Get In Touch
A week after the shutdown of Full Disclosure sent shockwaves through the security industry, we're getting word that it's getting a second chance. Nmap Project hacker Gordon Fyodor Lyon announced Tuesday that he's taking on management of the list.
The final speaker list and agenda have yet to be finalized, but plenty of details are now available regarding BSides Boston 2014. Those details are below. As for the final agenda, stay tuned for that after the call for papers period closes March 31.
The full schedule has been released for next month's SOURCE Boston security conference. This year's keynote speakers are:Internationally renowned security technologist and author Bruce Schneier;Justine Aitel, who manages cyber security and identity programs at Dow Jones; and Dr. Andrea M. Matwyshyn, an academic studying technology innovation and its legal implications, particularly corporate information security regulation and commercial and consumer privacy.The SOURCE website includes podcast interviews with the keynoters as well as
The job of security professionals is becoming tougher by the day. While we work hard to ensure that vulnerabilities are covered, an attacker simply needs to find the weakest link. Not a pleasing thought, but often attackers have the time and resources on their side while the "good guys" work under a whole different set of pressures.
International Data Group (IDG) announced yesterday that its Founder and Chairman, Patrick J. McGovern, died March 19 at Stanford Hospital in Palo Alto, California. Having worked at IDG for five years before coming to Akamai, the news made me profoundly sad. But this post is a celebration of a life well lived and the huge legacy he left in the world of tech media and beyond.
There's a lot of valuable perspective out there regarding the shutdown of Full Disclosure, a mailing list where researchers posted details of exploits and software security holes. I'll share that perspective below. But first, here are my thoughts as an ex-journalist who often relied on it for news.
The great videos David Spark produced during RSA Conference 2014 keep rolling in. In this latest episode, security professionals are asked what they would want if they could be granted one wish. The answers are amusing and, in most cases, unattainable. Visit the site of our partner Tripwire for a related article.
One of the big topics at last month's RSA Conference was DevOps, the process by which developers and IT operations work together to speed up development and production at unprecedented levels, pushing sometimes thousands of updates to production in a single day. Gene Kim (@RealGeneKim), author of "The Phoenix Project" and a huge proponent of DevOps production environments, and Josh Corman (@JoshCorman), CTO of Sonatype, explain the benefits in this Tripwire
Following last week's cyber-attacks on Meetup's infrastructure, Antone Gonsalves, a reporter from CSO Online, asked me, for an article he was writing, what steps I would recommend CISOs to take "if they came under a similar attack". I hesitated before giving a softball answer, "don't wait for the attack, prepare for it." I could sense the reporter's frustration immediately. He wanted to give his readers step-by-step instructions, to what I