Comments on: Show 004 – An Interview with Brad Arkin http://www.cigital.com/realitycheck/show-004/ The Reality Check Podcast with Gary McGraw focuses directly on software security practitioners and practical software security. Reality Check’s sister podcast, the Silver Bullet Security Podcast with Gary McGraw, follows a free form interview style tailored highlight the ideas and experience of security gurus. By contrast, Reality Check is concerned with practical questions centered on running large-scale software security initiatives in the real world. Reality Check targets experienced leaders working to solve software security problems in large organizations every day. We use a standard script to guide each conversation with questions about history, methodology, best practice, and measurement. We plan to interview leaders of mature software security programs and leaders of programs just getting started. Wed, 11 Nov 2009 05:41:13 +0000 http://wordpress.org/?v=2.9.2 hourly 1 By: Brad Arkin http://www.cigital.com/realitycheck/show-004/comment-page-1/#comment-140 Brad Arkin Thu, 25 Jun 2009 14:51:17 +0000 http://www.cigital.com/realitycheck/?p=8#comment-140 Hi Mark, The plan going forward is that each quarterly update will roll up any zero-day patches that were released that quarter. However, each quarterly update will need to be applied in serial to get to a fully patched system. A new full installer for Reader will usually be available for every single dot release. (For example, a new installer for 9.2, but not for 9.2.1.) Brad Hi Mark,

The plan going forward is that each quarterly update will roll up any zero-day patches that were released that quarter. However, each quarterly update will need to be applied in serial to get to a fully patched system. A new full installer for Reader will usually be available for every single dot release. (For example, a new installer for 9.2, but not for 9.2.1.)

Brad

]]> By: Mark Cristaldi http://www.cigital.com/realitycheck/show-004/comment-page-1/#comment-134 Mark Cristaldi Tue, 23 Jun 2009 17:03:22 +0000 http://www.cigital.com/realitycheck/?p=8#comment-134 Brad, Going forward, will all Adobe Reader & Pro security patches above version 9.1 need to be incrementally be implemented? Example, If a workstation has Adobe 9.1 and the latest revision is 9.15, will the 9.11, 9.12, 9.13, 9.14 patches need to be implemented first, before the 9.15? Please let me know, Thank You Mark Brad,

Going forward, will all Adobe Reader & Pro security patches above version 9.1 need to be incrementally be implemented?

Example, If a workstation has Adobe 9.1 and the latest revision is 9.15, will the 9.11, 9.12, 9.13, 9.14 patches need to be implemented first, before the 9.15?

Please let me know,

Thank You
Mark

]]> By: gem http://www.cigital.com/realitycheck/show-004/comment-page-1/#comment-108 gem Mon, 01 Jun 2009 19:44:40 +0000 http://www.cigital.com/realitycheck/?p=8#comment-108 hi listeners, Brad recently announced what Adobe has been doing to combat their software security issues. Check out his blog entry here: http://blogs.adobe.com/asset/2009/05/adobe_reader_and_acrobat_secur.html gem hi listeners,

Brad recently announced what Adobe has been doing to combat their software security issues. Check out his blog entry here:

http://blogs.adobe.com/asset/2009/05/adobe_reader_and_acrobat_secur.html

gem

]]>