Next week: Austin, TX

You’ll be able to catch me in my professional capability twice next week. I’ll be giving a talk on Tuesday in Austin, TX to the Austin chapter of ISACA (the Information Systems Audit and Control Association) on “Best Practices for Application Risk Management.” The argument: the current frontier in securing sensitive data and systems isn’t the network, it’s the applications securing the data. But just as it’s hard to write secure code, even with conventional testing tools, it’s even harder to get a handle on the risk in code you didn’t write. And, of course, it’s the rare application these days that is 100% code that you wrote. I’ll talk about ways that large and small enterprises can get their arms around the application security challenge.

I’ll also be joining one of our customers to talk in more depth about a key part of Veracode’s application risk management capability, our developer elearning program and platform, in a webinar. If you are interested in learning how to improve application security before the application even gets written, this is a good one to check out.

Grab bag: SharePoint zero day

Grab bag: Secrets and security

On the record

The BSO announced two new albums this week. I’m looking forward to hearing the Carter, and am ordering multiple copies of TFC: Celebrating the 40th Anniversary of the Tanglewood Festival Chorus. Not because it’s my chorus (I’m not on the disc–these were small group recordings that went through the year I started with the chorus), but because the repertoire is astonishing. A pair of Bruckner motets, including the Christus factus est, the Lotti Crucifixus, the Frank Martin Mass, and of course Copland’s In the Beginning.

Of course there’s a small irony–the cover photo shows the group holding music! But it’s a great image of a large Prelude concert group in Seiji Ozawa Hall. One of these days I’d love to be in that setting; our Prelude performances have been done by small groups since I joined the chorus, so I’ve never performed in Ozawa.

Grab bag: Monkeybagels!

Happy birthday, Mr. Jefferson

Thomas Jefferson was born 267 years ago, on April 13, 1743. Seventy-six years later he would lay the cornerstone at the University of Virginia.

I’ll have a few more thoughts later about Mr. Jefferson, UVA, and Founder’s Day, but for now two thoughts from the man himself:

Determine never to be idle…It is wonderful how much may be done if we are always doing.

Enlighten the people, generally, and tyranny and oppressions of body and mind will vanish like spirits at the dawn of day.

Adventure looking forward

Chris Baldwin’s brilliant comic (I won’t belittle it by calling it a “web comic”) Little Dee ended today. He’s been winding it down for months, so it’s no surprise that it’s over. What is a surprise to me is how resonant the ending is, even in its first two panels:


It’s tempting, as I start to see forty up on the horizon, to think that all my adventures and all the beauty are behind me. Weeks like last week, when my father in law was in and out of the hospital and I was forced by illness to withdraw from a Tanglewood Festival Chorus concert run that would have taken me to Carnegie Hall, seem to reinforce that thought.

But then I watch my family, and I catch my breath a little bit at all the beauty that is yet to come.

Grab bag: Foolishness, sputtering, and agendas