http://www.apexassurance.com/blog ... the first Weblog for security certifications in the government and commercial industries Wed, 02 Jan 2008 04:41:28 +0000 http://backend.userland.com/rss092 en 2007 can be summarized in one word: busy. Thank you to our customers, employees, and partners who helped make this year better than even my high expectations. The first year of the blog saw just over 100 posts. The second saw just under 25. And given the current forecast, ... http://www.apexassurance.com/blog/2008/01/02/a-quick-look-at-2007/ I was just catching up on some blogs, and I saw this post from Thomas Ptacek. We’re still alive… but holy crap are we slammed. Funny… I was going to submit a similar post this week. Apex is in the same boat. I like Thomas’ brevity. Though, unlike the Matasano ... http://www.apexassurance.com/blog/2007/10/14/in-the-same-boat/ According to NIAP CCEVS: Beginning 1 October 2007, for FY08, the NIAP CCEVS office will begin accepting US Government PP compliant (basic, medium or high) and EAL 4 or above products in support of National Security customers. Product submissions meeting the above criteria will be queued and validation resources allocated as ... http://www.apexassurance.com/blog/2007/09/12/niap-ccevs-gates-opening-slightly/ It’s time for the semi-annual (or so it seems!) posting on the Apex Assurance blog. We’re looking for a Ruby on Rails developer, either part-time or full time. If you’re interested or know someone who is, please send an email to careers@apexassurance.com. I’ll save all the HR/marketing spiel. That’s not my ... http://www.apexassurance.com/blog/2007/08/01/got-rails/ NIST is now accepting comments on the latest draft of FIPS 140-3. From the website: Electronic comments may also be sent to: FIPS140-3@nist.gov with “Comments on Draft 140-3″ in the subject line. I saw this article a few days ago but didn’t have the time to post a link. Thank ... http://www.apexassurance.com/blog/2007/07/17/update-on-fips-140-3/ In case you missed it, there is a draft policy for the fee-for-service validation model from NIAP CCEVS. Details can be found at the NIAP CCEVS website. http://www.apexassurance.com/blog/2007/07/10/niap-ccevs-fee-for-service-comment-solicitation/ Has it really been almost two months since the last post? Wow. I’m sure your RSS reader is freaking out… and no, it doesn’t have a bug. Anyway, things have been extremely busy lately, and I’ve been thinking about the blog. Just not writing. Customers come first, then the company, ... http://www.apexassurance.com/blog/2007/06/13/breaking-the-silence-sort-of/ I was traveling this week and had an interesting encounter. The first leg of my flight was delayed, and I was going to miss my connection. I was rebooked on another airline, and I went to the desk to get my boarding pass. Since the booking was just made, I ... http://www.apexassurance.com/blog/2007/04/20/security-at-airline-kiosks/ There is a new FIPS 140 Testing Laboratory: ACTL: authsec Conformance Testing Laboratory. This brings the total to 14 labs. With the NIST queue for review standing at about 5 months, I do wish NIST would enlist the help of the labs to assist with the validation component. The increased ... http://www.apexassurance.com/blog/2007/04/16/new-fips-140-2-lab/ A customer poked fun at me for not updating the blog as often as in the past. Of course, he was just kidding because he knows how busy we’ve been, but I did promise an update. So here goes. This story requires two inputs: My two year old daughter loves Dr. ... http://www.apexassurance.com/blog/2007/04/10/heres-the-update/