background preloader

Security

Facebook Twitter

RATS - Rough Auditing Tool for Security. Welcome to RATS - Rough Auditing Tool for Security RATS - Rough Auditing Tool for Security - is an open source tool developed and maintained by Secure Software security engineers. Secure Software was acquired by Fortify Software, Inc. RATS is a tool for scanning C, C++, Perl, PHP and Python source code and flagging common security related programming errors such as buffer overflows and TOCTOU (Time Of Check, Time Of Use) race conditions. RATS scanning tool provides a security analyst with a list of potential trouble spots on which to focus, along with describing the problem, and potentially suggest remedies.

It also provides a relative assessment of the potential severity of each problem, to better help an auditor prioritize. As its name implies, the tool performs only a rough analysis of source code. Download RATS RATS is free software. Source tarball: rats-2.3.tar.gz [382K] [ MD5 ] Win32 binary: rats-2.3-win32.zip [220K] [ MD5 ] Requirements Expat can be found at: Installation. Ten Steps to HIPAA Security Compliance - Apr 2005. Protecting your patients’ health information is more difficult and more important than ever.

Ten Steps to HIPAA Security Compliance - Apr 2005

The author’s strategy will help you meet this month’s deadline. David C. Kibbe, MD, MBA Fam Pract Manag. 2005 Apr;12(4):43-49. The final rule adopting HIPAA standards for the security of electronic health information was published in the Federal Register on Feb. 20, 2003 [and goes into effect April 21, 2005] . – Statement on the Centers for Medicare & Medicaid Services Web site regarding the Health Insurance Portability and Accountability Act1 As family physician Dan Brewer, MD, once wrote on an e-mail discussion list, “I believe I would rather eat live cockroaches than learn about HIPAA security.” But don’t be fooled into complacency. Consider these examples: Have you ever been the victim of a computer virus, or do you know someone who has? After reading through these 10 steps, you should be able to compare your office’s current computer security, or lack thereof, with that required by HIPAA.

What Makes a Web Site HIPAA-Secure? Doctors and medical professionals are feeling increasing pressure to get their business online (e.g. use of electronic prescriptions, web appointments, and remote medicine are both trendy and critical for building and sustaining revenue streams in the tightening medical market).

What Makes a Web Site HIPAA-Secure?

This push includes making available protected health information to patients via a web site and collecting similar private information from patients or would-be patients. However, where the health information of an identifiable individual is involved, the Health Insurance Portability and Accountability Act (HIPAA) is the official compliance document. And with the Omnibus rule in place, all web sites, old and new, must be properly designed or their owners face potential financial liability into the millions of dollars. So, what do these requirements mean and how can HIPAA be followed in the context of a website? What are the HIPAA requirements for a web site?

Fail. Overall grade — failing. 1. 2. Further Reading: Symantec Connect Community Community. When it comes to installing software, secure design is often the last consideration.

Symantec Connect Community Community

The first goal is usually just to get it to work. This is particularly true of databases. Databases are commonly referred to the keys to the kingdom: meaning that once they are compromised, all the valuable data that is stored there could fall into the hands of the attacker. With this in mind, this article will discuss various methods to secure databases, specifically one of the most popular freeware databases in use today, MySQL. MySQL can be found at or at MySQL is used in over 4 million installations all over the world. MySQL Standard includes the standard storage engine, as well as the InnoDB storage engine, which is touted as a “transaction-safe, ACID-compliant database” with some additional features over the standard version.

Most of the recommendations discussed in this article apply to all versions of MySQL unless otherwise noted. Three-Tier Design Access Control Roles Integrity Encryption.