Hi all,
Another big momentum machine for software security (and data security) is PCI
compliance. There is a challenge, though, and that is figuring out where the
credit card data that you want to protect are. We've found in our practice at
cigital that the data are literally scattered all
http://www.bookpool.com/sm/1590597842
Any thoughts positive and negative on this book?
*
This communication, including attachments, is
for the exclusive use of addressee and may contain proprietary,
confidential and/or
Gary, may I suggest an alternative response to application firewalls and the
notion that it is hair-brained? Of course this is true but this list is missing
a major opportunity to finally calculate an ROI model. If you ask yourself,
what types of firewalls are pervasively deployed, you would
It was written by a PhD from stanford who worked with dan boneh. He now works
for google. The book has lots of hands on examples which makes it powerful.
I think it's worth buying and reading. I have a copy on my desk now.
gem
company www.cigital.com
podcast www.cigital.com/silverbullet
For many shops, having another type of firewall could cost
millions whereas putting tools in the hands of developers may
actually be cheaper. We as a community may be better served
by encouraging application firewalls and letting the
financial model for complying work in our favor...
I
Awhile back, I mentioned the Technology forum in NYC and they are seeking
speakers. Of course there are some constraints to whom may sign up. A sponsor
may serve on a panel but otherwise, the speakers need to be from end-customer
enterprises and not from software vendors or consulting firms. If
On 4/4/07, J. M. Seitz [EMAIL PROTECTED] wrote:
From secure coding practice in development, proper QA cycle and
regression testing, deployment security touchpoints, and finally adding
the
extra layer on the top is putting application layer firewalls in place,
which if we ever have a 0-day style
Gary, may I suggest an alternative response to application firewalls and the
notion that it is hair-brained? Of course this is true but this list is
missing a major opportunity to finally calculate an ROI model. If you ask
yourself, what types of firewalls are pervasively deployed, you