Phishing: Electronic Social Engineering
Was Ronald Reagan thinking about Phishing when he uttered one of the most famous sayings in history … read more
Add comment November 2, 2008
(ISC)2 Launches New Software Security Certification - CSSLP
(ISC)2 brand new certification to address security holes in software development - arriving on scene is the CSSLP - Certified Secure Software Lifecycle Professional.
Continue Reading Add comment September 26, 2008
OWASP AppSec India - Keynote and Training
OWASP AppSec India Keynote on Application Security Trends and Challenges
OWASP Training on Advanced Threat Modeling
Continue Reading Add comment September 26, 2008
Keynote at OWASP India 2008 - August 20th, 2008
Representing (ISC)2, the global leader in security education and training as their Software Assurance Advisor, I will be delivering the keynote address on Application Security Trends and Challenges in OWASP India 2008.
If you plan to attend or you will be there, come by and say hello. 
Dates - August 20th, 2008 @ 9:00 -10:00 a.m.
Venue - India Habitat Center, New Delhi
More Information, click here
1 comment August 13, 2008
SecuriTRAINED! Be Aware, Be Skilled, Be Certified in Security
What does it mean to be SecuriTRAINED?
Step 1 - Follow Chinese War Strategist, Sun Tzu’ss advice in the “Art of War” “Know Thyself” a.k.a. - Be Aware
Step 2 - Follow Queen Elizabeth II’s advice on “Training” and Be Skilled
Step 3 - Follow Goethe’s advice that “Knowing is not enough, we must apply” and Be Certified
Resource Link - AT&EC Security Solutions Datasheet by SecuRisk Solutions
To be SecuriTRAINED is to Be Aware, Be Skilled and Be Certified in Security … read more
Add comment August 13, 2008
Software without Seatbelts
Would you buy your dream car without seatbelts? Didn’t think so … Then why should you settle for software without seatbelts … read more
Add comment July 2, 2008
Being Unwired, Yet Secure !
Managing Security Risks in a Wireless World …
Continue Reading 1 comment May 8, 2008
Diagnosis: TMI Syndrome; Patient: Your Web App
If presenting the information is not properly protected, Web applications can suffer from TMI Syndrome (TMIS). When Web applications suffer from TMI Syndrome, they divulge more information than is necessary, unsolicited or otherwise. Not too wise …
Continue Reading Add comment May 8, 2008
The Road Less Traveled - Software Security from Shakespeare, Jungle Book and Nature …
What do you think Shakespeare had to say about Software Security? What does an naked motorist have to do with Confidentiality? What does the Jungle Book character Baloo have to say about Security Essentials (The Bear Bare Necessities of Life security)? What does the African Wildlife have to do with Security Concepts? What does pH have to do with Security? and more …
Continue Reading Add comment April 29, 2008
SD3LC - Secure By Design, Development & Deployment @ TRISC
In the current day and age, the chief drivers for software development projects are meeting business requirements and deadlines. Security is generally an afterthought for software development projects. Incorporating security from inception is more cost effective.This session will address the various security controls and activities associated with each phase of the software development lifecycle (SDLC). The controls and activities include but are not limited to; modeling use/abuse cases, threat modeling, security code review, security testing, etc.
Continue Reading Add comment April 29, 2008
