Browse by Tags

Tagged Content List
  • Blog Post: Akshay’s Uncertainty Principle: Observing Some Metrics Changes Them

    You’ve probably heard of the famous  Heisenberg Uncertainty Principle  in Quantum physics. It states “The more precisely the position is determined, the less precisely the momentum is known in this instant, and vice versa.” --Heisenberg, uncertainty paper, 1927 This principle is related to...
  • Blog Post: Note to Fannie Mae: Dealing with Logic Bombs

    Today, it was revealed that a departing contractor left Fannie Mae with a parting gift – a Logic Bomb designed to take 4000 of the financial giants servers & their data. Since this news broke, a number of concerned CIOs have requested my team for some guidance on how to deal with logic bombs. So...
  • Blog Post: Application Security Development Lifecycle 4: Finding the right security talent

    After about an hour of nodding his head vigorously in agreement with some of our lessons learnt, my customer jumped up and exclaimed, " Great!! Now where do I find another 20 people like these?" (pointing to my team)... I thought about it a while and so Mr. B here is your answer: Information...
  • Blog Post: How Microsoft IT does Secure Application Development: Webcast

    Technorati Tags: Conference , SDLC , SDL , IT , ISV I will be discussing Microsoft IT's approach to secure application development, with a special focus on how we integrate security into the IT line-of-business SDLC, in a webcast this Thursday May 29th. This webcast will be part of the Microsoft's IT...
  • Blog Post: Application Security Development Lifecycle 3: Funding Models

    Now that you've decided (or battled) to set up an application security program you realize that it actually needs to get funded.  You must master the art of delicately drinking from the fire hydrant of line of business applications. In my experience helping organizations set up their application...
Page 1 of 1 (5 items)