|
What is the difference between risk analysis and risk mitigation and when(before coding or after coding?) and by whom(QA/analyst/developer?) should they be performed in the Software Development Life Cycle?
Opinions, links or document templates would be...
Started by Ville M on
, 7 posts
by 7 people.
Answer Snippets (Read the full thread at stackoverflow):
This....
Risk Mitigation is the plan for what to do about the risks identified by Risk Analysis.
Risk Analysis is the planning process where you identify the types, probability and severity from the engineers and quality teams.
|
|
Why do people take risk in life?
Do consider trying out new hobbies as "risk."
Do you agree that Steve Jobs defines risk as living as if it was your last day.
What is reasonable risk?
How is risk different from gambling?
Started by jumpin on
, 26 posts
by 24 people.
Answer Snippets (Read the full thread at bogleheads):
....
I won't use my own words when I've that a number of different values can exist for a quantity, and ‘risk’ means the possibility of loss or gain as a result of uncertainties.
Risk is the possibility of not achieving an expected outcome.
|
|
How good to use 3 point technique for risk assessment.
Started by jazzrai on
, 3 posts
by 3 people.
Answer Snippets (Read the full thread at stackoverflow):
Is this what you mean? http://www.aof.mod.uk/aofcontent/tactical/risk/content/tpe.htm?zoom, check out the ACM's one minute risk assessment tool which specifies 6 risk factors.
|
Ask your Facebook Friends
|
We have had a external company produce security risk report on our web app and they stated that allowing cacheable HTTPS responses is a 'moderate' security risk.
Would people agree with this assessment?
Started by c00ke on
, 3 posts
by 3 people.
Answer Snippets (Read the full thread at stackoverflow):
If it does not genuinely need to be secure, it is just passed over https with stuff .
That is at risk of cracking.
|
|
Well stated. Good on ya!
Cheers,
~K
Started by purplesnow21 on
, 15 posts
by 14 people.
Answer Snippets (Read the full thread at pogo):
Versions of risk on the internet and I'm curious if this has the added level of fun brought on by different here? Thanks in advance and great effort here.
|
|
Education Week: Want to Get Into College? Learn to Fail
Started by Klements on
, 15 posts
by 6 people.
Answer Snippets (Read the full thread at collegeconfidential):
If this admission officer values risk taking, then he should be more impressed.
The list, compiled by Kathryn community service.
Here's some suggested reading on risk taking.
Of gaining an Ivy admit.
|
|
Hi guys.
I developed a web application, that permits my users to manage some aspects of a web site dynamically (yes, some kind of cms) in LAMP environment (debian, apache, php, mysql)
Well, for example, they create a news in their private area on my server...
Started by DaNieL on
, 9 posts
by 9 people.
Answer Snippets (Read the full thread at stackoverflow):
Trying to strip out rogue HTML from user input is nearly impossible, for example
<scr<script>ipt etc="...">
Removing from this will leave
<script etc... .
Rather than allow HTML, you should have some other markup that can be converted to HTML .
|
|
I am now exploring to use Apache's mod_proxy's directive, eg ProxyPass, as part of solution for cross-domain scripting restriction (for html/ajax/flash code). However, I am afraid by enabling mod_proxy, I would risk having the server as open proxy.
What...
Started by Nordin on
, 3 posts
by 3 people.
Answer Snippets (Read the full thread at stackoverflow):
In a forward proxy configuration, if you were to enable ProxyRequests... .
It isn't needed for reverse proxies.
If that's the case, just make sure ProxyRequests is off .
Since you specifically mentioned ProxyPass, I'll assume you're using mod_proxy as a reverse proxy .
|
|
Is there a fool-proof way to pull out all the risks involved in a project? And does it differ depending on the type of projects your working on (ie: website, client/server...)?
Started by Matt R on
, 9 posts
by 9 people.
Answer Snippets (Read the full thread at stackoverflow):
I liked very much this article: Risk Analysis in Software Design (PDF), take a look to it, gives a good overview about Risk....
Risk Management is a huge topic, and probably one that can't be done justice from there.
Development process.
|
|
I have a Joomla site www.siteA.com and another Joomla site www.siteA.com/siteB.
I have a .htaccess -file at siteA, but not at siteB.
Is it a security risk not to have a .htaccess -file at siteB?
Started by Masi on
, 5 posts
by 5 people.
Answer Snippets (Read the full thread at stackoverflow):
That could be a security....
It's a security risk not to have your server configured properly, but all that configuration have access to the main server configuration files, it's probably not a security risk to not have in a directory.
At all.
|
