The Security Catalyst

With all the activity the fall brings, take a few moments to learn from your fellow catalysts - and the time to share your experiences. This is what unites us as professionals. Even when we feel we lack the time, making the time to engage brings benefit to every person involved.

I am also spending more time on twitter these days - and would love to engage in the conversation with you. You can learn more about twitter here: http://twitter.com/ and “follow” and chat with me here: https://twitter.com/catalyst

Discussion Forum Activity

Here are some recent discussions ripe for contribution or learning:

•  Standards Document Supporting an Encryption Policy
•  ISO 17799/27001/27002
• Researching malicious file types
• Need a Multi-function Inkjet (INTERESTING CAVEATS TO CONSIDER)
• Nevada & E-mail Encryption Requirement      

List of community blogger and podcasters

(I am working to ensure the list is accurate and separate out the blogs from the podcasts - let me know if you need to be updated/included)

What Security Blogs and Podcasts are represented in this community? (http://www.securitycatalyst.org/forums/index.php?topic=28.0)

Join our LinkedIn Group

For active members of the Security Catalyst Community; once I get the new laptop and have had a chance to catch my breath from the recent breakin, I’ll focus on cleaning up the linkedin list - and ensuring we take strides to meet and work together.

http://www.linkedin.com/groups?gid=27010

Here are some recent blog posts from Community Members that you may have missed:

• Scareware Ad From Skype?
• Change your passwords with your smoke detector batteries
• Forensic Time Dilatation
• New TCP vulnerability about trust, not technology
• The best anti-malware software out there…

About the Security Catalyst Community

We are a positively focused and supportive community that unites passionate professionals to achieve three goals:

(1) Provide a community where it is acceptable to be vulnerable and ask for help when you need it

(2) Create a community where anyone with an idea can share their approach in the pursuit of helping another. If today is your first day in security, welcome - share what you have learned without fear.

(3) Participate in a forum where members can share their passions, expand their thinking and find support with others who believe in making a positive difference.

Signing Up for the Security Catalyst Community

Your participation is your currency (means no charge to join) - the more you contribute the more you learn and the more valuable the community becomes to everyone (so dive in and share).

Registration Overview (NOTE THE NAMING CONVENTION)

      Go here: http://www.securitycatalyst.org/forums/

      Select the register link

      Follow the naming standard: firstname.lastname (include the period between first and last names)

      Your account will be reviewed and approved

      Jump in and share your thoughts!

Where is Michael - onTour Schedule & Updates

As we set out to journey the country, keep tabs on our schedule and opportunities to meet at www.catalystontour.tv or follow the progress of the book and speaking tour at www.intothebreach.com. As always, if you are on the way (or in the city we are heading), please contact me directly so we can meet. Our RV is our home, and our home is always open to our friends.

Coming Up:

Once the RV is repaired (working on it now) and our laptops restored (also in progress), we head right back out - and amazingly, don’t really miss a beat!

• Week of October 6: Albany, NY (pending RV repairs and insurance hand-to-hand combat)
• Week of October 13: Seattle for the MSFT Small Business Summit http://www.microsoft.com/smallbusiness/summit/
• Week of October 20: Kansas City for the MCSF Keynote http://www.mcsfonline.org/
• Week of October 27: Seattle (still confirming details)
• Week of November 3: Portland, Oregon, Keynote for: http://www.nwsecurityconference.com
• Week of November 10: (transit back to East Coast, perhaps via Dallas)
• Week of November 17: DC Metro (still confirming details) and Philadelphia, PA for a private briefing for the CSO Breakfast Club

If you enjoyed this post, make sure you subscribe to my RSS feed!

Greetings from Albany, NY - where the leaves are turning and there is crispness to the air that only autumn can bring. I love the fall, and this has been an upside of the recent events that brought us home. The book is now available - and I will be posting details in the coming days on how you can get a signed edition!

In the meantime, take the time to learn from your fellow catalysts - and the time to share your experiences. This is what unites us as professionals. Even when we feel we lack the time, making the time to engage brings benefit to every person involved.

I am also spending more time on twitter these days - and would love to engage in the conversation with you.

      You can learn more about twitter here: http://twitter.com/

      and “follow” and chat with me here: https://twitter.com/catalyst

Discussion Forum Activity

• Looking for Beta testers for the new Honey Stick fileset generation program…
• “End User Computing” ie Securing Excel…anyone with experience?
• Dshield Block List — Pros and Cons
• Anyone notice an uptick in greetingcard SPAM today?
• Blackberry Enteprise Server — Placement Considerations

List of community blogger and podcasters

(I am working to ensure the list is accurate and separate out the blogs from the podcasts - let me know if you need to be updated/included)

What Security Blogs and Podcasts are represented in this community? (http://www.securitycatalyst.org/forums/index.php?topic=28.0)

Join our LinkedIn Group

For active members of the Security Catalyst Community; once I get the new laptop and have had a chance to catch my breath from the recent breakin, I’ll focus on cleaning up the linkedin list - and ensuring we take strides to meet and work together.

http://www.linkedin.com/groups?gid=27010

Here are some recent blog posts from Community Members that you may have missed:

• Increase Your Logging
• IDS: Vitamins Or Prophylactic?
• Google’s New Browser

About the Security Catalyst Community

We are a positively focused and supportive community that unites passionate professionals to achieve three goals:

(1) Provide a community where it is acceptable to be vulnerable and ask for help when you need it

(2) Create a community where anyone with an idea can share their approach in the pursuit of helping another. If today is your first day in security, welcome - share what you have learned without fear.

(3) Participate in a forum where members can share their passions, expand their thinking and find support with others who believe in making a positive difference.

Signing Up for the Security Catalyst Community

Your participation is your currency (means no charge to join) - the more you contribute the more you learn and the more valuable the community becomes to everyone (so dive in and share).

Registration Overview (NOTE THE NAMING CONVENTION)

      Go here: http://www.securitycatalyst.org/forums/

      Select the register link

      Follow the naming standard: firstname.lastname (include the period between first and last names)

      Your account will be reviewed and approved

      Jump in and share your thoughts!

Where is Michael - onTour Schedule & Updates

As we set out to journey the country, keep tabs on our schedule and opportunities to meet at www.catalystontour.tv or follow the progress of the book and speaking tour at www.intothebreach.com. As always, if you are on the way (or in the city we are heading), please contact me directly so we can meet. Our RV is our home, and our home is always open to our friends.

Coming Up:

Once the RV is repaired (working on it now) and our laptops restored (also in progress), we head right back out - and amazingly, don’t really miss a beat!

• Week of October 6: Albany, NY (pending RV repairs and insurance hand-to-hand combat)
• Week of October 13: Seattle for the MSFT Small Business Summit http://www.microsoft.com/smallbusiness/summit/
• Week of October 20: Kansas City for the MCSF Keynote http://www.mcsfonline.org/
• Week of October 27: Seattle (still confirming details)
• Week of November 3: Portland, Oregon, Keynote for: http://www.nwsecurityconference.com
• Week of November 10: (transit back to East Coast, perhaps via Dallas)
• Week of November 17: DC Metro (still confirming details) and Philadelphia, PA for a private briefing for the CSO Breakfast Club

If you enjoyed this post, make sure you subscribe to my RSS feed!

The discussions continue to expand and inform in the Security Catalyst Community. Here are some of the recent hot conversations (including some I have listed before; this week they really exploded). 

• Is Management the Real Security Problem?
• Linux User Account Upgrade or Migration Checklist
• What should you do with software updates that are not critical?
• Question about the Amero
• Anyone else using Twitter?

If you enjoyed this post, make sure you subscribe to my RSS feed!

It is hot today is Upstate NY; the same is true for some forum discussions taking place this week:

• Is Management the Real Security Problem?
•  How to deal with a “poison pill”
• Using CAPTCHA
  

If you enjoyed this post, make sure you subscribe to my RSS feed!

The forums are off to a roaring start this week - with some insightful discussions. Sure, thinking this early in the week can be scary, but it sure pays off!

• What are the ethical standards/requirements for security bloggers? [IN PREP FOR TUESDAY]
• Help me test my new Firefox add-on
• Printer Dots and Privacy - cause for concern?
• Sen. Schumer Kills Bank (unintended consequences and the way security is considered)
• CISSP - on it’s way out, or not. Or both? (the discussion continues!)

Join the in the Discussion!

The Security Catalyst Community

Your participation is your currency (means no charge to join) - the more you contribute the more you learn and the more valuable the community becomes to everyone (so dive in and share). If you have not yet registered, please remember to use firstname.lastname as the standard.

If you enjoyed this post, make sure you subscribe to my RSS feed!

This is a question that has been kicked around quietly, and now it is the focus of the August Security Roundtable. We are recording on Tuesday (pondering using a live-feed) and I want your feedback. 

Show Prep Outline

If you enjoyed this post, make sure you subscribe to my RSS feed!

It’s been a brisk week in the forums, and here are some hot topics:

If you enjoyed this post, make sure you subscribe to my RSS feed!

• gmail remote sign out - is this brilliant or rife with unintended consequences?
• Checking the Validity of your Security Tools
• Windows 2008 PKI infrastructure and smart cards
• Most communities don’t use SSL for authenticating members… should they?
• SecTor 2008 - Toronto, Canada

Join the in the Discussion!

Your participation is your currency (means no charge to join) - the more you contribute the more you learn and the more valuable the community becomes to everyone (so dive in and share). If you have not yet registered, please remember to use firstname.lastname as the standard.

If you enjoyed this post, make sure you subscribe to my RSS feed!

 

 Standard Podcast [68:41m]: Play Now | Play in Popup | Download

If you enjoyed this post, make sure you subscribe to my RSS feed!

As we roll into Monday (and after a holiday weekend in the US), there are several interesting posts ready for your comments, and plenty of insight to make your week even easier! Take a look at:

• Forensic Analysis Applications
• Privacy Alert - ISPs putting “ad service” boxes in the click stream is bad!
• Interesting Article (comments and insights wanted)
• In search of statistics for average time to resolution of infected website
• Favorite command shell tools
• Most Corporate Blogs are Failures. What can we learn from why?
• Targeted/Focused Attacks

Join the in the Discussion!

Your participation is your currency (means no charge to join) - the more you contribute the more you learn and the more valuable the community becomes to everyone (so dive in and share). If you have not yet registered, please remember to use firstname.lastname as the standard.

If you enjoyed this post, make sure you subscribe to my RSS feed!