SIEM or SEIM or Log Correlation tools are generally considered expensive. I won’t get into the particulars of what is or is not expensive for you or your customer. It also depends on system size and what your enterprise may or may not already have in place. So do check ... Read More

Back again.Yesterday, I said that the recent survey about FISMA failure is horse shit. I stand by that claim and will now add more.The only thing this report says is that their process is too focused on compliance and they wish they had more money. When is the last time that ... Read More

I find myself being annoyed yet again by an article. It’s here if you want to read it.The essence of it being that FISMA is a failure (still) and government doesn’t know how to secure a rowboat let alone the vast number of systems in existence. Also thatNo information security program is ... Read More

Hi. I’m Chris and I’m an AWS addict. Hi ChrisThat’s right, I am using an EC2 as a development platform for RedSpartan as a code repository, wiki and issue tracker (in the form of a RedMine instance). I am also using a Windows instance to host the development and alpha instances ... Read More

I did not get a chance to read 800–128 during the draft phase, mainly because I was too busy. But also because I wasn’t all that worried. I did however have one of the analyst I work with read it and he had some positive things to say. So if ... Read More