I received Senior Member Grade at ACM (Association for Computing Machinery). Senior Members 2010 list is here.
The Senior Member Grade recognizes those ACM members with at least 10 years of professional experience and 5 years of continuous Professional Membership who have demonstrated performance that sets them apart from their peers.
Thanks to all who supported me to get this grade at ACM.
New version of CrypTool has been released on August 4th, 2010. CrypTool is a free, open-source e-learning application, used worldwide in the implementation and analysis of cryptographic algorithms. It supports both contemporary teaching methods at schools and universities as well as awareness training for employees and civil servants.
The program can be downloaded here.
The current release version for users is CrypTool 1.4.30. It is available in English, German, Spanish, Polish, and from this version, in Serbian language.
My students from “Visoka škola elektrotehnike i računarstva” from Belgrade, contributed localization of this software to Serbian language.
A free online summit on Intrusion Prevention takes place on July 8, 2010. At this summit, leading experts will look at the emerging threat landscape and provide tips to ensure your security management program can best overcome these new challenges in intrusion prevention. It will also cover key aspects in detecting, patching and immunizing your network to prevent repeated attacks from occurring. Hear leading industry experts from TechTarget, Vodafone, SecureWorks, ISACA, Fortinet and more as they discuss the latest innovations, best practices, barriers to implementation and measurable benefits of intrusion prevention.
Register here: http://www.brighttalk.com/r/svf.
Intrusion Prevention Summit Presentations Include:
“When Prevention Fails: The Role of IPS in Incident Response”
C. Matthew Curtin, Founder, Interhack
“Threat Prevention for 2010 and Beyond”
Jason Clark, SE Manager, US Channels, Fortinet
“Network Intrusion Prevention vs. Anomaly Detection
Mike Fratto, Editor, Network Computing
“Top Risks Associated with Implementing IPS”
Marco Ermini, Network Security Manager, Vodafone Group Services
“The Digital Disaster – Dealing with Computer Incidents”
Jan Collie, Manager Director & Principal Investigator, The Digital Detective Ltd.
“Why “Human Intelligence” is Critical to Effective IPS
Paul Pearston, Security Solutions Architect, SecureWorks
“Intrusion Prevention, Are We Joking?
Mark Henshaw, Director, ISACA London & Chairman, ISACA Winchester
“What’s the Future for Intrusion Prevention? Key 2011 Trends”
Ron Condon, UK Bureau Chief, TechTarget
Source: LinkedIn Gorups, Group: Information Security Community.
This is not brand new, but very useful information. Sophos, one of world leaders in IT security and data protection, issued “Threatsaurus, the a-z of computer and data security threats”. Free PDF is here.
Whether you’re an IT professional, use a computer at work, or just browse the Internet, this book is for you. We tell you the facts about the threats to your computers and to your data in simple, easy-to-understand language. I recently got free paper copy at Infosecurity event in London.
The short answer is: “Resources”. Marisa Fagan, an analyst at Errata Security, notes that formal secure software development programs are often too much for development teams to handle. “These programs have the [not entirely unwarranted] reputation of consuming large amounts of time, people, and money. We need programs that cut out all the fat. The secure coding program needs to fit the size and capabilities of the organization. If we ask too much from the average developer, we’re going to get nothing at all.”
Despite a wealth of security knowledge and developers’ access to advanced tools, many software security risks remain. Analysts say that vulnerabilities arise because many software developers do not understand how to build security into their code. “There’s a lot more acceptance of security as part of the process now, but historically developers have never been responsible for security,” says Fortify chief scientist Brian Chess. Although there have been several initiatives aimed at educating developers about secure software development practices, “the talent coming out of schools right now doesn’t have the security knowledge it needs,” says SAFECode executive director Paul Kurtz. Some organizations are implementing secure development frameworks, such as the Building Security In Maturity Model (BSIMM), which impose secure best practices throughout the entire development team. “BSIMM is a good strategy if you have a formalized software development process,” Chess says. The goal of the frameworks is to help developers identify and remediate the most common coding errors and fix them during development, rather than waiting until after the code is complete.
Read more in article “Why Can’t Johnny Develop Secure Software?” at Security Dark Reading.
Loading ...© 2005-2010 Dragan on Security All Rights Reserved
