My Writing
- Tools SWFREtools for Analyzing Flash Malware SWFREtools provides free utilities for reverse-engineering malicious Flash programs, including Flash Dissector for examining SWF structure and disassembling ActionScript. FP Debugger traces Flash...
- Risk Management Know the Alternatives When Negotiating IT Risk Mitigation Approaches When business managers reject expensive security recommendations, present alternative mitigation options—such as virtual patching as a stopgap before code fixes. Understanding your BATNA (Best...
- Risk Management Why Business Managers Ignore IT Security Risk Recommendations Business managers may dismiss security recommendations for multiple reasons: they're better positioned to make risk decisions, they've become immune to FUD, they're fatigued from constant...
- Career Which Information Security Job Titles Are Least and Most Common?
- Risk Management Choice Fatigue Might Affect Information Security Decisions Research shows judges grant parole more often after meals because mental exhaustion from repeated decisions leads to status-quo choices. Security professionals making continuous decisions about...
- Incident Response How Much Should an Information Security Book Cost?