Cisco recently released the 2010 Midyear Security Report and I caught up with one of the principal authors, Mary Landesman, Senior Security Researcher at Cisco.  Read More →

Well, not quite; I have a few more hours of getting packed and work before I head to the airport, but close enough.  Read More →

Like many people in the security blogger community, Tyler Reguly pays for his blog and other community efforts out of his own pocket.  Read More →

Zach couldn’t make it tonight, but Rich and Martin open the show with a call to our listeners for more email questions and topic suggestions. After answering a listener question last week, we realized it would be nice to engage with all of you a little bit more. But not too much… I mean we don’t want to touch you or anything. We also spend a little time talking about how we handle our connectivity and security while at Black... 

I really wish I had the time to fully explore the idea, but there’s a certain amount of resonance between the criticisms Adrian Lane at Securosis levels against Visa’s guidance on  Read More →

If you’ve been thinking about using tokenization or truncation to limit the scope of your PCI environment, you need take a few minutes to read the two documents Visa just released, Visa Best Practices: Tokenization and Visa Best Practices for Primary Account Number Storage and Truncation .  Read More →

Rich and Zach are still sweltering in their perspective heat waves, but Martin managed to nab an interview with Bob Russo, the head of the PCI Security Standards Council. We also cover a couple of stories and some honest to goodness listener mail! Network Security Podcast, Episode 205, July 13, 2010 Time:  Read More →

Last week another assessor friend of mine started a new blog, Fear Not the Assessor .  Read More →

Once again we have a wandering host; Rich has wandered off into the hinterlands of Denver (Boulder, I think) and is too busy to call in for the podcast.  Read More →

New show. Zach late. Show still good. Martin’s birthday. Mongo like. Network Security Podcast, Episode 203, June 29, 2010 Time: 32:57 Show Notes: The National Strategy for Trusted Identities in Cyberspace . Sen. Bond says DHS shouldn’t oversee cybersecurity . Why the disclosure debate doesn’t matter . Disclosure via court . Tonight’s music: All India Radio with Endless Night  Read More →

I got to talk to a number of very interesting people while work with the FIRST conference.  Read More →

Truth can be stranger than fiction sometimes; I’ll be speaking on a panel on compliance with Jack Daniels and Josh Corman at Defcon next month.  Read More →

The one thing I’ve hated doing since I picked up the iPad was anything involving typing. The concept of touching icons with a fingertip works in a wonderfully intuitive manner. But when you have to type out a password or anything longer than a tweet, it’ frustrating an slow. So I got the Boss’s (aka wife’s) permission to pick …  Read More →

We went long tonight, really long.  Read More →

We have an interview with Akamai CSO Andy Ellis this week, so we cut our coverage of the news a little short. Which is okay, since Zach was dialed in from Denver and Rich managed to catch some sort of virus (turns out macs may not get them, but Mac users sure do).  Read More →