Company Blog
Input Validation and Data Dictionaries
Our internal discussion board brought up the topic of input validation last week. The discussion was around the regex for validating an email address. The message was that what seems like a very simple input validation can get complicated if the full standard is supported. As I read the discussion I started thinking about Data [...]
Identity Encapsulated Key Management
As part of my work on the Trust Cloud Initiative, I’ve had so discussions with they folks at PGP about their Key Management Server. At first, I was “ho-hum, key management”, but there’s more going on here than I had assumed. The way this software manages keys is more like a key ring. The implication [...]
Cigital Participates in White House Discussion on the Progress of the President’s Cybersecurity Efforts
On Wednesday July 14, 2010, US Cyber Security Coordinator Howard Schmidt convened a hastily called meeting of around 100 public and private sector security experts at the White House to explain the progress he has made in the six months since he joined the administration. I was there. In an unexpected and exciting surprise, President [...]
