We used eEye's Retina Scanner to run a vulnerability scan on a server. A risk was identified which was classed "Low" but the PCI Severity Level was classed as 5 or urgent. The vulnerability was Microsoft Windows optional Subsystems are permitted to operate on the system and the fix was to change...
Changes are in the offing for PCI-DSS. Are these changes for the better? How will it impact your channel business?
Channel, PCI DSS, Payment Card Industry Data Security Standard
Well, maybe. Our expert on SearchSecurityChannel.com just posted a response to a question about it. He says that future antimalware software solutions will use telemetry and behavioral analytics to detect and prevent malware. What do you think? Does antivirus (or antimalware) have a future? And...
Our expert on SearchSecurityChannel.com says the natural consolidation of both technology and solution providers means that competition for named accounts and big-ticket items is fierce. As a result, the SMB security market is becoming more popular than ever. Has that been your experience?
Some experts say that security VARs and consultants aren't doing enough to help their clients formulate meaningful security metrics. The argument is that the typical security metrics aren't business-focused enough (e.g., cost reduction), so most companies end up viewing security as just an overhead...
Network access control (NAC) products sound like a good idea. And they seem to work well to protect against inadvertent pollution by authorized users. But some experts think we should be skeptical that NAC products can fend off hostile attacks. Do you think NAC products are being oversold as the...
How would you rate the Certified Ethical Hacker designation vs. CISSP? What are the differences? What are the advantages of one over the other? Thanks for any opinion you can offer.


