Disclaimer: The opinions of the columnists are their own and not necessarily those of their employer.
Advertise with BlogInfoSec.com

Tag Archives: OWASP

In Praise of the Information Security Checklist

– This is much anger and venom spit when the subject of the information security checklist is brought up. At one point in my career I looked at the checklist in disdain figuring that only people who do not understand the true depths of a subject relied on checklists as a crutch in place of…

The OCC and Application Security: Vindication at Last

– On May 8, 2008, the OCC (Office of the Comptroller of the Currency, part of the U.S. Department of the Treasury) issued Bulletin 2008-16, which you can find here. As the OCC states, there have been prior mentions of application security by the FFIEC (of which OCC is a member), NIST and others.…