• Partners
• Community
• Support

News: Articles

• What CEOs Don't Know About Cybersecurity

  July 14, 2009 — Forbes: A new study hints at how often cyberthreats aren't communicated to the boss.

• CIP standards may not be enough to secure electric grid

  July 9, 2009 — Government Computer News: Compliance audits that focus on reliability of electric system begin this month

• Developing Secure Applications

  June 19, 2009 — Data Manager Online: A How-To article on application security.

• Feds must get serious about checking commercial software for threats

  June 18, 2009 — Nextgov: Agencies must develop methods to make sure the commercial software they purchase isn't secretly loaded with viruses that could expose sensitive information stored on government networks, federal and industry technologists said on Tuesday.

• Avoid Security Suffering With These 3 Questions

  June 16, 2009 — By: Jack Danahy, Founder and CTO, Ounce Labs
  
  eBizQ: As an active speaker at industry conferences and events, participants often come up to me and ask where is the right place to start implementing security.

• The Cost Of Fixing An Application Vulnerability

  May 12, 2009 — Dark Reading: Security experts say enterprises spend anywhere from $400 to several thousand dollars to fix a single vulnerability in their internally Web developed applications

• SQL Injection Invasion: Weak Web Applications Increasingly Fall Prey To This Potentially Devastating Attack

  April 10, 2009 — Processor.com: As security measures in data centers become progressively more stringent, hackers are turning to more unique methods to access sensitive data. One of these is SQL injection, which replaced cross-site scripting as the predominant Web application vulnerability in 2008, according to an IBM study.

• Your company's reputation: Critical, but fragile

  April 8, 2009 — SearchSoftwareQuality: Jack Danahy, co-founder and CTO of Ounce Labs, blogs about the impact to reputation in the wake of a critical data breach, such as the breach suffered by Heartland Data Systems.

• New Bill Would Give Feds Sweeping Cybersecurity Enforcement Powers

  April 2, 2009 — E-Commerce Times: If passed by Congress and signed into law by the president, the Cybersecurity Act of 2009 would mark a new dawn in securing the computer networks of utilities, banks, traffic control operations, telecoms and other entities critical to homeland security. Both government and private industry cybersecurity efforts have been ineffective up to now, proponents maintain.
  

• IN THE NEWS: Diary of a Data Breach Investigation

  April 1, 2009 — CSO Online: An information security manager shares the diary he kept while investigating a possible data breach.