Month: October 2010
Dark Reading Post: Dragging Physical Security Monitoring into 2010
Check out my latest blog post on Dark Reading’s Security Monitoring Tech Center entitled “
It is fairly common to see router, firewall and intrusion-detection system logs in addition to server, workstation and application logs consolidated within an enterprise security information management (ESIM) system. Logs generated from network-based devices are generally responsible for the bulk of logs monitored by an ESIM, with the remainder consisting of logs from the various endpoints and software deployed throughout the infrastructure. Perhaps one of the most overlooked sources of data to monitor, however, is that of the physical security controls deployed within an enterprise organization.
Read the full blog entry here: http://www.darkreading.com/security_monitoring/blog/archives/2010/10/dragging_physic.html
BSidesOttawa Schedule Confirmed!
B-Sides Ottawa is fast approaching and today we can share the schedule of superb talks that cover a broad spectrum of Information Security subjects. We had an amazing set of talk submissions from speakers, both local and from around North America. Narowing the over 25 talks to fit the two day event was no easy task!
If you are interested in attending B-Sides Ottawa, the event is filling up fast, so please register (it's free!) by visiting the official site.
We are still looking for sponsors to support the event, if you know someone who may be interested, please have them contact bsidesottawa@gmail.com.
Day 1 – Friday, November 12th
| 9:00am – 9:20am | Day 1 Opening Remarks |
| 9:30am – 10:20am | My Life on the Information Security D-List – Andrew Hay, Senior Analyst, The 451 Group, @andrewsmhay |
| 10:30am – 11:20am | Using ISO 27005 for Risk Assessment – Benoît H. Dicaire, InfoSec Strategist, INFRAX, @BDicaire |
| 11:30am – 12:20pm | Vendor Sponsored Lunch |
| 12:30pm – 1:20pm | Myths, Mistakes and Outright Lies (when it comes to your computer security) – Kellman Meghu, Security Engineering Manager Check Point Canada @kellman |
| 1:30pm – 2:20pm | So I've adopted an EMR; What's the worst that can happen? – Peter Hillier, CISO MD Physician Services Inc. (A CMA Company), @DeathwishDuck |
| 2:30pm – 2:50pm | Break |
| 3:00pm – 3:50pm | The Evolving Authentication Landscape – Eric Skinner, CTO, Entrust @EricSkinner |
| 4:00pm – 4:50pm | InfoSec Speed Debates – Jack Daniel and panelists TBD |
| 5:00pm onwards | Vendor Sponsored Dinner, drinks, and shenanigans |
Day 2 – Saturday, November 13th
| 8:00am – 8:50am | Vendor Sponsored Breakfast |
| 9:00am – 9:20am | Day 2 Opening Remarks |
| 9:30am – 10:20am | A new approach to preventing injection attacks on the Web Application Stack – Ahmed Masud CEO/ CTO Trustifier Inc. |
| 10:30am – 11:20am | Fuzzing Cows – Karim Nathoo & Mike Sues |
| 11:30am – 12:20pm | Vendor Sponsored Lunch |
| 12:30pm – 1:20pm | Into the Rabbithole Evolved Web Application Security Testing – Rafal Los @rafallos |
| 1:30pm – 2:20pm | The Unintended Consequences of Beating Users with Carrot Sticks: Radical Thoughts on Security Reform – Ben Tomhave @falconsview |
| 2:30pm – 2:50pm | Break |
| 3:00pm – 3:50pm | CERTs or CIRTs in Canada – Adrien de Beaupré, EWA-Canada, isc.sans.edu |
| 4:00pm – 4:50pm | The Nmap Scripting Engine: Making Nmap work for you! – Ron Bowes @iagox86 |
| 4:50pm – 5:00PM | Closing Remarks – Andrew Hay & Justin Foster |
| 5:00pm onwards | Dinner and drinks downtown |
More information here.