ACSAC 2012 Update #1

Well, the two training days of ACSAC (for which I am responsible) are over. I was able to audit three excellent sessions: one on Security Requirement Engineering, one on Assurance (which ended up having a greater focus on Mission and System Security Assurance), and one on Resilience. Good speakers, great subject material — this is what I love to see in ACSAC training sessions. I also had some great conversations over lunch and at the reception tonight regarding a myriad of technical subjects. Now if I can just avoid the ACSAC 15 (like the Freshman 15), I’ll be fine.

Tomorrow, some excellent technical sessions, plus I get to condense a 6 hour tutorial into perhaps 5!