Alex Hutton posted this follow up on my first post about checklists. He is of course spot on. Checklists in my humble opinion can provide a State of Nature, but can’t provide a State of Knowledge or a State of Wisdom (nice phrases). They certainly don’t do computation or analysis but what they do is [...]
It’s all about the framework (again)!
I wanted to post a “rah rah” message to Rich Mogul when he posted that GRC platforms Are Dead. He was so spot on in my humble opinion that he made me smile for a week or so. I may be a bolshy arrogant git confident but re-assurance from smart people is always comforting. Today [...]
I am bored of the same old crap coming across my feed reader so I have decided to experiment; be ruthless and un-subscribe from anything that I don’t read (value) regularly and look for new fresh thinking and opinions. Sure the odd gem can be, well a “gem” and I may miss them but I [...]
My cool security friend JD has done it again (in BETA).
http://www.codeplex.com/WCFSecurityGuide
These things are the definitive guides to the topic. Masterpieces!
Download the Improving Web Services Security Guide(BETA)
At the OWASP Conference in Belgium this week I had a slide about checklists.
This is the story behind the slide. My boss at Microsoft has a friend who is a pilot. He did his pre-take-off checklist and was cleared to taxi onto the runway by air traffic control. He consulted his checklist one [...]
I opened the OWASP Europe Conference this week with a slide (below) about vendor neutrality.
In essence I urged attendees to consider the motivations of those presenting various ideas at the conference; including myself of course. During the conference it was pointed out that the moderator of a panel “The PCI 6.6 Dogfight - [...]
I will be speaking at TechEd in Orlando in June (and probably the TechEds in Australia and New Zealand in September).
The Connected Information Security Group - CISG, part of the Microsoft corporate information security team are working on a technology framework and set of applications to support corporate information security management programs. The Microsoft and [...]
I got back from Redmond yesterday. I am getting old so couldn’t sleep well last night; luckily for me the BBC shows Our World during the night and I caught Danger - Democracy at Work. As usual it was a superb bit of journalism this time questioning Americas dogma to spread their own blend of [...]
Recent Comments