Tag: Security
-
Sorting Events by Time
I’ve been reviewing the APIs of a number of software vendors lately, looking at how you pull data that they don’t support pushing. It’s producing a bit of flashback to working with ugly things from the old days. Here’s a fun fact, apropos of nothing specific to any current project…
-
Maintenance Windows and Breakage
Lorin Hochstein recently wrote about normal incidents, “a result of normal work, when everyone whose actions contributed to the incident was actually exercising reasonable judgment at the time they committed those actions.” Instead of an accident or an error, it is an incident which is the outcome of proper behavior.…
-
Who the Tech Is Meant For
I’m pretty fascinated by the effect of social code matching in product design. In order to market and sell products you have to fit them to the buyer: language, use cases, pricing, packaging, sales motion, and more. In large and small ways, a company’s go to market or an open…
-
CISOs’ Accountability for Product Security
There’s news going around about the Solarwinds CISO potentially being held personally accountable by the SEC for the 2020 build pipeline hack against their Orion systems management platform. Making vendors accountable for product security is probably a good idea, equivalent to food producers being accountable for their product. It’s faintly…
-
How Do I Drive Remediation SLAs?
Question: I want to get my organization to patch things in a timely fashion, how? Can I just set an SLA (Service Level Agreement) of “patch the criticals in 30 days” and track that? Speaking as a vendor who’s worked with patching systems for everything from big banks and government…
-
Shewhart Control Charts
As a monitor writer, I want to alert when a value has changed quickly a lot in one direction or another, but i don’t want to set hard-coded thresholds because the value’s range is expected to slowly evolve. My goal is to get useful alerts and avoid false alarms. Examples:…
-
You’re a CISO? That’s rough, buddy
I had the opportunity to speak candidly with several CISOs (Chief Information Security Officer) and CSOs (CISO plus physical security) at RSA this year. I heard lots about challenges, and it’s not surprising that the tenure is so short. There’s a lot to unpack in the data behind those articles,…
-
Heisenberg’s World of Uncertainty
Security analysts can’t ever be certain of what they’re seeing and not seeing. See something, do something My entire career has been in some form of “see what’s important, then do something about it.” It’s Heisenberg’s world though. Collecting and moving data has impact and cost, which can be hard…
-
VMBlog Post on Decentralization
linking to this piece I wrote for VMblog Why Decentralized Work Calls for Decentralized Data
-
Security Products, Rules, and Complexity
Security products need to detect known knowns, so they build up a corpus of rule content. This corpus grows faster than it shrinks, if it’s maintained at all: new known bad is found at a rapid clip, while software is retired from use very slowly. There are two constraints on…
Monkeynoodle.Org 