Archive for the ‘Long Tail Security’ category

« Mark Curphey – SecurityBuddha.com home page
« Older Entries

Farewell Security Buddha – Hello Curphey 2.0

March 5, 2010

I openly admit I had a mis-spent youth. I was expelled from school and then went on a rampage of sex, drugs, booze and rock and roll for the best part of a decade. I lived hand to mouth and did everything from stacking yogurts in a yogurt factory (working nights), selling houses, working behind [...]

Categories: Beautiful Security, Careers, Getting Things Done, Long Tail Security, Microsoft, OWASP, Productivity, Security Blogs, Security Book Reviews, Security Bullshit, Security Industry, Software Development, Software Security, Speaking, Technology Commentary, Travel, UX, Working at Microsoft, information security, open source

Comments: 9 Comments

Gem of a Security Post

June 15, 2009

I think I am going to rename this blog “Stuff that doesn’t fit into 140 chars” (stolen from Chris Anderson). I am mainly posting on Twitter these days, you can follow me here www.twitter.com/curphey . I am not sure how I missed this absolute gem of a blog post but I did. It’s a great [...]

Categories: Long Tail Security, Security Bullshit, Security Industry, Software Security, information security

Comments: Be the first to comment

The Future : Regulation is Futile – Market Forces Will Prevail

April 28, 2009

39,000 ft over yet another ocean …… I just watched an old Bill Joy talk from Ted 2006 via iTunes. Two key paraphrases struck me as prophetic. “You can’t regulate the problem away” “What we need is better networks” In 2005 I did a series of public speaking events using a theme Naked security in [...]

Categories: Information Security Economics, Long Tail Security, Microsoft, Platforms, Royal Holloway ISG, Second Life, Security 2.0, Security Industry, Security Platforms, Security metrics, Social Networking, Software Development, Software Security, Technology Commentary, Working at Microsoft, information security, open source

Comments: 6 Comments

Security Technology UX

October 19, 2008

I just can’t wait until security technology has UX as good as this It maybe Hollywood fantasy today but with Silverlight and other technologies it’s not a million miles away these days.

Categories: Information Security Economics, Long Tail Security, Security Platforms, Software Development, Software Security, UX

Comments: Be the first to comment

SecurityNow

October 17, 2008

We have just posted the first of a series of articles about a proof of concept called SecurityNow that we built at work. http://blogs.msdn.com/cisg/  

Categories: Information Security Economics, Long Tail Security, Microsoft, Platforms, Security Platforms

Comments: Be the first to comment

Are Business Risk and Technical Security Part of a Natural Fourier Series?

October 8, 2008

Decade after decade politics moves from regulated economies to de-regulated economies. Changes are usually are triggered by “unpredictable events” (in political speak). We are almost certainly about to go onto a period of heavy government regulation of the financial services industry where “unpredictable events” or “failure” in plain English is blamed on inadequate of regulation. [...]

Categories: Certification, Compliance, Information Security Economics, Long Tail Security, Regulation, Security Industry

Comments: 2 Comments

Are You a Builder or a Breaker

September 10, 2008

I am reading Brain Rules; great book! In the opening chapter there is a wonderful quotation from an interview with Frank Lloyd-Wright that resonates with how I feel about the application security industry. “When I walk into St. Patrick’s cathedral here in New York City, I am enveloped with a feeling of reverence”, said Mike [...]

Categories: Information Security Economics, Long Tail Security, OWASP, Productivity, Security 2.0, Social Networking, Software Development, Software Security, Technology Commentary, Web Security

Comments: 21 Comments

GRC – Why It’s of LIMITED Interest to Me

June 10, 2008

I wanted to post a “rah rah” message to Rich Mogul when he posted that GRC platforms Are Dead. He was so spot on in my humble opinion that he made me smile for a week or so. I may be a bolshy arrogant git confident but re-assurance from smart people is always comforting. Today [...]

Categories: CISG, Compliance, Dashboards, Frameworks, Information Security Economics, Long Tail Security, Microsoft, Platforms, Security Industry, Security Platforms, Security metrics, Social Networking, Software Development, Working at Microsoft

Comments: 5 Comments

The Six Dumbest Ideas in Computer Security

April 19, 2008

Really good read by Marcus Ranum

Categories: Getting Things Done, Long Tail Security, information security

Comments: 4 Comments

Welcome to Microsoft Dennis Groves

April 16, 2008

I have been waiting to send this email since January; welcome to Microsoft Dennis Groves. Dennis will be a Technical Product Manager for the Connected Information Security Framework (more on that as promised next week). Dennis started OWASP with me back in the day and we have been trying to find a way to work [...]

Categories: Cool Business, Frameworks, Long Tail Security, Microsoft, Platforms

Comments: 4 Comments

« Older Entries