Blog and updates

Latest posts

Are you DROWNing?

  Today a new SSL attack was released named DROWN Attack. DROWN stands for Decrypting RSA with Obsolete and Weakened eNcryption. You can read all the nasty details here DROWN Attack (CVE-2016-0800) To protect against DROWN,…

I Encrypt, therefore I Am

In this age of global surveillance and spying, encrypting communications has become the standard. Companies, big and small, are finally taking the necessary steps to encrypt all their traffic traversing…

Auditing Automation

The use of automation has fundamentally changed the IT landscape and made us more efficient in managing our increasingly complex environments. In this post I will explore the benefits and…

Installera en LEMP server för WordPress

Det finns i dagens läge ett flertal olika alternative för att hosta en WordPress installation. En vanlig lösning kan vara att använda en delad hosting lösning så som t.ex. HostGator.…

Stranded! Has s/y Credit Card sailed?

  A couple of weeks in to the vacation I feel that I'm doing things that I normally don't. Not all that uncommon, the Finnish summer thus far has provided us…

Riding the Automation Paradigm Shift?

I have been thinking about and experimenting with automation tools quite a bit for the last year, gradually envisioning the business value of infrastructure automation and subsequently trying to evangelize…

The truth wins?

Interesting insights by David Froud:  Why all QSAs must lie "The business must never be changed to fit into PCI compliance alone, the INTENT of PCI must be fit into…

Business as usual

Coming Soon – Supplemental Validation procedures for Designated Entities It's worth having a glimpse at PCI Guru to catch the latest thoughts on "supplemental validation procedures coming". Getting your internal…

Automation + Security = False?

Those who know me have seen/heard me rant and rave about automation, automation, automation like a crazy Steve Ballmer for the last few years and probably wondered what this "Security…