Is PCI driving the development of information security within healthcare?

I like to watch industries evolve in how they deal with information security. It was interesting to watch retail evolve as PCI got more organized.  The PCI Council put together the DSS with dates and penalties for breaches and non-compliance, and that drove significant change. It appears that a similar major change within healthcare is [...]

Windows Tools in BackTrack

For those of you who aren’t in the loop, BackTrack is a Live Linux distribution that ships with a large number of open source tools that can be used to assess the security of networks, systems, and applications. At this point, most IT professionals and 14 year old computer geeks are at least generally [...]

Not so Independent Agents?

In the realm of PCI, the network of independent agents might not be so independent after all. When one thinks of agents, one thinks of real estate, insurance and travel. They all provide a service, they all take information, and they all accept payments. Some of these are independent agents who own their own agency [...]

Echo Mirage: Piercing the Veil of Thick Application Security

In recent years web application security has gotten a lot of attention. The advent of easy to use web proxies has brought a lot of attention to SQL injection and cross-site scripting vulnerabilities, and developers have taken note. Thick application security/development, however, is lagging in that respect. You can pierce the veil yourself and witness [...]