I’m starting to become that guy that I always laughed at at the office–staying up late working while the wife and family go to sleep around him. It isn’t that funny when it happens to you, though.
We’re in the final run to a big release, coming out in a week, and the days are packed between now and then–getting ready for my webinar tomorrow, two back to back big demos next week, lots of work coming on the horizon. I love this feeling when I’m on the cusp of a lot of big things happening, but already I’m looking forward more to beginning the next phase of work than I am to the release. There’s just so much waiting to be built. Maybe that’s why I never took to product marketing. I like building things more than talking about them.
This weekend I had one of those eerie experiences where you step into a picture you’ve always watched, but never imagined yourself in.
When I was growing up, the Fourth of July meant band concerts at Fort Monroe–if you’re growing up in Tidewater Virginia, military base concerts are your best bets for live music and fireworks–but it also meant the Boston Pops on TV. I remember vividly watching in the late Fiedler years, then later in the John Williams era. I made a pilgrimage to see the event in person in 2001, at the dawn of this blog. When we lived in Seattle we’d watch the show televised from the Hatch Shell and think about being in Boston. When we moved back to the area, we watched on the big screen at Robbins Farm Park, or else simply flaked out in front of the TV (the best place to watch the Aerosmith spectacle from a few years back).
But I never dreamed I’d be singing on the stage, in front of about 800,000 people. We had a warmup concert on the 3rd with an audience in the tens of thousands, but it was no preparation for the crowds, the heat, and the excitement. The music for a July 4 concert can be expected to be the usual patriotic numbers, and this year did not disappoint, but there were also some truly moving moments, such as the tribute to the Kennedy brothers–which, judging from the feedback on Twitter was a highlight of the show (at least for some). I hope we get a chance to do the show again soon–maybe with a few more lyrics and less humming.
XSS on a brochureware site should be a wakeup. If your site just uses JavaScript, you’re vulnerable, and it doesn’t matter if you didn’t write it yourself.
I do! I do! My favorite flavors at Toscanini’s, the only ice cream store that has ever truly understood me, have been the odd ones–basil, green tea, Guinness (now almost a cliche, in 2000 a revelation). Prosciutto ice cream? Government Cheese ice cream? Bring it…
The Windows tax strikes again. Microsoft is in a hell of a place right now. If Windows isn’t central to everything that they do, they kill their core strategy; but if it is, they risk killing all innovation at the company. I think that more people there should be reading “The Innovator’s Dilemma.”
No surprise: there’s a lot more to secure development in any methodology than simply “not writing bad code.” Some of the topics we’ll be including are:
Secure architecture — and how to secure your architecture if it isn’t already
Writing secure requirements, and security requirements, and how the two are different.
Threat modeling for fun and profit
Verification through QA automation
Static binary testing, or how, when, and why Veracode eats its own dogfood
Checking up–internal and independent pen testing
Education–the role of certification and verification
Oops–the threat landscape just changed. Now what?
The not-so-agile process of integrating third party code.
It’ll be a brisk but fun stroll through how the world’s first SaaS-based application security firm does business. If you’re a developer or just work with one, it’ll be worth a listen.
