A new direction for blogs.sun.com/security/


One of the biggest challenges that Sun's security community - all of the security community, the kernel folk, the applications folk, the Java evangelists, the hardware geeks, the integrators, the cryppies, the researchers, the legal beagles, the politicians, and the just plain interested - one of if not the greatest challenge is "how can we talk with the customer whilst using a single voice?"

It's easy for product-focused groups; when you create a security widget, hoodjamaflip or doohickey there usually comes a product marketeer who expounds relentlessly about your nifty thing at every opportunity, so that interest catches light and sets aflame many imaginations - and product sales follow.

Or, at least, that's how it's supposed to work. Regarding security, things can be a little different.

The challenge is summed up in the very terminology of Sun's approach to "Systemic Security" - it's inarguable that security is holistic, the summation of good code running on good hardware, properly installed and integrated into its larger environment, with availability, integrity and robustness for all.

So who is your product marketer for the entire stack? Aside from you, who can talk about the wider issues, the architectural big pictures or the knock-on benefits you can get from leveraging one tiny, under-advertised feature of a much larger product like Solaris?

If you are member of the Sun security community, and if you have something to say, where do you go to talk about the whole panoply of security? To where should you direct your voice?

The answer, now, is here, blogs.sun.com/security.

This is not to say that Sun security folk should abandon their own blogs - heavens, no! Absolutely not. No no no no no! That's not the point at all. Please be clear about that. Please keep blogging.

In addition, here at blogs.sun.com/security we hope to provide a point of consolidation, where people can find postings and feeds pertinent to their preferred topics - Security Alerts, Tips, New Products, Announcements of "Pertinent Stuff" internal and external to Sun - where you can find personally written content with a high signal-to-noise ratio, and where you can have conversations through comments, cross-linking, providing the immediacy which is a cornerstone of the modern web.

For the Sun employee: if you want to post something, or if you'd like to see a pointer to something you've blogged be added, then drop us a line via e-mail. We'll be in touch. Promise. In the meantime get a blog on blogs.sun.com, if you've not got one already.

For the non-Sun reader: Sun Alerts will continue to be posted here by the Sun Security Co-ordination Team; so there will be no change there; but if you haven't already, please bookmark this site or add it to your feeds. Articles, pointers to other articles, and suggestions for postings are welcome. Just add a comment.

If you desire strictly alerts-only traffic, all the security Sun Alerts will continue to be posted into the Security Alerts Category, which already has a specific RSS feed at blogs.sun.com/security/feed/entries/rss?cat=%2FAlerts .

Over the coming weeks there will be evolution and change, and you'll be hearing from real Sun people with real interest in security. The sidebar will expand, the header too. We're also looking towards better integration with the www.sun.com/security website. It would be nice to have something approaching a one-stop shop for anyone who wants to know about Sun and our Security offerings.

For now, though, please keep watching. We hope you'll like the changes.

alec (alec.muffett-AT-sun.com)


This is fantastic news. Thanks for doing this... it's something that's been needed for a long time.

Posted by Diamond on March 28, 2007 at 01:35 AM PDT #

It's newbie training time...sorry about that. I have changed responsibilities and now have a need to be able to go straight to the horse's mouth, metaphorically speaking of course 8\^)

1. How do I do that? For a specific example, I would like to speak (blog) with someone concerning alert 266688 and libxml.

2. How do I get/find your responses to postings?

Your guidance will be most appreciated.
Kris H

Posted by Kris Huffman on September 11, 2009 at 02:57 AM PDT #

Post a Comment:
  • HTML Syntax: NOT allowed

This blog provides security vulnerability fix notifications relevant to third party software components distributed and supported as part of Oracle Products.
Summarized version of this blog is available as a mapping of CVEs and solutions.


« July 2016