Posts Tagged “security management”

Thinking about Cloud Security & Vulnerability Research: Three True Outcomes

by alex on June 28, 2010

When opining on security in “the cloud” we, as an industry, speak very much in terms of real and imagined threat actions.  And that’s a good thing: trying to anticipate security issues is a natural, prudent task. In Lori McVittie’s (…)

Read the rest of this entry »

For Blog/Twitter Conversation: Can You Defend “GRC”?

by alex on December 15, 2009

Longtime readers know that I’m not the biggest fan of GRC as it is “practiced” today.  I believe G & C are subservient to risk management. So let me offer you this statement to chew on: “A metric for Governance (…)

Read the rest of this entry »

The Eyes of Texas Are on Baseboard Management Controllers? WHAT??!!!

by alex on May 7, 2009

OR TEXAS HB1830S IS SWINEFLU LEGISLATION, IT’S BEEN INFECTED BY PORK! **UPDATE:  It looks like the “vendor language” around Section Six has been struck! Given Bejtlich’s recent promises, I thought we’d take a quick but pragmatic look at why risk (…)

Read the rest of this entry »