Saturday, March 28, 2009

Recent Changes and upcoming material

It's been an exciting time here at, and even though I haven't updated the blog in a week, it's not because I don't have anything interesting coming down the pipe.

About a month ago I redesigned the blog site so that it wouldn't look like so many of the other security bloggers out there. The blog was completely reskinned, and I added the twitter feed on the right. I'm really glad I did that. One of the things I want to avoid on my blog is having a lot of blog entries that just point to someone else's material...unless I have something substantial to add to the conversation. Generally, I would prefer to have a smaller number of updates and provide original content and original thoughts. I set a goal that in 2009 I would like to get out one update per week and so far I'm ahead of schedule. From what I can tell I will be able to remain on schedule for the foreseeable future too. But sometimes there are good articles out there that need to be mentioned. Sometimes there is non-professional stuff that I want to share, but it doesn't really belong on my security blog. That's where the twitter feed comes in. That's the place that I'll brag about the Minnesota State Mankato women's basketball team becoming the NCAA divison II champions, and post links to articles that I can't add anything too. I feel that it has really rounded out my blog a bit

At the same time, I've been trying to build a bit of brand identity and hopefully land the occasional moonlighting gig. I started working with someone to create the blackfist logo that I'm using now, but that process wasn't working out well for me. So eventually I said to heck with it and decided to see what I could make on my own. I am a fairly decent artist in my own right, after all. I have to say, I think the new logo gives the image that I'm looking for. I like to consider Blackfistsecurity to be the Rage Against the Machine of information security, and my logo is supposed to reflect a kind of professionalism that just barely contains the raw energy of the Black Fist.

So what is coming up? Well more Pointsec videos for sure. The Pointsec stuff has been my main draw so far, and I don't want to get away from that. I was working on a video for setting up temporary user accounts and Single Sign on when my laptop was claimed by Full Disk Encryption for Mac. So that has been delayed, but I hope to get that finished and online in the next week. I'm also looking at putting together videos on Remote Help and Installation profiles.

I hope to keep everyone posted on my attempts to impose a Change Management process on a hostile environment. There hasn't been a lot of movement in the last few weeks so there isn't much to say right now.

I also started another project that I'm really looking forward to sharing here on the blog. The PCI DSS requires merchants that have applications in scope to either hire an external code audit, or place their applications behind an Application Layer Firewall. If you've had to buy one of these things then you know that a really good one isn't cheap and a really bad one is, well, really bad. A few weeks ago I set out to build an open source Application layer firewall and I'm fairly proud of the results. I documented the process along the way and I have about five blog entries that are in need of a bit more editing and will be ready to post.

So look for that exciting stuff to come, and let me know if there is anything else you would like to see on the blog. Thanks for reading,

No comments: