Om Malik suggests for a $1 a month people would pay the search engines to remove their digital search footprint in his blog post here.
If not today, but soon enough, we might be willing to pay to protect the privacy, and erase the digital footprints we are leaving behind…………….turn privacy into an opportunity for making [...]
Archive for the 'Certification' Category
Can Privacy be a Premium Service?
July 26, 2007Principles of a Good Security Evaluation Criteria
June 25, 2007I am working in the OWASP Web Certification Project and planning to make some serious progress this week. One of things I have done is to step back and think about what makes a good evaluation criteria. Here are some notes.
- Risk Based Security
- Assurance
- Unambiguous
- Repeatable
- Flexible
Risk Based Security
Risk based information security may not always be a [...]
Assurance Levels for Web Security
June 11, 2007I am writing the first draft of the OWASP Web Security Evaluation Criteria this month and spent much of last Friday thinking about two things. The stakeholders in the web security evaluation game (last post) and assurance levels (this post). I have continued to chew over the concepts this weekend and I think its a very [...]
SourceClear Diary of a Startup - Week 6
May 15, 2007This week focuses on the frustration of small agile development projects and thinking about the competitive landscape.
Last week I posted a very simple Diary of a Startup blog that summed up exactly the week we had.
You can have software that is Fast, Cheap and Good but you can’t have all three at once.
To [...]
OWASP Web Certification - A Better PCI?
May 14, 2007This week at the European OWASP Conference in Milan they will announcing that I have been selected to produce the OWASP Web Certification Framework. A public email went out to the OWASP mailing list this weekend.
There are no shortage of critics about PCI. I am one. I believe that’s it broken in so many [...]
Recent Comments