QA Security Testing

In my quest for designing strong QA tools and tests for security testing, I came across a really sweet tool to help out. Cenzic has a product out called HailStorm that is an automating security quality assurance system for complex environments. I know Greg from his old days at Tripwire and didn't realize he did a new start up to do this. Assuming I don't need a second mortgage to get the thing, I am seriously considering putting Hailstorm into my build environment. Only time will tell if that will happen

Even with that tool, I expect to continue to build up an arsenal of security tests in perl to help out. Whenever I get a chance, I will end up putting that online for everyone to use. Can help us all out.

Had a great sushi lunch with Arcterex today. Reminds me of the old days of everyone going together. We will need to make a point of all getting hooked up to do a sushi lunch. If you are interested, let me know.

Right now I am working on my business plan. Should have it done by next week and basically rounds out all the core documentation needed to be done. Next will be following the plan and really get moving on delivering product. Should be fun to get absorbed in development again. I still haven't figured out which tools I am going to use (C# vs. MFC/C++) for the UI. I am wrestling with the familar of C++ for speed and the new security features that C# offers. Not an easy decision. I still need to weight the languages accordingly to determine which will cause more "issues" for expansion in the future. Right now I am still undecided.

MS Word beckons me. Clippy is screaming that he is lonely. I better get back at it. TTYL