ccole's blog

Altiris' Client Security is an enterprise-class security solution (SearchSecurity.com 2007 Readers' Choice Award winner) that's tightly integrated with the entire suite of Altiris offerings. Here are some pretty cool demos where you can learn more in a hurry.

NOW HEAR THIS! SecurityExpressions functionality is now in the Notification server. The release of the Audit Integration Component allows your organization to leverage SecurityExpressions auditing for compliance and configuration drift through your NS. You can download the Audit Integration in the Solution center in the NS.

Did you know that there are tons of out-of-the-box SecurityExpressions policies? They cover all flavors of operating systems and applications leveraging best practices. I have uploaded the new guide that contains a comprehensive list of all the policies we have to date.

Traveling and talking to customers the last few weeks I did pick up some of the fodder on the "Is PCI DSS Good or Bad" debate between Mark at Security Buddha and Michael at PCI Compliance Demystified. In full disclosure, I did attend the PCI Conference in San Francisco with Michael. I thought I had a pretty thorough grasp on PCI compliance, but Michael really knows his stuff.

PCI DSS is tough on wireless LANs. I suppose wireless LANs have earned this reputation, deservingly so. Too many retailers operate open wireless networks without any encryption or they have used WEP, which can be broken in about 6 minutes of sampling.

Did you know you could audit your system for compliance on the Web? WebAudit allows you to audit your own system against a best practices policy and then view the resulting system assessment.