You can't secure what you don't acknowledge.SM

Thursday, March 15, 2012

Wednesday, March 14, 2012

My upcoming webcast with Checkmarx: How to Use Source Code Analysis to Improve Information Security

Join me next week, Thursday March 22, for a quick webcast where I'll be co-presenting on the topic of source code analysis and how it can improve your information security over time.

I'm convinced that source code analysis is one of the missing links in the overall security process. As I say all the time: you cannot secure what you don't acknowledge. Ignoring security flaws at the source can be bad for business. Performing source code analyses, I've found Web application flaws like hard-coded cryptographic keys and password string, SQL injection and file manipulation...none of which external penetration testing tools uncovered.

This stuff is important. We're only asking for 30 minutes of your time. I hope you'll join us. You can register here.

My Atlanta CDW/TechTarget seminar

We had a friendly and larger than expected crowd at our event CDW/TechTarget information security seminar yesterday. Thanks to those who came out!

My favorite part of these events is learning new ideas from the participants and the other speakers. In this ever-changing world in which we work, it's hard to keep up and there's certainly no way to know it all. Every little nugget helps.

Looking forward to an even better event next week in Chicago!