You can't secure what you don't acknowledge.SM

Thursday, December 4, 2008

Talk is cheap...what do you deliver?

Here's a fitting quote by Vince Lombardi related to what we deliver in our jobs as security professionals...Good thing to keep in mind these days...

"Some of us will do our jobs well and some will not, but we will and be judged by only one thing: the result."

Tuesday, December 2, 2008

My latest security content

Here's a Q&A I put together with the author of a great new book on Web security testing:
Recipe for successful Web application security testing

Here's a podcast I recorded for
Security Policies for Windows Systems

...and here's an article I was interviewed for that you may find interesting:
SOA, SaaS and SOAP: CIOs drowning in sea of IT acronyms

Be sure to check out for all of my information security articles, podcast interviews, webcasts, screencasts and more.

You don't have to run faster than the bear

I like the message in this post by my colleague, the one - the only Pete Lindstrom. When securing your network, apps, laptops, whatever, you don't have to have the best security - you just need to have better security than the other folks around you. It's like having a home alarm sign in your yard and while your neighbors don't. Which home is the average criminal going to go after...? He'll likely choose the path of least resistance.