Security Balance

There’s a lot of interesting discussions about the value of SIEM solutions. There’s also some discussions about the possibility of doing that with open source, like OSSIM (I personally think it is possible for some organizations – specially those that have the open source culture already). I like to say that SIEMs are for security [...]

I was happy to see the last posts from Alan Shimel about the incident on LxLabs and what that means to “cloud security”. Not only because I think he is right about using it as an example of why we should think about cloud security but also because I like his “anti-hype” posture. Ok, that [...]

The PCI-DSS world has just gone mad this week after Merrick Bank decided to sue Savvis, who gave a clean bill to the well known service provider CardSystems, responsible for a huge breach that lead to thousands of card numbers being stolen. It is an interesting outcome and raises a series of questions about whether [...]