Too many low-value, cookie-cutter app testing engagements enabled bug bounty programs' success. (Explanation of John Henry reference here.) Continue reading Twelve Word Tuesday: Can App Security Consultants Recover and "John Henry" Managed Bug Bounty Programs?
Cloud is infrastructure like CPUs, Windows/Linux, even users - always need external protection. Intel exploring selling what is left of McAfee. Continue reading Twelve Word Tuesday: Intel/McAfee Proves Once Again That Infrastructure Can Not/Will Not Protect Itself
Having something board-worthy to say: Are you collecting business relevant security metrics? Free SANS CISO Hot Topic Session with CISCO CISO Steve Martino, SANS Founder Alan Paller and SANS Director John Pescatore Tuesday 14 June: "Communicating to and Influencing CEOs and Boards of Directors: What Works and What to Avoid" Continue reading Twelve Word Tuesday: Don't Be the "Dog That Caught the Car" When Board-Briefing Opportunity Arises
. Fifteen year's Federal PKI spending - Congresspersons must look for BYO encryption apps? . Reps. Will Hurd (R-Texas) and Ted Lieu (D-Calif.) "Dear Colleague" letter to the entire House of Representatives on basic security hygiene. Continue reading Twelve Word Tuesday: Why Are US Elected Officials Resorting to "Bring Your Own Security" for Basic Security Hygiene??