Clayton Donley's Blog

Presenting Security Exceptions to the User

By Clayton Donley on August 19, 2008 11:08 AM

There is a post today on Pingdom talking about the new Firefox SSL error page that appears when you try to connect to a site with a self-signed or invalid certificate. As you see in the image above, it actually...

Group Accounts and Lab Servers - How a Dating Service Took Out the Network

By Clayton Donley on April 22, 2008 5:19 PM

Having just mentioned "The Cuckoo's Egg," I thought I'd share my first IT security experience. I started my career at a large enterprise on a team managing networks of servers and workstations from vendors like Sun, HP, Motorola, and the...

AmTrust Bank Talks about Centralizing Database Authentication

By Clayton Donley on April 22, 2008 4:46 PM

AmTrust Bank packed the room at Oracle OpenWorld, but thankfully the web's a little larger and has more comfortable chairs. There will be a Webcast on May 1st at 1pm EDT (10am PDT) that reprises the original session and includes...

The Cuckoo's Egg Revisited

By Clayton Donley on April 21, 2008 12:31 AM

Ah. The Cuckoo's Egg. The first non-fiction computer security book I ever read. Even saw the author (Cliff Stoll) give a talk at a local college 10+ years ago. I was reminded of this book by a great conversation at...

Secure Coding Practices and Web 2.0 Security

By Clayton Donley on April 21, 2008 12:09 AM

I'm not sure how I missed Mary Ann Davidson's original blog posting on the subject of making fixing security by fixing how developers learn to write software (and much more), but I came across Dennis Howlett's response to it on...