Category Archives: Podcast

The Deep Queue – Episode #7: Reducing your attack surface

This installment of The Deep Queue is about improving security by reducing the number of attack vectors that are exposed.  Given two systems with equivalent functionality the one with more exposed attack vectors is said to have a “larger attack … Continue reading

Posted in DeepQueue, Podcast, WMQ, WMQ Security | Tagged , , , , , , , | Leave a comment

The Deep Queue – Episode #6: The Myth of the Trusted Internal Network

In this episode of The Deep Queue I explain why I believe the “trusted internal network” is a myth.  Many of the problems that I see on consulting assignments would have been prevented by the same security measures I recommend … Continue reading

Posted in DeepQueue, Podcast, WMQ, WMQ Security | Tagged , , , , , , , | 1 Comment

The Deep Queue – Episode #5: WMQ Security news and Random WMQ Stuff

The Deep Queue Episode #5 is now online.  In this episode we cover some WMQ security news and introduce a new segment called Random WMQ Stuff which is pretty much what it sounds like.  We also now have an iTunes … Continue reading

Posted in DeepQueue, Podcast, WMQ, WMQ Security | Leave a comment

The Deep Queue – Episode #4: Listener email and why you should care about message types

In this installment we answer an email from a listener asking about channel authentication.  The requirement is for a channel exit pair that exchanges credentials securely then falls back to a plaintext channel.  In the second segment we talk about … Continue reading

Posted in DeepQueue, Podcast, WMQ, WMQ Security | Tagged , , , | 3 Comments

The Deep Queue – Episode #3: Ethical Administration

In this episode of The Deep Queue I propose something I’m calling “ethical administration”.  Most people have heard of ethical hacking – doing what the bad guys do on behalf of and in cooperation with the good guys.  Ethical administration … Continue reading

Posted in DeepQueue, Podcast, WMQ Security | Tagged , , , | 2 Comments

The Deep Queue – Episode #2: Security Best Practices and FIPS

I just uploaded the second episode of The Deep Queue.  This episode expands on my recent Mission:Messaging column and also discusses some nuances of working with FIPS compliance in WebSphere MQ.  The next episode is scheduled for October 6th.  Between … Continue reading

Posted in DeepQueue, Podcast, WMQ Security | Tagged , , | 3 Comments

The Deep Queue – Episode #1: PCI-DSS and WMQ

The first episode of the new Deep Queue podcast is online!  In this episode I introduce the podcast for a few minutes and then talk about a discussion that I had with some guys from the IBM Retail group.  The … Continue reading

Posted in DeepQueue, WMQ Security | Tagged , , | Leave a comment