April 1, 2011
Cloud and Application Security

Recently, I had the opportunity to participate in a meeting hosted by Senator Mark Warner on the topic of health...

Read More
March 23, 2011
Facebook and Privacy

The other day I read an interesting article on FaceBook and privacy from F-Secure’s blog.  The key point that I...

Read More
March 22, 2011
RSA Breach: Mitigations for Your SecurID Implementation

The blogosphere has lit up in the last several days with details of an attack that involves the company that...

Read More
February 28, 2011
Tweet of the Year for 2011: What’s Wrong With Information Security

Last week, I read what I expect to be the most intelligent tweet of 2011.  A member of the OWASP...

Read More
February 22, 2011
Wikileaks: How I Learned to Worry More…

Wired’s Danger Room blog recently acquired a “Cyber Control Order” penned by Major General Richard Webber, commander of Air Force...

Read More
February 21, 2011
The Difficulty In Doing Something Simple

According to my watch, it’s 2011. The popular and pervasive protocols telnet and FTP were first codified in RFCs around...

Read More
November 15, 2010
Pen Testing Versus Vulnerability Assessments

At the end of the first day of plenary sessions at OWASP App Sec DC 2010, there was a session...

Read More
November 12, 2010
OWASP App Sec DC 2010 General Recap

The OWASP App Sec 2010 conference  ended today. The format and content of some of the talks made for a...

Read More
November 5, 2010
OWASP AppSec DC 2010 is Upon Us!!

This is a short reminder to everyone out there that OWASP’s annual conference in Washington, DC is next week.  There...

Read More
September 28, 2010
A Follow-up on Quantitative Risk Analysis

The other day Terry wrote a piece on risk assessment, and focused primarily on quantitative assessment.  It brought to mind...

Read More
September 25, 2010
A Requirement By Any Other Name….

Since we’ve covered FISMA and NIST recently, I thought it would be a good time to discuss policies, standards, guidelines,...

Read More
September 16, 2010
The Value of Quantitative Risk Analysis

Greetings blog followers and welcome to my inaugural blog post. I have recently joined the MindPoint Group family and look...

Read More
First ... 5 6 7 89