Welcome to the weekly post where I take the opportunity to expound on just about anything. Never fear, there is always a dedicated Infosec portion for those that don't care about anything else
Here are a few links if you'd like to skip to a particular part of the post.
Just because it amused me:
Correct me if I'm wrong, but hasn't the fine line between sanity and madness gotten finer?
Somehow I got my dates messed up so that they were not referring to a Sunday to Saturday period. That is now corrected. Also, I changed the name of this feature to Things I Looked at Last Week instead of Learned.
A CISSP Study Plan Memoir
Whether you think the CISSP is of value or not, it is a test that is a challenge if for no other reasons than the breadth of information it covers and the length of the exam. This is a nice memoir of one person's journey towards taking and passing the exam. There are quite a few good references for those who are studying for the CISSP.
Top Ten Web Hacking Techniques of 2010 (Official)
Jeremiah has again compiled the Top 10 Web Hacking Techniques. I attended his presentation as RSA 2010 and it is well worth checking out. Below is the short list from what was a much longer list.
Risk Requires Opportunity
Eric, a recent entrant into the blogging world, is the CSO of a large health care provider. He makes a very good point about risk that may seem obvious when you read it, but tends to be left out of most assessments.
Threat Modeling and Attack Surface
Gunnar Peterson has put together two posts that we should all study. I have read each once, but will be going over them again. While the specific case he applies his thoughts to is REST, the model can be applied to anything we may be analyzing.
Common Traits of Information Security Leaders
My last pointer is to a post by Lee and Mike. It is about the common traits of information security leaders. They should know.
If you are interested in product photography or are active on eBay and want to make your selections look a step above the rest, you should check out this post on Strobist.com. It shows how to make a light box for next to nothing that allows you to take shots like these. (yes, this is shameless self-promotion of my Project 365 too )
That's it for this week. I hope you found something that piqued your interest.
As always, comments welcome below or you can email me at firstname.lastname@example.org if you prefer.