If you're new here and would like to see more of what I'm saying, you may want to subscribe to my RSS feed (I can even email my blog posts to you when I publish a new one) or have a look at my papers and presentations page for downloads of stuff that you can share or "borrow heavily from". You also might find my guidelines for posting comments interesting, especially if you're a government employee. If you want to see me blog about anything in particular, drop me a private email on how you think I'm completely full of myself, extend me an invitation to speak at your next security meeting/event, or just to ship a huge bag of money in my direction, you can do that through my contact page. Thanks for visiting and happy hacking!

I promised myself I would stop with the vendor bashing at least long enough to catch my breath. Well, sometimes in your life something comes along that you just can’t help but comment on.

Press release on how a network emulator can help with FISMA reporting.

This class of products is great–simulated network lag so you can test your network devices, software, etc. Every lab should have this stuff.  I’m pretty sure that some of it is inside my building in the various replicas of customer networks that the engineers use.

But what does this have to do with information security management? Once again, it’s sprinkling the magic FISMA fairy dust and wishing that it makes your product a security device.  Makes me had the”make it secure” wand (complete with star on end and ribbons) that one CISO I know of carries about just for the purpose of being able to wave it around and say “*Poof* It’s secure now.”  I figure happy thoughts are in there somewhere, but I’m just not seeing the exact mechanism.

My friends have a theory that I should start selling SOX socks and FISMA underwear. I’m not so sure about that, but I figure if it works for all these other products, it might be a massive moneymaker for me.  =)

Bookmark to:

Hide Sites