Spliced feed for Security Bloggers Network |
| Wordpress on my iPhone [Network Security Blog] Posted: 01 Aug 2008 10:41 AM CDT I just found the Wordpress app for the iPhone and I’m sitting in a meeting tapping away while listening to the presenter. I doubt that I’ll be using it much since it takes so long to tap a post out, but when I need to make an emergency post, this will work ok. ![[del.icio.us]](http://images.del.icio.us/static/img/delicious.small.gif){kind=small} |
| Playing Catch Up This Weekend [Liquidmatrix Security Digest] Posted: 01 Aug 2008 08:21 AM CDT It’s a long weekend for me and I’m taking some time to catch up on posts that I’ve been meaning to get done. Also, I’ll be mucking about with our database but, it shouldn’t be so that anyone will notice. Mind you… In the meantime here is an amusing piece from Bruce Schneier on why people shouldn’t listen to him. |
| links for 2008-08-01 [delicious.com] [Andrew Hay] Posted: 01 Aug 2008 08:00 AM CDT
|
| Always Take some time to research [An Information Security Place] Posted: 01 Aug 2008 07:38 AM CDT So this post is not exactly about security, though it has ramifications in the security industry as well as virtually every other industry. As you may know, Accuvant is a security consulting / reselling firm. However, as the trend continues towards convergence of the network and security, we become more and more involved in infrastructure consulting and reselling. We have a bunch of people who know how to design and implement infrastructure projects and include strong security principles along with the solution, so it actually works well for us. Well, one of our clients in the Dallas area has used us for the past couple of years to help them build out their infrastructure as they expand. We designed the phase 1 of the infrastructure, and now we are moving into phase 2. Part of that phase 2 involves them installing a SAN and VMware ESX servers. Good move on their part. We don’t do the SAN and VMware stuff, so he brought in another consultant, namely Dell. Our client is buying a Dell Equallogic iSCSI box and using Dell to build it and the VMware servers. The first thing our client told us was that he wanted to connect the SAN and the ESX servers directly to the core since he had plenty of ports, there was redundancy built in there already, and he wouldn’t need to buy more switches. He doesn’t have a huge environment, but we advised that if he was going to do that, it needed to be in a phased approach, and he needed to put additional switches into his access layer for the SAN and ESX servers when he starts approaching the next phase of the expansion. He decided to go ahead with that since we made the suggestion, so he started looking at which switches to use. He is an Extreme Networks shop, so we made a couple of suggestions for switches. He went to his storage consultants at Dell, and they told him that Extreme was not certified with Equallogic and that he would need to buy Dell or Cisco switches. Obviously that was throwing a monkey wrench in the plans. We really didn’t want to throw other switches into this mix. Should it work? Yes. But why tempt the switching gremlins? So before we started heading down that path, I decided to do a little research. I sat down in front of my laptop expecting a good 30 minutes or so trying to see if anyone out there had put Extreme in with Equallogic iSCSI. Well, it took me about 2 minutes with this search to find these two articles: http://www.equallogic.com/partners/view.aspx?id=332 http://www.equallogic.com/partners/view.aspx?id=290#e So Equallogic does support Extreme?? Looks like they do when you see this line in the second article:
Can’t get much more definitive than that! So the point is that you should not always accept the word of an "expert". it always pays off to do some research. Yes, you should be able to use the experts advice in making decisions. But backing that up with your own research often pays off. Of course, if I’m the expert, then you can absolutely trust anything and everything I say as completely and totally factual. Vet |
| New Weblog - It’s Gonna Be Good: Risktical.Com [RiskAnalys.is] Posted: 01 Aug 2008 06:51 AM CDT From Chris Hayes at http://risktical.com/. I have the utmost respect for Chris as a risk analyst. He’s big in (started?) the Columbus OWASP chapter (and I have to admit to not getting to a meeting yet because I’m a slacker), works, lives and breathes Information Risk, and if you want a pragmatic, practical view of risk within the context of a sophisticated IRM program, his blog is something you’ll want to read. Also, he’s into the cello. Which is cool. |
| New Advertiser [An Information Security Place] Posted: 31 Jul 2008 04:45 PM CDT I announced it a while back, but I wanted to announce again that I’ve recently added a new advertiser called Tradepub to my blog. It is the same advertiser that ISSA uses to offer publications to members and those interested in membership. They offer hundreds of free trade publications, all of which are completely free and offer valuable information that will help you stay on top of your respective industry. TradePub offers more than 900 free business magazines, white papers, and webinars, all for the taking! Here are a few that my readers might be interested in: * Security Magazine - Focuses on ways to apply technology and services to solve security problems The link is on the right of the posts, or you can go straight to http://infosecplace.tradepub.com. Vet |
| Coming Soon to a Movie Plot Near You… [Art of Information Security] Posted: 31 Jul 2008 04:10 PM CDT
Of course, a major problem with that approach is that the “persons of interest” are long gone by the time the video shows that “yep, you can definitely see some guy cutting off that lock and stealing that…”. Another problem is that unless the equipment is being checked on a regular basis, it may be defeated (or just broken) for a long time before any problems are identified. In the photo to the right, an NYC artist William Lamson, has created an interesting photo of hacking (or blocking) a security camera with a helium balloon. This is such a simple and inexpensive attack on the video surveillance camera that I am shocked I haven’t seen this before. I am also certain that the appearance of this in a TV or movie plot is imminent. It would have been pretty simple to use two balloons to block the camera without providing the nice tether to “fix” the problem. Digital photography is a hobby of mine, and I have a mild obsession for photographing physical security faux pas (which to date has not resulted in any ‘Imperial Entanglements’ Cheers, Erik Coming Soon to a Movie Plot Near You… |
| Kaminsky’s DNS Exploit Exposes the Internet’s Core Challenge [ARCHIMEDIUS] Posted: 31 Jul 2008 02:41 PM CDT John Markoff’s (New York Times) recent story on the DNS exploit will no doubt draw significant attention to what Cricket Liu called one of the most significant vulnerabilities of all time. A few days after the easy to launch exploit was published on the Internet, evidence of attacks were soon reported, even against security experts [...] |
| CISA and CISSP Preparation [Art of Information Security] Posted: 31 Jul 2008 08:14 AM CDT Recently I have received a number of questions seeking preparation tips and insights for the CISA and CISSP certifications. I hold both of these certifications, and passed them both on the first attempt using very different preparation approaches. I took the CISA first, and based on a few lessons learned, I radically changed my preparation plan for the CISSP.
Are You Ready ?
Both of these exams cover a very broad spectrum of subjects. It is my personal belief that the experience requirements exist as an aid to whittle test takers down to candidates who have the professional experiences required to be successful, and to discourage people from taking the exams before they are ready. If you truly meet the background requirements, then you should have had some contact with many of the core topic areas for the exam. If you are looking at the core content of the examination, and do not believe that you really have the breadth of exposure to be able to describe and discuss each domain at a high level, then you may be better served by delaying the exam in favor of working with your management to gain broader professional experience. Five Step Approach to CISA or CISSP Exam Preparation
For the first certification that I prepared for, I did not perform the first three steps outlined above. I went directly to the official source materials and began trying to review them cover to cover. I passed the exam, but I also spent a lot of time & energy reviewing things that I already knew “well enough”, and was burned out when reviewing the areas which could have been richer learning opportunities. No matter what your professional background, no one knows-it-all or does-it-all, so there is always an opportunity to learn new things while you are preparing for the certification exam. The goal of this five step approach is to focus your time where you have the greatest learning opportunities. Hopefully this focuses your time and energy in the most rewarding way. Performing the Benchmarks For the Benchmarks, I like to complete a timed half-length or full-length examination. It is my feeling that a half-length exam is long enough that fatigue, maintaining focus, and pace are all stressed, as they will be on examination day. This of course requires access to a large set of test questions or sample tests, preferably with explanations of incorrect answers. In addition to commercial third-party test preparation tools, there are good (and free) test preparation quizzes available from www.cccure.org. Survey Materials I find the “Exam Cram” series to be very useful survey literature. I purchase books from this series when I want a high-level and quick handling of an entire subject matter area. As a result, I own survey books from the series in topic areas which I have no intention of pursuing certification for. Obviously the books I recommend for these certifications are:
Deep Dive Materials There are exam preparation materials available from a variety of sources that fit the bill in this area. What we are looking for are books that contain solid coverage of the areas where benchmarking has shown the most significant need for improvement. In addition to the materials from (ISC)2 and ISACA that I list below, consult your local library - often they will have books that fit the bill. (And, of course, consider arranging a donation of good materials if they do not.)
Final Thoughts Good luck on your journey toward Information Security or Audit certification. One word of caution: Make sure that you have realistic expectations about what actually being certified will mean. Although I do think being certified helps a person establish credibility more quickly, and is helpful when searching for new employment, often people are underwhelmed by the “Congratulations, that’s nice” from their current employer. If your expectation is that a big raise, bonus, promotion, etc. is hinging on your being certified, then I would strongly encourage you to reality-check that with peers in your organization. Cheers, Erik |
| Security Through Visibility - Montego, Lancope and NetFlow [Security In The Virtual World] Posted: 30 Jul 2008 06:57 PM CDT We've probably all heard that you can't secure what you can't see and that statement is even more profound when it comes to virtual environments. This is because it is extremely challenging to see what is going on at a micro vs. macro level within a virtual environments network. The virtualization vendors such as VMWare and Citrix have provided embedded tools into their management consoles that show a macro level of visibility but its not enough to identify security events in the environment. Take a look at the attached picture. It simply shows VMWare's ability to monitor virtual network performance statistics from a bits per second perspective.
With only this level of detail how can one determine which network applications are causing spikes. Is it FTP traffic that is occuring at a high volume at an unuseal time of day? If that were occuring, could that be indicative of either a breach or some sort of problem? What if FTP isn't even an authorized service in the virtual environment but there is a high volume of it? Did someone install a rouge FTP service so they could steal information from the server at will? These types of questions can't really be answered without a micro level of detail into the packets flowing in, out and within the virtual environment. Now, what I am highlighting is not security in the traditional sense of prevention but using visibility as a means to first identify, then pin point the source of an issue so that it can properly be mitigated. Having constant visibility can also ensure that other security products in the environment are performing as expected. What if a Montego HyperSwitch with firewalling enabled is configured with many policies but someone forgot to create an FTP block policy. One could think they are protected from rouge FTP services transmiting data out of the network, but without constant visibility monitoring, can you be certain? Some vendors, namely Reflex Security will get you to believe that their IPS / IDS solution that is inline and running in the virtual environment is the right and only approach. Or they will tell you to hang a virtual IDS off a span port in the virtual environment and you will at least have visibility into the attacks that are taking place. Well, sure... You now have attack visibility but at the performance cost of your virtual environment. Signature matching technologies are great, I'm a huge believer; however they don't scale very well in shared computing environments such as virtual ones. IDS systems also don't typically track protocol and network service (FTP, HTTP, etc.) utilizations; which is another important part of visibility. So, what do we do to gain visibility without the performance headache? Well, for starters its probably best to put your IDS/IPS solutions in the physical environment where performance will be less of a concern. In fact, you can span a virtual switch's traffic out to a physical NIC as easy as you can to a virtual one. So why do it virtual and have to pay a 60% CPU utilization tax? Another solution is to IDS inspect only the things you care about. Why IDS inspect SSL traffic if you know your solution can't unencrypt SSL. Its just a waste of compute cycles isnt it? Policy based switching helps you with directing only the things you care about to an IDS (attack visualization product). Montego's HyperSwitch also can help you with the traffic redirection of only the things you care about. Another method of visibility which I tend to be a fan of is one of packet analysis (aka NetFlow). NetFlow was invented by Cisco some time ago and has gained popularity in the physical world and definately has a use in the virtual world. NetFlow is lightweight. Let me say that again, its light weight! It only sends a summation of packet detail to an analytical engine which can do some number crunching, packet comparison, etc. etc. to make some sense out of whats going on. Lancope, an Atlanta based visibility company that provides Network Visibility, Security Visibility and User Visibility has this tool on their website that is a Netflow Bandwidth calculator. You'll see from playing with this ( http://www.lancope.com/netflowcalculator.aspx ) calculator that it doesn't consume a lot of network bandwidth to transmit these network accounting records. It also doesn't cause a lot of CPU overhead to send these records to an analytical engine sitting somewhere in the network. Lancope's analytical engines have the ability to do the following for you within your virtual environment:
...and probably a slew of other things I'm not aware of. A screen shot of their product is bellow:
You'll notice from the screenshot that you are able to visualize who is talking to who, how much traffic they have sent and received and something called a concern index (not seen on this screenshot). Now, a concern index is a number that increases as Lancopes analytical engines monitor suspicious activity on a session. A high counter can be indicative of a security problem. Its another way of identifying (visualizing) compromised hosts (virtual machines) without having to do signature matching like a heavy weight IPS engine. Example: Lets say you have a VM that has a BOT on it and is "owned". The Lancope product is monitoring this long life session. Let's say that session is established for several hours or maybe even days or months. Lets also say that the conversation appears to be mostly unidirectional from a public ip address not belonging to your enterprise. Lancope would increase a the concern index on this since this server hasn't typically had this type of behavior. Once the concern index reached a certain level it could then fire off an email, send you a text message or something saying: Warning, Warning, Danger, Danger Will Robinson!!! You're virtual server may be infected with a BOT, please investigate immediately!!! This example is VISIBILITY which helps you with SECURITY. There are a number of other things you can do with NetFlow and Lancope products that have less to do with security and more to do with operational efficiencies. Things like, helping you answer questions of: How do I know what network applications are taking up the most bandwidth? When should I move those applications over to a server with more horsepower? When did these VM's vmotion over here and was there a traffic condition / CPU condition that caused that to occur? I could go on and on but thats a topic for another blog entry. So, my suggestion is to take a look at what NetFlow has to offer. Montego Networks supports NetFlow transmission and Lancope supports NetFlow analytics and with both you can regain what was lost visibility. I hope this was helpful to you all! -John Peterson |
| CPISM certification empowers merchants [PCI Blog - Compliance Demystified] Posted: 30 Jul 2008 06:34 PM CDT
The reason I congratulate him is because he has been working for years to do exactly what we do: educate and empower people about PCI compliance. My mantra has always been to bring our expertise and education to empower those “across the table” from their auditor. Have you ever felt frustrated because one auditor tells you one thing and another tells you something else entirely? Perhaps this is just their variance in interpretation of the standard or personal risk tolerance. The problem is that if you re-engineer your environment every time you get a different auditor you may go bankrupt! So what can people do to learn what their auditor knows? How can people empower themselves to understand the payment card industry so they can speak about it knowledgeably? I’m not only an advocate, I’m also a member of the Society of Payment Security Professionals. They have launched the Certified Payment-Card Industry Manager (CPISM) certification. This certification and the training for it is geared at educating people about the payment card industry so they can speak with others (i.e. an auditor) knowledgably about it. Someone called me up today asking about their call center and how one auditor said it was not in scope and another said it was in scope. They had just finished re-architect their environment to make a secure payments area and now they were looking at re-engineering it to accommodate the requirements of this new auditor. I told that person that they could always call upon me (as you all can via the email address and phone number on this blog), but that they would feel more confident if they empowered themselves. It’s like the old proverb, “if you give a man a fish he will eat for a day, but if you teach a man to fish he will eat for a lifetime.” This certification is meant to empower others to feel more confident about the decisions they make, because they invested the time necessary to learn the nuances of the industry. |
| PCI Survey [PCI Blog - Compliance Demystified] Posted: 30 Jul 2008 06:18 PM CDT
Since Rob is based in the UK this survey is targeted mostly at European companies, but I’d urge you all to participate. The more information available to the public the more we can identify the roadblocks and remove them. We already know that things such as Chip-PIN have had an ideological impact on PCI DSS adoption within the UK and Europe. It goes a long way towards protecting cardholder data, but it alone will not protect merchants from exposing sensitive data. Merchants must understand that integrated POS devices could retain “track equivalent data” which cannot be retained post authorization. Other issues include the multi-acquirer relationships within Spain and Italy. This power shift makes it harder for acquires to push for compliance within their merchant community. Also, things such as Single Euro Payments Area (SEPA) may bring changes to how merchants see their PCI scope. There are a number of things that companies must consider and an equal number of roadblocks. In the end, excuses are just that. If you choose to not wear a life preserver just because your neighbor isn’t then both of you will down when the ship springs a leak. Ignorance is no excuse. Also, if you’d rather read up on a Web App Sec survey check it out. |
| Oh oh, I use AT&T [Network Security Blog] Posted: 30 Jul 2008 04:57 PM CDT Not that I’m surprised, but it appears that a DNS server at AT&T has been the first high profile targets of the DNS vulnerability discovered by Dan Kaminsky. I’ve been testing my internet connection every once in a while since I called out AT&T to patch last week and as of Monday it appeared to be safe. Even the 3G connection I’m using right now appears to be safe. But at least one server in the AT&T network was vulnerable and HD Moore’s company BreakingPoint was the target. A little bit of delicious irony there, since HD is the creator of Metasploit and released a plugin to test for the DNS vulnerability last week. I’m getting tired of writing about the DNS issue and hope that AT&T and other service providers make a lot better effort in patching for the vulnerability now that it’s in the wild and being exploited. Dan mentioned an interesting set of statistics last week: When he first put up his vulnerability test page 78% of all tests came back as vulnerable, while as of last week only 56% of the tests came back as vulnerable. I’m quoting these numbers from memory, so they may be off a little, but it’s still an impressive effort to patch. Not nearly good enough, but still impressive. I hope this spurs a fresh round of patching by large service providers as well as smaller companies, but I’m not going to hold my breath. I wonder how many more tricks Dan has up is sleeve for his talk at Black Hat, because I don’t think we’ve seen the full extent of this vulnerability just yet. |
| Flash being used in spam emails [mxlab - all about anti virus and anti spam] Posted: 30 Jul 2008 04:50 PM CDT Spammers often include links in their messages directing to web sites. These links are most of the time in the form of a URL including .html, .htm, .asp, .php or something similar. A new spam trick includes now to include an URL directing to an Flash animation with the .swf extension. Most browsers will play the Flash movie even if this one isn’t embedded in an .html page. The Flash contains no animation but a redirect to a web site with the spammers offer. Commtouch reports that the messages arrived in small quantities on Saturday, and by Monday, July 28, had become a massive outbreak. 7000 URLs have been created and used in millions of spam messages.         |
| Malware round up, for now [mxlab - all about anti virus and anti spam] Posted: 30 Jul 2008 04:35 PM CDT The UPS trojan and malware that was distributed by an email was one of the latest highlights. In more than one occasion the attached zip was was extracted, openen and the trojan was executed. Anti virus engines had all the troubles to keep up-to-date and to provide some real protection. Commtouch, our technology partner, have provided us with a graphic when the UPS trojan outbreaks appear per day based on the ups_invoice.exe attachment.
As we also reported on this blog, the malware was send out in so called bursts: many emails with the virus in a short time. In the graph you can when some massive waves or bursts occured. By sending out viruses in burst you can have a better result regarding infections because you can reach many unprotected computers in a short time frame. At the moment things have cooled down a bit but since this afternoon we see the variant ‘Buy your ticket online’ appear in our messages logs. This story isn’t over yet and we keep our eyes open.         |
| OAUTH and OATH - confusing? [Mike Davies: Online Identity and Trust in EMEA] Posted: 30 Jul 2008 07:38 AM CDT Just read an excellent post about the difference between OAUTH and OPEN ID.
If I was to try and fit OAUTH into the diagram I guess it would kind of fit across both the SITE ID part and the 1st FACTOR part as it is establishing a standard where sites can ID themselves to each other and allow the consumer to use their first factor of authentication to enable the sites to share the resources.
|
| Meru Networks erects a "cone of silence" [StillSecure, After All These Years] Posted: 30 Jul 2008 07:13 AM CDT
Meru is one of few stand alone wireless companies still hanging on out there. So they need to be innovative to survive. Their latest product, RF Barrier puts antennas around a physical plant to dampen and make it impossible to to listen in on wireless data exchanges. They claim this is a first of its kind. Thinking about it though, I don't see a big barrier to other companies having similar technology. I don't think you have to be a genius to broadcast traffic that puts out "noise" to hide legit traffic. I think the real special sauce is that this works in conjunction with Meru's other security products like wireless firewalls and secure access points. With Motorola's recent purchase of AirDefense is having wireless IPS soon going to be table stakes in the wireless provider game? I think it is and while Meru's RF barrier is a nice story, they are going to need to have some sort of IDS/IPS in their product line to keep up.  |
| Security Briefing: July 30th [Liquidmatrix Security Digest] Posted: 30 Jul 2008 07:12 AM CDT  I seriously need to address a few blog postings that I have in the can. They have been languishing for a couple weeks now and I hope I can get them posted this weekend. I hope everyone has a great day! Click here to subscribe to Liquidmatrix Security Digest!. And now, the news…
Tags: News, Daily Links, Security Blog, Information Security, Security News |
| Trend Micro OfficeScan Web-Deployment Buffer Overflow [Liquidmatrix Security Digest] Posted: 30 Jul 2008 07:03 AM CDT This problem with Trend Micro was issued yesterday. From Secunia:
I can only imagine that this same problem exists in Symantec’s antivirus. |
| McKinnon Loses Extradition Appeal [Liquidmatrix Security Digest] Posted: 30 Jul 2008 06:32 AM CDT The last ditch effort by McKinnon to avoid extradition in the UK has failed. Now, his lawyers are taking the case to the EU courts. From CNN:
Well, of course they will make an example of him. They have to be sure to please/protect their alien masters. heh. |
| Blogging as therapy [StillSecure, After All These Years] Posted: 30 Jul 2008 01:13 AM CDT As some of you know, my friend Mitchell Ashley and his wife Mary Ellen have been battling against breast cancer for over 3 years now. It has been a roller coaster ride for both of them and I have seen first hand how much courage it has taken for Mitchell to deal with this scourge, let alone the courage that Mary Ellen has in battling this disease. Though Mitchell has never made a secret of it, he has not made it very public either. That has now changed with a new blog that Mitchell started call breastcancerforhusbands.com.  |
| No podcast this week [Network Security Blog] Posted: 29 Jul 2008 08:04 PM CDT Rich and I are both incredibly busy, trying to get some work done before Black Hat and Defcon start. We’re planning on producing a podcast next week from the showroom floor at BH as well as a few microcasts from the both Black Hat and Defcon. So tune in next week, I promise the audio will be better than episode 113’s was. Because you know it can’t get much worse than last week. |
| Google versus Microsoft: A Coming Cloud Computing Dogfight [ARCHIMEDIUS] Posted: 29 Jul 2008 07:53 PM CDT Steve Ballmer gets it. While he discusses a strategic interest in search, his head is really in the clouds; in the coming transformation many are calling cloud computing. I think he fully understands the cannibalization risk that Google is posing in the long term as it delivers increasingly sophisticated applications as a service. Yet there [...] |
| Ah, the joys of blogging! [StillSecure, After All These Years] Posted: 29 Jul 2008 05:12 PM CDT People ask why do you blog? In the final analysis I blog because I like to. Every once in a while though you get a comment from a reader that reminds you why it is all worth while. Here is one I received today from a person alleging to be a Julie Peterson:
First of all Julie, let me thank you for your kind words! You made the statement and let me answer your questions for you. 1. Is dressing in a tuxedo and chewing rubber chicken breasts my idea of fun? Actually, I do enjoy dressing up in a tuxedo once in a while. The food at the awards ceremony was actually pretty good, if not diet friendly, as were the cocktails. The entertainment at the awards show was pretty good as well. Catching up with friends you had not seen for a while and networking with industry peers was pretty worthwhile too. Maybe your idea of a good time is putting on a bowling shirt and swilling a couple of beers and pretzels before going home and undressing into your dirty ripped underwear. Hey I say to each his own. 2. I am not the idiot who in 2007 said that I hated the SC awards and that anyone can buy the SC awards with a sponsorship. I am the idiot who said that about the InfoSec Products Guide award by the folks at Silicon Valley Communications. In contrast I have always said nice things about the SC awards. I actually have a lot of respect for them. Also for the record, StillSecure has never been a sponsor of the SC Magazine awards. I have seen sponsors who did not win awards as well. So looks like you got that one wrong Julie, but it happens. 3. "Networld" magazine didn't give me the boot within 3 months. They never had the chance, as I never wrote for "networld, network world or any other magazine. Maybe you have me confused with Mike Rothman or Mitchell Ashley, who do and did write for Network World. But let me assure you that I do try and think before I write. 4. Regarding what medication pills I take and does my hair make it obvious I ran away from a mental hospital. I don't take any medication, maybe I should. Better living through chemistry you know ;-) As to my hair, what can I say. At this stage I am happy I have any hair at all. My wife always says when I get my haircut it looks like a Buzz Lightyear style, but no one ever mentioned a mental hospital look to it. In any event sorry it doesn't appeal to you. So who is this troll Julie Peterson? Could it be Richard Stiennon in drag? Maybe his wife striking out? Maybe another one of my fans? Who knows, but these sort of comments keep me juiced about blogging and remind me of how much fun I have doing it. Thanks again Julie! |
| Reminder: WebEx Seminar on Risk Analysis [RiskAnalys.is] Posted: 29 Jul 2008 12:56 PM CDT Hey everybody! Quick post this morning to remind you guys that Cisco has been kind enough to let us give a follow on WebEx presentation on July 31, 2008 at 11:30 a.m. EDT. The link to sign up is <<<here>>>. There are only about 40 slots left. It looks like it’s going to be a good crowd. We’re calling this part II - and it’s being advertised as: “How to conduct a risk analysis and produce a high impact deliverable to senior management.” With topics:
I got to do the Q&A backchannel on the last presentation, and there were great questions asked. I think this presentation will be even more exciting, as it’ll cover both analyst and management considerations. If you’re a regular reader of the blog, I don’t think you’ll have to have attended the last one for this one to be worth your while. REPEAT PERFORMANCES OF THE FIRST WEBEX ARE AVAILABLE And if you missed it the first time, the playback of the first preso is here, and the slides are here. |
| Security Briefing: July 29th [Liquidmatrix Security Digest] Posted: 29 Jul 2008 07:52 AM CDT My jaw is sore from the dentist yesterday. Ugh. At least today is starting off on a good note (jaw notwithstanding). Click here to subscribe to Liquidmatrix Security Digest!. And now, the news…
Tags: News, Daily Links, Security Blog, Information Security, Security News |
). So I am going to use Mr. Lamson’s photo to kick off a new category (and series) on Art of Information Security, called “Security faux pas” - stay tuned…
Congratulations to Walter Conway for 
If you are not already subscribed to 
| You are subscribed to email updates from Black Hat Security Bloggers Network To stop receiving these emails, you may unsubscribe now. | Email Delivery powered by FeedBurner |
Inbox too full?  Subscribe to the feed version of Black Hat Security Bloggers Network in a feed reader. | |
| If you prefer to unsubscribe via postal mail, write to: Black Hat Security Bloggers Network, c/o FeedBurner, 20 W Kinzie, 9th Floor, Chicago IL USA 60610 | |
No comments:
Post a Comment