Disclaimer: The opinions of the columnists are their own and not necessarily those of their employer.

Tag Archives: functional security testing

Heartbleed Lessons – FST and Lab Certification

– There has been much written following the “discovery” of the Heartbleed bug that plagues OpenSSL … some informative, some constructive, some neither. Perhaps the most useful article to date is one published on April 18, 2014, which was written by Nicole Perlroth of The New York Times…

Can We Prevent Knight Capital Types of Debacle?

– … or are we destined for such disasters to be repeated with increasing frequency? It can be construed from reports as to why new software installed before the New York Stock Exchange opened for business on August 1, 2012 by securities firm Knight Capital went berserk, that the firm does in…

Glitch Reporting Glitch. Where was V&V?

– You are likely well aware of the computer failure that cost Knight Capital Group, Inc. $440 million in just 45 minutes at the opening of the New York Stock Exchange on Wednesday, August 1, 2012. A programming mistake apparently caused KCG’s trading system to send out large numbers of erroneous…

InfoSec is Ritualistic, Not Innovative … It’s a SIN!

– The 6th Annual IT Security Entrepreneurs’ Forum (ITSEF 2012) took place at Stanford University on March 21, 2012. It was produced by the Security Innovation Network, which is careful to call itself SINET rather than SIN. You can see the conference agenda…

China Chamber Hack

– Siobhan Gorman is back in strong form on the front page of the December 21, 2011 Wall Street Journal with her article “China Hackers Hit U.S. Chamber,” which suggests at first glance that  hackers made from porcelain were successfully thrown into some U.S. person’s bedroom. However, the…