vulnerability management, risk mitigation vs risk acceptance

I was involved in a conversation concerning the in-house vulnerability management program. One the statements made was that the management is generally not willing to accept risk and it should be aimed to mitigate it preferably in form of patching.

On the other hand, there are cases of applications that are vulnerable (most of them have critical and high severity levels) and they are going to be decommissioned by the end of 2020.

The problem is, that no one wants to put money on the table for fixing the vulnerabilities because the product or products will be decommissioned in a few months’ time.

I’m now wondering, aren’t they somehow already accepting the risk of not providing funds for fixing the vulnerabilities or is it more an example of neglect?

Furthermore, shouldn’t, in this case, a formal process of risk management exist to weigh the cost against the potential loss caused by a possible exploitation leveraging the vulnerability?

Need help for integrating inventory management system with auction sites

Hi guys..

I am currently required to develop an inventory management system for used cars that posts and retrieves data from single/multiple auction sites. The inventory management system should be standalone and it can integrate with the existing auction sites like eBay etc. or for demonstration purposes, can be shown on a separate new auction site. Can you guys please help me as to where to start with this and if there are any ready-made scripts available that suit this purpose? Please help

What database management system (relational or not, I’m open to any) would be most performant for this system?

A highly transactional databases with semi-wide semi-denormalized tables with billions of records. The database itself only has a handful of tables, but the size of the data is in the terabytes, and the core tables have tens of billions of records. The tables can only afford minimal locking (24/7) but must support reporting in an OLAP sense in addition to fitting the OLTP model. (Data accuracy is important while reporting, so atomicity is vital.) When being reported on, it’s usually involving millions to hundreds of millions of rows at a time, sometimes being aggregated data and other times the raw data.

Is there a one shoe fits all of these requirements database system out there, or does this sound like a mix of database systems would be best to support this design, and which databases would those be?

I’ve heard of different types of database systems such as traditional RDBMS like SQL Server, MySQL, PL/SQL; columnar based database systems like Postgres and Redshift; noSQL databases like MongoDB; in memory databases like MemSQL and VoltDB; and newSQL like Google Spanner, but not sure the best way to compare and test them all against my use case.

How to Create a Learning Management Plugin in WordPress to Manage Courses [LMS]

I’m looking to build a small learning management plugin to manage courses

The first feature that i want to implement is the front-end course builder Meaning that after designing a course page (using it as a default canvas)

enter image description here

This course builder will do the following:

[Button] -> Create new Course – Add Course title: – Add Course Picture: – Add Sections: – Add Lectures: [Button] -> Publish Course

After hitting ‘Publish’ a course page will be created automatically and added to the database

Any help, tips, assistannce will be greatly appreciated.. I’m stuck for several weeks now

Password management with an always password hidden [on hold]

Is there any password management application which hide permanently password for non adminstrator user, even with at autocompletion on web browser ? The idea is to keep password secure from users, they could just copy to the clipboard and paste it only on secure field. This prevent users to write or store somewhere else the password. And this application must worked with iOS, Android, Windows and MacOS.

How Agile Project Management can be differentiated from Plan-based Project Management?

How Agile Project Management can be differentiated from Plan-based Project Management? Whether the incremental Delivery is possible by following Agile Principles and Manifesto? How Agile brings transformation of the Project Management Profession considering deliverable’s performance? Whether is it advisable to have Expert Opinion based on past software assets?

Do not invest your money in the Zion Fund Management fund

Shope Aina advertises itself as one of the best managers and traders in the world and is nothing more than a scammer salesman. Your Zion Fund Management fund is a scam. With the passage of time its scheme is unsustainable claims to be a profitable strategy and sooner or later it explodes, that's when the fraud comes to light. Therefore, in its terms and conditions it can be observed that they are not responsible for future total or partial losses of the invested capital. After leaving me…

Do not invest your money in the Zion Fund Management fund