major corporations.
	www.security-risk-analysis.com (243 words)

	Benjamin Graham Security Analysis Results (Site not responding. Last check: 2007-10-20)
		Benjamin Graham is considered by many to be the father of financial analysis and value investing.
		He revolutionized investment philosophy by introducing the concept of security analysis, fundamental analysis and value-investing theories.
		Benjamin Graham was a seminal figure on Wall Street and is widely acknowledged to be the father of modern security analysis.
	www.security-assessment.org /directory/benjamin-graham-security-analysis.html (520 words)

	Security Evaluation of Microsoft .NET Framework and IBM WebSphere - Executive Summary (Site not responding. Last check: 2007-10-20)
		Our analysis focused on the level of security provided by default in the platforms, the security features provided by the platforms, and the level of effort required from developers and administrators to implement best security practices using those features.
		The areas of analysis were further broken down into forty-five (45) distinct topics enumerated in the table of contents.
		Both platforms scored well across nearly all of the security areas we analyzed, with the caveat that web services security is not yet standardized, and support in the platforms for them is still relatively immature.
	www.atstake.com /research/reports/eval_ms_ibm (3334 words)

	Amazon.com: Books: Security Analysis: The Classic 1934 Edition (Site not responding. Last check: 2007-10-20)
		Security Analysis contains dozens of case studies and lessons that are just as relevant today as in the post-1929 aftermath, including particularly misleading technical analyses, dangerous justifications for the valuations placed on hot new companies and the dilutive effects of stock options.
		He was dead for many years when Cottle, Murray and Block highjacked the "Graham and Dodd's Security Analysis" brand to use it as a title of their book which has nothing to do with the originals and is certainly not their 5th edition.
		The book was written before the reforms of the securities industry in the 1930s and therefore is only useful as a guide to general investment policy and not so much as a guide to security analysis.
	www.amazon.com /exec/obidos/tg/detail/-/0070244960?v=glance (2249 words)

	Security Analysis Books (Site not responding. Last check: 2007-10-20)
		Based on the classic investment approach of Benjamin Graham, the father of security analysis, as well as the author's own research, the approach has consistently outperformed the market for two decades.
		Fundamental analysis is time-tested and supported by meticulous research, and will enable readers to build a stock portfolio that provides superior growth over a long period of time.
		This book provides a comprehensive interface of traditional and modern approaches to securities analysis and portfolio management while embraceing a global approach and using the unique feature of applying concepts to a continuous example, McDonald's Corporation.
	members.aol.com /indinvstr/books-security.html (859 words)

	WWW Security FAQ: General Questions
		Protecting against network eavesdropping and system security are the subject of sections 1 to 5 of this document.
		Security holes have been found in both Unix and Windows NT server systems, and new security holes are being found on a regular basis.
		Others in your organization will understand what the security policy is. The written policy raises the level of security consciousness, and provides a focal point for discussion.
	www.w3.org /Security/faq/wwwsf1.html (2247 words)

	Amazon.com: Books: Security Analysis: The Classic 1940 Edition (Site not responding. Last check: 2007-10-20)
		Their 1934 book Security Analysis made the two synonymous with intelligent, long-term investing, and forever changed the face of Wall Street.
		Analysis connotes the careful study of available facts with the attempt to draw conclusions therefrom based on established principles and sound logic.
		"Security Analysis" is to investments what Adam Smith's "Wealth of Nations" is to economics, Sun Tzu's "The Art of War" is to leadership, and William Shakespeare's plays are to Western theatre.
	www.amazon.com /exec/obidos/tg/detail/-/007141228X?v=glance (2114 words)

	NEC developing network security analysis system - Computerworld
		NEC Corp. announced today that it is developing a network security system that will automatically monitor and analyze the configuration of security tools deployed in a network and suggest changes to fix any vulnerabilities or redundancies that exist between them.
		The system is intended for use in networks where a mix of security tools, such as firewalls and intrusion-detection systems, are being used to guard against worms, viruses and other malicious traffic.
		"Security boundaries are constantly changing, and one of the most urgent needs is to be able to perform a security health check to reveal weaknesses," Ogawa said.
	www.computerworld.com /securitytopics/security/story/0,10801,100576,00.html?source=x10 (813 words)

	(In)Security of the WEP algorithm
		Our analysis suggests that all of these attacks are practical to mount using only inexpensive off-the-shelf equipment.
		Further educated guesses about the contents of one or both of the messages can be used to statistically reduce the space of possible messages, and in some cases it is possible to determine the exact contents.
		Once it is possible to recover the entire plaintext for one of the messages, the plaintext for all other messages with the same IV follows directly, since all the pairwise XORs are known.
	www.isaac.cs.berkeley.edu /isaac/wep-faq.html (2016 words)

	eEye - Vulnerability Assessment and Intrusion Prevention Network Security Software (Site not responding. Last check: 2007-10-20)
		From the first analysis of the logs that were sent to us we were able to deduce that someone had released a worm for the.ida vulnerability.
		The following is a detailed analysis of the "Code Red".ida worm that we reported on July 17th 2001.
		The full analysis of the.ida "Code Red" worm provides numerous details as to the functionality and method of propagation of this worm.
	www.eeye.com /html/Research/Advisories/AL20010717.html (3015 words)

	IT-Director.com: Security: Final Analysis (Site not responding. Last check: 2007-10-20)
		While spending more on security technology may be initially unattractive, an accurate assessment of the cost of current security administration may show the potential for substantial compensatory savings.
		Central to the efficient administration of security is the control of information about users and the provision of the services they legitimately require.
		Accepting that hostile activities may be found anywhere within extended networks, security capabilities are increasingly dispersed throughout the organisation, rather than concentrated at the periphery.
	www.it-director.com /article.php?id=2679 (567 words)

	CNN.com - Technology - Analysis: Linux security - August 31, 2000
		Every month security advisories about new holes in network software are issued, more often than not in the form of buffer overflows: examples of poor input validation that permit running attacker-specified code as if it were part of the program, abusing its authority.
		Ozancin warns that the minor security gain such as the one setup provides may not justify its administrative overhead.
		The rule of thumb in security is that you can maximize security through a three-factor approach: something you know, something you have, and something you are.
	archives.cnn.com /2000/TECH/computing/08/31/linux.attack.idg (2495 words)

	The Spread of the Witty Worm - CAIDA : ANALYSIS : security : witty (Site not responding. Last check: 2007-10-20)
		ISS released an alert warning users of a possibly exploitable security hole and provided updated software versions that were not vulnerable to the buffer overflow attack.
		While technically the use of a buffer overflow exploit is commonplace, the fact that all victims were compromised via their firewall software the day after a vulnerability in that software was publicized indicates that the security model in which end-users apply patches to plug security holes is not viable.
		Colleen Shannon is a Senior Security Researcher at the Cooperative Association for Internet Data Analysis (CAIDA) at the San Diego Supercomputer Center (SDSC) at the University of California, San Diego (UCSD).
	www.caida.org /analysis/security/witty (3076 words)

	An Analysis of Internet Voting Security in the SERVE (Secure Electronic Registration and Voting Experiment) Online ...
		This report is a review and critique of computer and communication security issues in the SERVE voting system (Secure Electronic Registration and Voting Experiment), an Internet-based voting system being built for the U.S. Department of Defense's FVAP (Federal Voting Assistance Program).
		They have been completely aware all along of the security problems we describe here, and we have been impressed with the engineering sophistication and skill they have devoted to attempts to ameliorate or eliminate them.
		The real barrier to success is not a lack of vision, skill, resources, or dedication; it is the fact that, given the current Internet and PC security technology, and the goal of a secure, all-electronic remote voting system, the FVAP has taken on an essentially impossible task.
	www.servesecurityreport.org (1207 words)

	Amazon.com: Books: Information Security Risk Analysis (Site not responding. Last check: 2007-10-20)
		The question is, "What are the risks, and what are their costs?" Knowing the vulnerabilities and threats that face your organization's information and systems is the first essential step in risk management.
		Information Security Risk Analysis shows you how to use cost-effective risk analysis techniques to identify and quantify the threats--both accidental and purposeful--that your organization faces.
		You can find books that cover risk analysis for financial, environmental, and even software projects, but you will find none that apply risk analysis to information technology and business continuity planning or deal with issues of loss of systems configuration, passwords, information loss, system integrity, CPU cycles, bandwidth, and more.
	www.amazon.com /exec/obidos/tg/detail/-/0849308801?v=glance (843 words)

Try your search on: Qwika (all wikis)