Ari Takanen
Ari Takanen is founder and CTO of Codenomicon (www.codenomicon.com). Since 1998, Ari has focused on information security issues in next-generation networks and other security critical environments. He began this work at Oulu University Secure Programming Group (OUSPG) as a contributing member to PROTOS research. His current company, Codenomicon Ltd. provides commercial solutions for security testing of communication devices and networks. Ari has been speaking at numerous security and testing conferences, and has been invited to speak at leading universities and international corporations.
- Company: Codenomicon
- Industry: Tech: Manufacturing - Hardware/Software
- Job title: CTO
- Company size: 50 - 99
- Country: Finland
SecurityFocus
Thanks Raffy!
A quick look at secviz.org revealed a few cool looking things. Thanks for the link! I am sure the readers will appreciate that.
Personally, my interest in visualizations is in a completely different area. But it would be great to meet and discuss sometime. If interested in discussing more on this topic, just email me at: ari.takanen@codenomicon.com
Digium definitely touches
Digium definitely touches many of the points I made in the original post as it is kind-of free and kind-of open source. Motivation for a QA budget can be problematic when you cannot really show any return for the investment (i.e. more sales).
Thank you for the
Thank you for the definitions for each of these. Unfortunately still today, there are as many definitions as there are security consultants. As my background is in fuzzing, I do not really agree with these definitions. If we do an assessment, we run tools (our own fuzzers, and other available fuzzers and non-fuzzers from other companies) to mostly find unknown vulnerabilities. We can find known issues also, but that is not the purpose of the assessment. This in most cases is an "audit" (or assessment, or test, or review) against a carefully designed test specification, sometimes dictated by the industry and in almost every case pre-run in similar form by an another party. Often this is part of a certification process. And yes, the tools are very similar to what a hacker would use in what you call "penetration test".
jfruh
Apple syncing patent can't come soon enough
pasmith
New Twitter features borrow from 3rd party clients
Esther Schindler
Open Source Changes the Software Acquisition Process
mikelgan
How to set up continuous podcast play on the new iTunes
David Strom
Five important Windows 7 mobility features
sjvn
Guard your Wi-Fi for your own sake
Sandra Henry-Stocker
Grepping on Whole Words
Sidekick: The Good News & the Bad News
Either way you look at it Microsoft Data Center management did not follow standards or best practices in this failure. In which case it makes me wonder more about the outsourcing of corporate data much less personal data.
- mburton325
Join the conversation here
Quick, practical advice for IT pros. Made fresh daily.
Want to cash in on your IT savvy? Send your tip to tips@itworld.com. If we post it, we'll send you a $25 Amazon e-gift card.
Collection of visualization links
If you are interested in more links to visualization resources, check out the collection maintained by Clarified:
https://www.clarifiednetworks.com/Visualizations