Browse by Tags

Tagged Content List
  • Blog Post: Simple Rules To Stop Bad Guys

    Hi, RockyH here, I was browsing for IT security news from the hotel this evening and came across this gem: That’s it. Of course there is no information about who to email, and why should their be. If they can’t figure out how to tell the difference between malicious traffic and real traffic...
  • Blog Post: Application Security Development Lifecycle 5A: Is Threat Modeling Right For You?

    Several enterprises are increasingly investing time and money in building application security tasks into their existing SDLCs. Some of them have also reached the conclusion that proactive approaches , like threat modeling, have more ROI than reactive approaches. As a result, some enterprises with nascent...
  • Blog Post: Application Security Development Lifecycle 4: Finding the right security talent

    After about an hour of nodding his head vigorously in agreement with some of our lessons learnt, my customer jumped up and exclaimed, " Great!! Now where do I find another 20 people like these?" (pointing to my team)... I thought about it a while and so Mr. B here is your answer: Information...
  • Blog Post: How Microsoft IT does Secure Application Development: Webcast

    Technorati Tags: Conference , SDLC , SDL , IT , ISV I will be discussing Microsoft IT's approach to secure application development, with a special focus on how we integrate security into the IT line-of-business SDLC, in a webcast this Thursday May 29th. This webcast will be part of the Microsoft's IT...
  • Blog Post: Application Security Development Lifecycle 3: Funding Models

    Now that you've decided (or battled) to set up an application security program you realize that it actually needs to get funded.  You must master the art of delicately drinking from the fire hydrant of line of business applications. In my experience helping organizations set up their application...
Page 1 of 1 (5 items)