Tag Archives: Podcast

WebSphere MQ – Coming soon to an audit near you!

The June 29 episode of The Deep Queue is finally up!  Sorry about the delay, I was on an engagement last week that had me staying over the weekend in Boston to perform a production implementation on Saturday.  Although I’ve … Continue reading

Posted in DeepQueue, Podcast, WMQ Security | Tagged , , , , , , , , , | Leave a comment

Deep Queue #11: Security breaches are not news?

The subject of the UC Berkeley data breach was discussed on the May 15th Security Squad podcast.  The thing that struck me was that the breach itself was not the topic of conversation but rather the debate was about whether … Continue reading

Posted in DeepQueue, IBMMQ, Podcast, WMQ Security | Tagged , , , , , , | Leave a comment

The Deep Queue – Episode #10: Cash in on mortgaged risk!

No, that’s not mortgage risk.  Someone’s already done that and look where it got us.  No,I’m talking about mortgaged risk – the act of saving time or money by accepting risk that is hard to measure but easy to hide … Continue reading

Posted in DeepQueue, Events, IBMMQ, Podcast, WMQ Security | Tagged , , , , , , | Leave a comment

The Deep Queue – Episode #9: Going postal about WMQ security

This episode of The Deep Queue takes its inspiration from the thousandth time I was asked how to “turn on MQ security”.  Yes, that’s right, the thousandth time.  At least since I’ve been counting.  There were perhaps half a thousand … Continue reading

Posted in DeepQueue, IBMMQ, Podcast, WMQ Security | Tagged , , , , , | Leave a comment

The Deep Queue – Episode #8: The good news and the bad news

This episode of The Deep Queue contains news about the new MSoT stand-alone WMQ Explorer SupportPac, yet another payment processor data breach, updates to some items we’ve covered in the past and breaking news about a WebSphere MQ interim fix … Continue reading

Posted in DeepQueue, Errata, IBMMQ, MQMFT, Podcast, Publications, WMQ Security | Tagged , , , , , , , , | 1 Comment

The Deep Queue – Episode #7: Reducing your attack surface

This installment of The Deep Queue is about improving security by reducing the number of attack vectors that are exposed.  Given two systems with equivalent functionality the one with more exposed attack vectors is said to have a “larger attack … Continue reading

Posted in DeepQueue, IBMMQ, Podcast, WMQ Security | Tagged , , , , , , , | Leave a comment

The Deep Queue – Episode #6: The Myth of the Trusted Internal Network

In this episode of The Deep Queue I explain why I believe the “trusted internal network” is a myth.  Many of the problems that I see on consulting assignments would have been prevented by the same security measures I recommend … Continue reading

Posted in DeepQueue, IBMMQ, Podcast, WMQ Security | Tagged , , , , , , , | 1 Comment

The Deep Queue – Episode #4: Listener email and why you should care about message types

In this installment we answer an email from a listener asking about channel authentication.  The requirement is for a channel exit pair that exchanges credentials securely then falls back to a plaintext channel.  In the second segment we talk about … Continue reading

Posted in DeepQueue, IBMMQ, Podcast, WMQ Security | Tagged , , , | 3 Comments

The Deep Queue – Episode #3: Ethical Administration

In this episode of The Deep Queue I propose something I’m calling “ethical administration”.  Most people have heard of ethical hacking – doing what the bad guys do on behalf of and in cooperation with the good guys.  Ethical administration … Continue reading

Posted in DeepQueue, Podcast, WMQ Security | Tagged , , , | 2 Comments

The Deep Queue – Episode #2: Security Best Practices and FIPS

I just uploaded the second episode of The Deep Queue.  This episode expands on my recent Mission:Messaging column and also discusses some nuances of working with FIPS compliance in WebSphere MQ.  The next episode is scheduled for October 6th.  Between … Continue reading

Posted in DeepQueue, Podcast, WMQ Security | Tagged , , | 3 Comments