Things I Looked at Last Week: 1/16/2010 – 1/22/2010

by kriggins on January 24, 2011

in TILLW

Welcome to the weekly post where I take the opportunity to expound on just about anything. Never fear, there is always a dedicated Infosec portion for those that don't care about anything else :)

Here are a few links if you'd like to skip to a particular part of the post.

Thoughts
Infosec Stuffs
Non-Infosec Stuffs

Thoughts

Just because it amused me:

Correct me if I'm wrong, but hasn't the fine line between sanity and madness gotten finer?
~George Price

Somehow I got my dates messed up so that they were not referring to a Sunday to Saturday period. That is now corrected. Also, I changed the name of this feature to Things I Looked at Last Week instead of Learned.

Infosec Stuffs

A CISSP Study Plan Memoir

Whether you think the CISSP is of value or not, it is a test that is a challenge if for no other reasons than the breadth of information it covers and the length of the exam. This is a nice memoir of one person's journey towards taking and passing the exam. There are quite a few good references for those who are studying for the CISSP.

A CISSP Study Plan Memoir

Top Ten Web Hacking Techniques of 2010 (Official)

Jeremiah has again compiled the Top 10 Web Hacking Techniques. I attended his presentation as RSA 2010 and it is well worth checking out. Below is the short list from what was a much longer list.

Top Ten Web Hacking Techniques of 2010 (Official)

Risk Requires Opportunity

Eric, a recent entrant into the blogging world, is the CSO of a large health care provider. He makes a very good point about risk that may seem obvious when you read it, but tends to be left out of most assessments.

Risk Requires Opportunity

Threat Modeling and Attack Surface

Gunnar Peterson has put together two posts that we should all study. I have read each once, but will be going over them again. While the specific case he applies his thoughts to is REST, the model can be applied to anything we may be analyzing.

REST Threat Model & Attack Surface
Of Gateways and Hedgehogs

Common Traits of Information Security Leaders

My last pointer is to a post by Lee and Mike. It is about the common traits of information security leaders. They should know.

Common Traits of Information Security Leaders

Non-Infosec Stuffs

If you are interested in product photography or are active on eBay and want to make your selections look a step above the rest, you should check out this post on Strobist.com. It shows how to make a light box for next to nothing that allows you to take shots like these. (yes, this is shameless self-promotion of my Project 365 too :) )

http://project365.kevinriggins.com/2011/01/22/22365-the-jar/

http://project365.kevinriggins.com/2011/01/23/23365-the-white-boss-302/

Closing

That's it for this week. I hope you found something that piqued your interest.

As always, comments welcome below or you can email me at kriggins@infosecramblings.com if you prefer.

If you are interested in getting my content regularly, go ahead and subscribe to my RSS feed. You can also subscribe to have posts emailed to you if you prefer.

-Kevin

http://www.abc.net.au/news/stories/2011/01/13/3112412.htm?site=newcastle

Previous post:

Next post: