My Publications

Well, so far, i have not fared very well as far as content churn is concerned. Mostly because of my self-induced-coma-like-tamasic-laziness. My ancestors would have scoffed at it (maybe they already are. However, if my life is any indication, i think they are benevolent and merciful, like my parents. But i digress, again).

Here’s a partial list of things that i have published so far. Hoping to increase the quality in the times to come (Credit: Anton Chuvakin for inspiring the format): -

1. Mar 2016, {ctrl+z} My Interview :: Here’s what is should have said (LinkedIn post); I have tried to re-capture the essence of an ISMS implementation through a-should-have-been version of an interview response that I gave long time ago.
2. Mar 2015, ModSecurity — Manager’s Dilemma (un-edited version, published in march issue of OSFY); This article tries to explain why deploying WAF in general, and modsecurity in particular, makes sense for a manager.
3. June 2014, Process Myths — busted (published as a post on LinkedIn); This post lists some of the customer impressions related to processes that i could gather and my response to those myths.
4. Sep 2013, Importance of Maturity Models in ISMS (published in October issue of ClubHack magazine); This article discusses the importance of process and maturity models and their requirement for ISMS (Information Security Management System).
5. Sep 2013, Why is host integrity monitoring important (published in October issue of OSFY); This article discussed the role of file integrity monitoring system in the present compliance and regulation landscape.
6. Aug 2013, DSCI Security Framework for ISO 27001 Implementers (published in September issue of ClubHack magazine); This article discusses the DSCI Security Framework and its relevance for ISO 27001 implementers.