** UPDATE ** Finally, I have made some progress in getting my site live... I have started of with a schedule of courses and outlines... Much more to follow.. but in the meantime, check out what we have running in the next couple of months..

http://www.bulletproofsi.com/it-services/education-services

I am ALWAYS looking to add courses, so contact me if you are looking for a course, I will add it to the schedule and make it available for you and your team.

Darryl Esau   darryl.esau@bulletproofsi.com

Comment (0)

Bulletproof is currently doing a a big push to embrace social media and allow our customers to get more intimately involved with our company through direct interaction.

As a security guy, social media is scary. So, why would I choose to join the social media team and push this forward? The first reason is simple, the move to social media is going to happen to all of us,  regardless. The second reason is because I think we're doing all of the right things to use the technology responsibly.

Comment (0) Read More...

Really, do you?

System and process documentation  are something that I am always asking for in my job as a security consultant.  No surprise to anybody in the field, most times the documentation just doesn't exist. When it does exist, it is usually really hard to find because it is scattered amongst a variety of file servers, CMS and personal computers. To complicate things, it's probably also in a variety of formats.

Comment (0) Read More...

On Monday night and Tuesday of this week I attended the annual Atlantic HTCIA conference. As part of this conference we always have an evening public session on internet safety. This is a great opportunity for families and members of the community to come out and gain some insight into current internet safety issues.

The highlight of this years evening session was a powerful presentation from Signy Arnason (Director, Cybertip!ca - Canadian Centre for Child Protection). She provided a presentation that struck even those of us that have been hardened by some of the internets darker sides. Highlighting some specific cases of child abuse that the center has encountered in recent years.

Comment (0) Read More...

I do very little programming in my normal day-to-day activities. However, I do believe that understanding programming concepts is great at helping me understand application security issues.

I had a bit of free time on my hands this week so I thought I would delve into Microsoft's new (ok maybe not really new anymore) fang-dangled scripting language PowerShell.  I figure that they aren't about to start shipping Perl or Python with Windows so I had better get on the bandwagon.

Comment (0) Read More...

PEI is a province whose primary agricultural export is potatoes. As a result of this, you are hard pressed to find a road on the island that doesn't have at least one roadside stand selling the illustrious tuber .

What I find great about these potato stands is that none have people working them. They are all set up with honesty boxes.  There is a sign sitting beside the money box telling you what the price is. You, as the honest consumer, are expected to simply deposit the proper amount and take your bag of spuds.

Comment (0) Read More...

I'm on vacation now. Why, you might ask, am I writing a blog post when I should be on a beach somewhere? That, my friends, is the magic of pre-posting...

Me telling you that I'm on vacation could be used maliciously. How? Sometimes the most mundane bits of information can provide an attacker with a great opportunity.

Comment (0) Read More...

Certifications are interesting things. I remember when I first got my MCSE, a proud day, when I officially became an "expert"...or so I thought. I soon found out that it wasn't really that useful if I didn't have the experience to back it up.

When it comes to security certifications you can basically break them into a couple of groups: (A) Task or vendor specific and (B) General.

Comment (0) Read More...

I had a reminder last night of why back-out plans are important. We were 5 hours into a late night outage scheduled for 6 hours. Things were going reasonably well on about half of the cut-over. The other half...not so well. These types of scenarios aren't ideal but they do happen.

The important thing that saved us in this scenario was a clear understanding of the backout plan. In retrospect there are definitely improvements that could have been made to our plan but generally it went fairly well.

Comment (0) Read More...

One of the things I feel most strongly about is communicating with our customers and one of the really important aspects of this is soon after a project is complete. As consultants we tend to knock em' down and move onto the next challenge. As much as this approach is engrained into the psyche of a consultant I honestly feel it's the wrong approach.

Comment (0) Read More...