security (20)

David F

Getting Ready to Present

Every month at my office, I hold an informal Lunch & Learn.  I take the opportunity to enlighten any of my colleagues who want to listen about some topic related to Information Security.  This is available to anyone in our IT operation who's interested, anywhere…

Continue reading...
David F

Movie Plot Threats

Bruce Schneier runs this annual contest called the Movie Plot Threat contest.  The idea is to poke fun at the way a lot of "security" is done, where instead of reducing real components of vulnerability like attack surface or complexity, people concoct insanely specific scenarios…

Continue reading...
David F

Mental Models

People hold mental models of the way the world works.  Approximations that are "good enough" to get through day to day life.  We follow rules of thumb as shortcuts, freeing our brains from figuring out anew how to do everything.  But when those models are…

Continue reading...
David F

Roadie

So if the title made you immediately think of those scruffy, hard-working characters who set up and take down touring concerts, welcome to the club. But that's not what this post is about, as you may notice by the business and security tags I have…

Continue reading...
David F

Vulnerability Counting misses the point

In a summary report by a researcher from GFI Software, a security products company, we learned yesterday that the count of vulnerabilities discovered in 2014 was up over the previous year. Who wants pie? The counts of the vulnerabilities researchers have discovered in your software…

Continue reading...