Risk Management with Stuart King and Duncan Hart
November 2006
-
Microsoft and Vista
- Reed Elsevier 30 Nov 2006 -
Campaign for clear talking
- Reed Elsevier 29 Nov 2006 -
More on metrics
- Reed Elsevier 28 Nov 2006
I like Microsoft. There you go, cards on the table. Let me be more specific: I think that the Trustworthy Computing initiative is simply the most important and valuable security resource that ...
Much of today was spent leading a workshop session for product management people on the subject of security and risk. The session went well and one particular point of feedback resonated: it was ...
I was reading David Lacey's latest blog entry with some interest. One of the challenges I'm currently faced with is to present an achievable and realistic set of objectives against which my ...
-
Process and Security
- Reed Elsevier 27 Nov 2006 -
Security Certifications
- Reed Elsevier 26 Nov 2006 -
Financial impact of security incidents
- Reed Elsevier 24 Nov 2006 -
Happy Thanksgiving (and more on vulnerability scanners)
- Reed Elsevier 23 Nov 2006 -
Application Firewalls
- Reed Elsevier 22 Nov 2006 -
OWASP
- Reed Elsevier 21 Nov 2006 -
Vulnerability Scanners
- Reed Elsevier 20 Nov 2006
More evidence presented itself today in support of my message that there is a demonstrable correlation between the security status of web products where development follows a formal process and ...
A couple of days ago I encountered a person whose business card made reference to no less than 5 different information security related certifications. Should I be impressed? The answer is simple: ...
I've been doing a lot of research into the actual and potential impact on a business of various types of security incident and trying to work out how the various statistical models and other data ...
Happy Thanksgiving day! Many of my colleagues are American and so today should be a quiet one on the email front - although you can bet there will always be at least one of them sneaking a message ...
I was re-reading the VISA CISP data security standards documentation and reminding myself firstly, of what an enjoyable read this is, and secondly of some of the recent new clauses put in to ...
I want to take the opportunity to pay tribute to the work of the Open Web Application Security Project - OWASP. This project has now grown into an incredible wealth of online resources with a ...
I took a call from a vendor inviting me to test the latest version of some web product vulnerability testing software. I've recently been quite outspoken in my dislike for automated testing tools ...