Now that I flooded with work (with more on the way), I am eternally procrastinating on my “Fun Security Reading” blog posts. So, let me at least try to blog about what I was WRITING if I don’t have time to blog about what I was reading (Google Reader shared item feed). The list is loosely sorted by time:
My writing:
- “HIPAA Logging HOWTO, Part 1”
- “HIPAA Logging HOWTO, Part 2”
- “PCI Security: Q&A with Anton Chuvakin, PCI Compliance Expert”
- “PCI Security: Q&A with Anton Chuvakin, PCI Compliance Expert, PART 2”
- “ASSESSMENT SUCCESS: PCI DSS STANDARDS AND SECURE DATA STORAGE”
- "How to Do Application Logging Right" (with Gunnar Petersen)
- “FISMA Logging HowTo, Part 1”
- “Logging for FISMA part 2 : Detailed FISMA logging guidance”
- “Log management software can aid data security, boost IT accountability”
- “Log review for incident response, Part 1”
- “A Pragmatic Approach to SIEM: Buy for Compliance, Use for Security”
- “Log review for incident response, Part 2”
- “PCI DSS 2.0 Fun Facts”
- “Logs vs Bots and Malware Today”
- “PCI DSS Today and Tomorrow: Logging is the Key”
- “Logs for Insider Abuse Investigations”
Presentations:
- “Log Standards and Future Trends” (BrightTalk)
- “What PCI DSS Taught Us About Security” (BrightTalk)
- “You Got That SIEM. Now What Do You Do?"(BayThreat 2010)
- “Achieve PCI Compliance and Ensure Security in a Data Deluge” (Focus.com webcast)
- “Address Network Security & Dramatically Reduce PCI DSS Scope with Gateway Tokenization” (Intel – NRF (!) webcast)
- “Proactive Compliance for new PCI-DSS 2.0” (SANS webcast)
- “Using Logs for Breach Investigations and Incident Response” (Brightalk webcast) and presentation
- “PCI Compliance: Tips, Tricks & Emerging Technologies” (BankInfoSec webcast)
- You can always see more on my Slideshare page.
Audio/podcasts/etc:
- Cloudchasers podcast “Cloud security and compliance: its all about the logs – May 20, 2010” (mp3)
- Cloudchasers podcast “IT Security industry consolidation and the cloud – Sept 16, 2010” (mp3)
- “Logs, Clouds and Open Source, Oh My!”
- ETM podcast “Insight into SIEM” (mp3)
- McAfee podcast about retail security (mp3)
- …and, obviously, our own log podcast LogChat
Miscelaneous:
- “Scaling the Security Chasm” is not by me, but it is written based on my HITB keynote last year
- “How to handle PCI DSS requirements for log management in the cloud” is also not by my, but has significant input from me
BTW, if you’d like to see what I’ve been reading, subscribe up for my Google Reader shared item feed and Like feed/Buzz. Or use the widget below:
And, no, Twitter didn’t kill blogging, but it sure looks like Twitter is intent on killing Twitter 
P.S. Posted by a scheduler – please don’t laugh, but I am in Siberia now Responses to comments will happen when I am back.
Possibly related posts:
