Jun 30, 2014
Establishing an Information Security program can make or break an organization. So what do you need to get that started?
We have friend of the show Phil Beyer come in and discuss with us the five steps of the creation of an Information Security Program. Join us for Part 1, and next week, we'll finish up with a little...
Jun 23, 2014
We finished up the OWASP Top Ten List. We discussed Injection, XSS, and other goodness. Find out what makes the Top 5 so special.
http://risky.biz/fss_idiots - Risky Business Interview concerning Direct Object Reference and First State Superannuation
http://oauth.net/2/ - Great information on OAUTH 2.0.
Jun 16, 2014
As we wade through the morass of the Infosec swamp, we come across the OWASP 2013 report of web app vulnerabilities. Since Mr. Boettcher and I find ourselves often attempting to explain these kinds of issues to people on the Internet and in our daily lives, we thought it would be prudent to help shed some light...
Jun 9, 2014
This is part 2 of our podcast interview with Guillaume Ross, Infosec professional who is well versed with the intricacies of various cloud architectures, whether they are IaaS, PaaS, or SaaS. This part of the podcast discussed how contracts are established, and we ask if smaller cloud providers have a chance against...
Jun 1, 2014
Brian and I interviewed Mr. Guillaume Ross (@gepeto42), an Information Security professional who helps organizations get themselves situated into cloud based solutions. We get a better understanding of why people would want to put their info into the 'cloud' and how they are different than traditional co-lo...