Skip to content

My research

BT Hall of Fame

Date: 8 Aug 2024

TOGAF ® and SABSA® Integration - How SABSA and TOGAF complement each other to create better architectures

Context: I discovered and responsibly disclosed a vulnerability in one of the BT Group online systems. Proud to be the first on their Hall of Fame page!


Link: https://www.bt.com/about/contact-bt/responsible-disclosure/hall-of-fame

Overrated/Underrated with Vladimir Jirasek

Date: 19 March 2020

link: https://www.virturity.com/archives/805

I was interviewed by Daniel Schatz on his famouse "Overrated/Underrated".

Extract from the page:

Intrusion Prevention Systems

I’ll split my answer to this question into the two modes of application, as IPS can be implemented on network level as well as host level. The former, network IPS, is certainly overrated in my option. The technology is increasingly blinded by network and application level encryption as well as advances in TLS protocols. In addition, most organisations implementing IPS actually leave it in detection mode only in order to limit risk of Network IPS blocking legitimate traffic. The technology does have its place, including in cloud environments, but its importance should be lower in the security technology stack, hence overrated status.

Host based IPS, on the other hand, is a technology that is firmly embedded into operating system defences; Perhaps it is not called Host IPS anymore nowadays. Looking at known bad behaviour (signature based),as well as heuristic analysis of operating system, user and application activity means it is a really useful tool in overall cyber security architecture. I firmly believe it will be embedded into operating systems and as such it is still underrated technology.

Blockchain

It is hard to escape the hype around blockchain. I have been involved in a few blockchain projects, one of them Lethean VPN where blockchain is used to handle payments for VPN services in an truly anonymous way. Is blockchain under- or overrated? Hard to settle on either option as many use cases are flawed (looking how to solve already solved problem with blockchain) or very much pioneering (using blockchain to support processes and relationships where centralised authority would not work). For example, I believe peer to peer payments and supply chain compliance use cases are currently underrated and should receive bigger attention.

PCI DSS

This one is easy – “overrated”. An industry still clinging to an archaic system of 16+ payment card numbers when in fact there are much better, and cryptographically stronger, payment methods is just insane. Also, PCI DSS, while conceived with great intention at the time, feels archaic, prescriptive, and simply unnecessary. My vote is to scrap PCI DSS and use better international frameworks and standards to protect payment card data (while this archaic system exists), such as NIST CSF.

TOGAF® and SABSA® Integration White Paper

TOGAF ® and SABSA® Integration - How SABSA and TOGAF complement each other to create better architectures

Date: October 2011

Context: I was one of the reviewers of a white paper that outlines how TOGAF and SABSA can be integrated. The paper presents a method for enhancing the TOGAF Enterprise Architecture framework by incorporating the SABSA security architecture approach, resulting in a unified, holistic architecture methodology. Its goal is to help enterprise and security architects fully embed security and risk management into enterprise-level architectures, invite review and feedback, and inform the global architecture community about proposed contributions from the SABSA perspective for future versions of the TOGAF standard

Link to the free white paper (registration required): https://publications.opengroup.org/w117