- Chinese Internet censorship: An inside look
- Desktops of the future here today
- What network CEOs really make
- DoD sold counterfeit network gear
- Sci-Fi's goofiest gadgets and technology
Rss FeedRss Feed
Crackin' the Kraken bot. Listen now!
Wireless dangers at airports. Listen now!
The Payment Card Industry Data Security Standard (PCI DSS) is a set of industry regulations imposed by the major credit card companies to ensure the safety, security, and integrity of cardholder data. Any business that processes, stores, and transmits cardholder account data must comply with this complex new standard, and must be able to demonstrate that compliance through automated and manual audits of their systems. This white paper looks at the key challenges and requirements of PCI DSS as it relates to Microsoft Windows and Active Directory, and shows you how a third-party software solution can help with PCI compliance.
Get the latest on storage technologies that allow IT professionals to better cope with new IT demands. Learn how storage technologies can help you successfully tackle e-Discover, regulatory compliance, green data center initiatives and the data explosion. Get all the details now.
There are many compelling reasons for virtualizing Windows and Linux applications. Virtualization improves server utilization by allowing you to run multiple workloads on a single physical server. It reduces the number of physical servers you have to maintain, while allowing you to use less physical space and power while still improving scalability. All of these capabilities translate directly into lower costs, less complexity, and greater flexibility in your mixed IT environment. Register below to learn more and be entered to win an Archos 605 Portable Media Player.
Enterasys Sentinel is now known as Enterasys NAC - see http://www.enterasys.com/products/advanced-security-apps/enterasys-network-access.aspx...- Anonymous
Watchfire is opening up its Web application-vulnerability software so customers can create their own security tests of corporate applications.
This capability, which lets users extend features based on individual needs, is part of Version 7.5 of Watchfire's AppScan platform.
Callled AppScan eXtensions Framework, the new feature supports a range of add-ons. For instance, one extension developed by Watchfire itself exports security defects discovered by AppScan to such quality-assurance tracking applications as HP Quality Center and IBM Rational ClearQuest. Another extension formats AppScan reports for Microsoft Word.
AppScan probes Web applications looking for vulnerabilities and reports them, specifying the lines of code that need to be fixed to correct the problems.
As part of AppScan 7.5, Watchfire has let users to embed AppScan within other applications and control it from there; that makes it simpler for users to run security scans because they don’t have to switch from application to application.
A software developers kit and an API also are available from Watchfire for those who want to write extensions. In addition, the company has set up an online community for customers who develop AppScan extensions where they can discuss their work and post extensions for others to download and build on.
Another new feature of AppScan, called Pyscan, lets customers script custom automated tests in the Python scripting language. This can speed up testing by eliminating what in earlier AppScan versions would have been manual tasks.
For example, a Pyscan script could attempt to exploit a vulnerability found by AppScan, then report whether the exploit succeeded and elevate the threat status of the vulnerability if it did succeed, the company says.
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com The Industry Standard IDG List Services |
 |
Copyright © 1994-2008 Network World, Inc. All rights reserved. |
