I was looking at some of the material i’ve worked on over the years but never gotten around to publish. Among it was a paper on challenges selecting a suitable MSS provider which may be useful to someone. This posting is the first part of a longer paper. Understanding requirements & options Information security risk is […]
Microsoft posted an interesting video about their internal penetration testing approach of Azure over at Channel9. It is under 10 minutes and well watching for anyone interested in red team testing or cloud security. Areas covered in this video: Methods of improving Azure security How Azure security operates Understanding emerging threats Red team and blue […]
I came across an interesting article the other day (Does Your CEO Really Get Data Security?) that was raising a controversial point on the relative importance of information security functions for today’s organizations. It starts of by making a good argument that awareness of information security risks at senior leadership levels is crucial but unfortunately […]
Leron Zinatullin asked me if i’m interested in sharing my thoughts on information security trends and culture; naturally i was happy to oblige. You can find the posting over at Leron’s site along with a lot of other noteworthy material.
Earlier this month I’ve participated a panel discussion at the first SC Congress in London. Brian Brackenborough, Frank Florentine and myself opened the Congress with a discussion on “Inside, outside, upside-down: Staying ahead of the threat, wherever it comes from”. I think it was a worthwhile discussion and i definitively took some great points made by […]