No sleep for the Agile


Aha! I’ve found internet and some time where I’m not talking with the security geeks around APAC.    An incredible trip highlighted by many incredible people. The meetings continue to drive home the facts…

Security is important.. until it adds work to the company.

Developers are the bane of security teams

(comments made tongue in cheek)


Agility event:  It was a terrific event with F5, partners, and a huge client base. I was invited down to talk about the state of security and the positioning of F5 security.



Threats continue to advance,  sources are constantly shifting, and it’s really frigging annoying.

Defenses are still lacking in a lot of areas, specifically dynamic threat response. Most companies are forced still to wait on vendor patches to stop newly found vulnerabilities. (side note.. F5 platforms, iRules, nuff said). The delay always puts security folks in a tough spot. Stay up and vulnerable, or degrade service until the patch can be installed?

F5 is a Secure Data Center Firewall. Besides being ICSA certified,  it provides all the functionality and more. The difference is that it doesn’t look and feel like the “old guard” of firewalls.    Disagree?  Comment why, we’ll talk.    

Heard around the conference:

“Wait… you can do that?”

“… and then my dev team installed a whole new framework.. without having security test anything”


I’d like to thank the coordinators of the conference and all the participants.  The best part of these types of events is the one on one conversations you get to have with people. That is were the fun, innovation and good laughs come from.


Goodbye Bangkok, and thanks for all the… Khao Niao MaMuang !

Published Mar 15, 2012
Version 1.0

Was this article helpful?

No CommentsBe the first to comment