As of last September, HAProxy supports ssl so you no longer have to put stud/stunnel/nginx in front of HAProxy and it can also connect to SSL on backend servers so you can have encrypted traffic the whole way to the…
As of last September, HAProxy supports ssl so you no longer have to put stud/stunnel/nginx in front of HAProxy and it can also connect to SSL on backend servers so you can have encrypted traffic the whole way to the…
Have you read the famous systems-management novel The Goal? No, I know you haven’t, don’t feel bad, I only got to it this year myself. Well, Gene Kim, entrepreneur, consultant, founder of Tripwire, and general insatiable Tweeter, has written a…
AppSec USA 2012, the big OWASP security convention, is here in Austin this year! And the agile admin’s own @wickett is coordinating it. “Why do I care if I’m not a security wonk,” you ask? Well, guess what, the security…
Fellow Agile Admin, James Wickett, just wrote an article for Control Engineering about cloud security. Cloud security is kinda funny, it’s the biggest FUD attractor and “concern” of folks who don’t really know how their on premise security works either. …
As I’ve been involved with DevOps and its approach of blending development and operations staff together to create better products, I’ve started to see similar trends develop in the security space. I think there’s some informative parallels where both can…
I had a chance to talk with Dan Cornell from the Open Web Application Security Project (OWASP) and the Denim Group. Dan has over 13 years of experience in development and is one of the founders at the Denim Group,…
In late 2007 Bruce Schneier, the internationally renowned security technologist and author, wrote an article for IEEE Security & Privacy. The ominously named article: The Death of the Security Industry predicted the future of the security industry or lack thereof. …
Recently I have been reading on OPSEC (operations security). OPSEC, among many things, is a process for security critical information and reducing risk. The 5 steps in the OPSEC process read as follows: Identify Critical Information Analyze the Threat Analyze…
Why The Cloud Is More Secure Than Your Existing Systems Saving the best of LASCON 2010 for last, my final session was the one I gave! It was on cloud security, and is called “Why The Cloud Is More Secure…
HTTPS Can Byte Me This paper on the security problems of HTTPS was already presented at Black Hat 2010 by Robert Hansen, aka “RSnake”, of SecTheory and Josh Sokol of our own National Instruments. This was a very technical talk…
