ITSM

Conference Report: ISACA North America CACS: “Wow, we’re not in Vegas anymore…”

I’ve always loved the ISACA CACS conferences. Why? I guess because I love auditors. Not all auditors, mind you, but auditors that have a risk-based orientation, and who understand that the achievement of any goal (regardless of whether we’re talking about information security, operating effectiveness, or compliance goals) hinge on effective controls. And IT auditors [...]

Conference Report: Infosecurity Europe: “What Recession?”

by ~Previous Contributers

A couple of weeks ago, I gave three talks at the Infosecurity Europe conference in London, which was held on April 27-29. I was pleasantly surprised to see how well-attended it was. No, that’s an understatement. It was a packed conference. Based on attendance, you’d be forgiven if you thought it was 1999, during the [...]

My RSA Talk and Adam Shostack’s Awesome RSA Research Track

by ~Previous Contributers

I am in San Francisco this week at the RSA Conference (which is apparenlty #rsac on Twitter). I will be speaking this afternoon at 3pm PT. The famous Adam Shostack (@adamshostack) is one of the track chairs, and his advice to me was, “give your metrics talk, under the guise of virtualization security.” Well, I’m [...]

Ask Dr. Visible Ops: How Should I Engage Internal Audit In The Change Management Process?

by ~Previous Contributers

Hal Pomeranz and I did a webinar called “Ditching the Infosec Stereotype: Part 1: Fixing Broken Change Control Processes” a couple of weeks ago. As I mentioned in a previous blog entry, I’m a big fan of Hal. I loved the work he’s done at places that had truly mission-critical environments, including at eBay, Cendant [...]

When Life In IT Operations And QA Sucks (Part I)

by ~Previous Contributers

Have you ever had this happen to you? Project Killer Kumquat is finally going to deliver the set of features that’s going to allow us to catch up to the competition. We’ve had over 300 developers have been working on this project for nine months. It’s been a death march for them. This is one [...]

Answer: When Is It Acceptable To Patch QA Environment Ahead Of The Production Environment?

by ~Previous Contributers

In the previous post, I talked about a Twitter contest I was running to answer the following question, with a Visible Ops book as a prize going to the best answer: “When is it acceptable to patch the QA environment ahead of the production environment?” If you believe that the goal of QA is to [...]

← Previous Entries

Subscribe

Subscribe to RSS Follow Tripwire on Twitter Connect with Tripwire on LinkedIn

Loading content...

ITSM

Conference Report: ISACA North America CACS: “Wow, we’re not in Vegas anymore…”

Conference Report: Infosecurity Europe: “What Recession?”

My RSA Talk and Adam Shostack’s Awesome RSA Research Track

Ask Dr. Visible Ops: How Should I Engage Internal Audit In The Change Management Process?

When Life In IT Operations And QA Sucks (Part I)

Answer: When Is It Acceptable To Patch QA Environment Ahead Of The Production Environment?

Subscribe

Contributors

Popular Posts

Recent Posts

Categories

About Tripwire

ITSM

Conference Report: ISACA North America CACS: “Wow, we’re not in Vegas anymore…”

Conference Report: Infosecurity Europe: “What Recession?”

My RSA Talk and Adam Shostack’s Awesome RSA Research Track

Ask Dr. Visible Ops: How Should I Engage Internal Audit In The Change Management Process?

When Life In IT Operations And QA Sucks (Part I)

Answer: When Is It Acceptable To Patch QA Environment Ahead Of The Production Environment?

Subscribe

Contributors

Popular Posts

Popular Posts

Recent Posts

Categories

Tags

Connect

About Tripwire