I'm not dead yet!
By gbrunett-Oracle on Mar 25, 2005
It has been a very long time since my last post and for that I apologize. I have a good excuse honest! I was off for most of January with the birth of my second son. Following that, as you can imagine when I came back I needed to spend a good deal of time unburying myself from e-mail, v-mail and project deliverables. So, now that I am nearly unburied, I can safely proclaim that I am not dead yet!
I wanted to take a few moments to catch you up on a few things that I have been doing over the last two months or so. I will also preview a few things that will be coming up...
- Upon my return from leave, I presented at the
RSA 2005 Security Conference held in San Francisco, CA. I had the honor of
presenting on the topic of "Adaptive Security for Dynamic and Consolidated Environments"
with Dave Walker and
Peter Charpentier. It was quite a blast!
- I have continued my work as a member of the Unix Benchmark Team for the
Center for Internet Security. Most of the recent work has been on the development and
refinement of the Solaris 10 Security Benchmark. I have to say that in large part due to
the teamwork displayed by that organization, the Solaris 10 Benchmark has come together
very quickly and should be ready to release soon.
- I have also been working on converting some of my Solaris 10 Security blog articles
to become Sun BluePrints Cookbooks. The
first of such to be converted was the
Automating Solaris 10 File Integrity Checks. It was published this month. It looks like
at least one more will be published next month. Don't think that this is just a rehash of
the blog however. We did actually go in and add new clarifications, examples, and other
content! Also, I would like to acknowledge Darren
Moffat and Scott Rotondo for their careful technical review of the article. Thank
you very much.
- I have also been working on new material. Hopefully in either the April or May edition
of the Sun BluePrints, you will see a new article titled something like Limiting Service
Privileges in the Solaris 10 OS. The paper is done, it is just a matter of getting it
through the necessary processes.
- I have been doing a lot of customer briefings on a variety of topics. Most of my
briefings are deep dives into Solaris 10 security features and capabilities. In fact,
just last week I presented to over 300 customers in both New York, NY and Somerset, NJ
on those topics. It is absolutely incredible the things that you can accomplish with
Solaris 10 in the security space.
- I have also been preparing a talk that I will be giving on April 4th at the
EDUCAUSE Security Professional's Conference in
Washington, DC. The subject of my talk will be "Systemically Secure Architectures".
If anyone reading this will be there, please be sure to stop me in the hall and say 'Hi'!
- I have also been accepted to present at the New York State Cybersecurity Conference. The subject of my talk will be "Lessons from the Trenches: Solaris Security Best Practices". Hope to see you there!
Those are just a few of the things that I have been working on recently - that I can talk about of course. ;-) I hope to do another posting with yet another Solaris 10 Security tip in the very near future.
Also, before signing off, I have to send some kudos to the Solaris Security Toolkit team. Thanks to their hard work and determination, we can now proudly say that the Toolkit has become an official Sun product that is supported under the Solaris Support contract. Great work everyone!