I will be holding some talks on the sense and nonsense of security certifications (ISO 27001, Common Criteria, PCI-DSS, whatever) in the next couple of weeks, and I am really curious what the public will say. My past forays into public appearances were less than exciting - people are nodding, people are saying "yes, we need", people do not really understand what this is about.
In particular, I have yet to see a bank that really understands what PCI-DSS is about (which is probably due to my limited exposure to banks, but hey, I know at least two now that are candidates for the "clueless in Bavaria" prize).
Sonntag, 19. April 2009
Blackhat EU 2009
Here is the download secition for the past EU 2009 session:
http://www.blackhat.com/html/bh-europe-09/bh-eu-09-archives.html
I am not truly excited. I have not been there, but from what I am told it was fun, but nothing really new - some xploits for weaknesses known but not exploited before, some things better explained than before, but nothing new, weird and wonderful. Anyway, read for yourselves.
http://www.blackhat.com/html/bh-europe-09/bh-eu-09-archives.html
I am not truly excited. I have not been there, but from what I am told it was fun, but nothing really new - some xploits for weaknesses known but not exploited before, some things better explained than before, but nothing new, weird and wonderful. Anyway, read for yourselves.
Abonnieren
Posts (Atom)