Blog Archives

Road Map for an Application/Software Security Architect (Part 5)

April 9, 2010
By admin

Without a Digital Identity, how would you expect to do any authentication? And with an incomplete Digital Identity, how would you expect to get the authorization done correctly? Without the proper data model and the expectation that it would have the correct data (besides being in the right place at the right time), securing...

Read more »

Road Map for an Application/Software Security Architect (Part 4)

April 9, 2010
By admin

Planning your application’s use of the digital identity is not an after-thought of system architecture. At the least, it might offer the occasional lack of reliable and conflicting information. At the worst, it provides little, if no protection, at all. And like the proverbial little dutch boy, you will be putting fingers in the...

Read more »

Road Map for an Application/Software Security Architect (Part 3)

April 9, 2010
By admin

Risk assessments for application software is not a matter of a quick penetration test nor a matter of code reviews at a single point in time. It is a process of moving through the application/solution’s Software Development Life Cycle (SDLC) and evaluating the results of the controls that are put in place at each...

Read more »

Road Map for an Application/Software Security Architect (Part 2)

April 9, 2010
By admin

Vulnerability testing at the acceptance stage of an application’s Software Development Life Cycle (SDLC) will not compensate for the lack of an understanding of what is being done during the software development even though you may not have control over the development efforts. You need a plan that puts those controls in place and...

Read more »

Road Map for an Application/Software Security Architect (Part 1)

April 9, 2010
By admin

With the level of security concerns about security, it is interesting that there is not more concern with a holistic focus on application security. Numerous articles are citing chilling statistics about security breaches, with the majority (some use the figure of 80%) being related to applications. It is not for lack of information as...

Read more »

Windows Server 2008 R2 Recycle Bin (Part 1)

March 2, 2010
By Liviu Siteanu

Had a very interesting conversation about the new Server 2008 R2 version. Most IT admins know it’s been updated with new features, and the one question that usually comes up is- “Doesn’t this mean I won’t need third party apps?” Well, no, you still do. Really. For example, let’s look at one of these new features,...

Read more »