Monday, March 28, 2011

My “Recent” Security Writing and Speaking

Now that I flooded with work (with more on the way), I am eternally procrastinating  on my “Fun Security Reading” blog posts. So, let me at least try to blog about what I was WRITING if I don’t have time to blog about what I was reading (Google Reader shared item feed). The list is loosely sorted by time:

My writing:

  1. HIPAA Logging HOWTO, Part 1
  2. “HIPAA Logging HOWTO, Part 2”
  3. PCI Security: Q&A with Anton Chuvakin, PCI Compliance Expert
  4. PCI Security: Q&A with Anton Chuvakin, PCI Compliance Expert, PART 2
  6. "How to Do Application Logging Right" (with Gunnar Petersen)
  7. FISMA Logging HowTo, Part 1
  8. Logging for FISMA part 2 : Detailed FISMA logging guidance
  9. Log management software can aid data security, boost IT accountability
  10. Log review for incident response, Part 1
  11. A Pragmatic Approach to SIEM: Buy for Compliance, Use for Security
  12. Log review for incident response, Part 2
  13. PCI DSS 2.0 Fun Facts
  14. Logs vs Bots and Malware Today
  15. PCI DSS Today and Tomorrow: Logging is the Key
  16. Logs for Insider Abuse Investigations


  1. Log Standards and Future Trends” (BrightTalk)
  2. What PCI DSS Taught Us About Security” (BrightTalk)
  3. You Got That SIEM. Now What Do You Do?"(BayThreat 2010)
  4. Achieve PCI Compliance and Ensure Security in a Data Deluge” ( webcast)
  5. Address Network Security & Dramatically Reduce PCI DSS Scope with Gateway Tokenization” (Intel – NRF (!) webcast)
  6. Proactive Compliance for new PCI-DSS 2.0” (SANS webcast)
  7. Using Logs for Breach Investigations and Incident Response” (Brightalk webcast) and presentation
  8. PCI Compliance: Tips, Tricks & Emerging Technologies” (BankInfoSec webcast)
  9. You can always see more on my Slideshare page.


  1. Cloudchasers podcast “Cloud security and compliance: its all about the logs – May 20, 2010” (mp3)
  2. Cloudchasers podcast “IT Security industry consolidation and the cloud – Sept 16, 2010” (mp3)
  3. Logs, Clouds and Open Source, Oh My!
  4. ETM podcast “Insight into SIEM” (mp3)
  5. McAfee podcast about retail security (mp3)
  6. …and, obviously, our own log podcast LogChat


  1. Scaling the Security Chasm” is not by me, but it is written based on my HITB keynote last year
  2. How to handle PCI DSS requirements for log management in the cloud” is also not by my, but has significant input from me

BTW, if you’d like to see what I’ve been reading, subscribe up for my Google Reader shared item feed and Like feed/Buzz. Or use the widget below:

And, no, Twitter didn’t kill blogging, but it sure looks like Twitter is intent on killing Twitter Smile

P.S. Posted by a scheduler – please don’t laugh, but I am in Siberia now Smile Responses to comments will happen when I am back.

Possibly related posts:

Dr Anton Chuvakin