Nice present from (ISC)2 – CSSLP renewal for 3 years

Six years ago I was writing here about getting my “Certified Secure Software Lifecycle Professional” certification: Two certification cycles in the future, meaning 6 years, I received an update for my diplom and some goodies: And inside the new diplom, the card and a pin.


ENCRYPTION IS NOT SOLVING ALL CYBERSECURITY PROBLEMS     Sorin Mustaca, CSSLP, shares his thoughts from a recent Frankfurt-based automotive show on the overreliance of the car industry on Encryption, noting “…all those lights are sensors and processors which communicate with each other via the CAN BUS (Controller Area Network). If one of them is compromised, it will send invalid data to the others and the consequences are unpredictable. The data will leave the car encrypted and will be decrypted on destination, but the information is compromised.”      

No Image

(ISC)2 EMEA: Quote for the Day

In the News Quote for the Day “It is no secret that the cyber criminals are where the money is. If the targets are easy to breach, it is even better since this improves the ratio effort/outcome for them.” Sorin Mustaca, CSSLP, covers the basics for small to medium business inComputerWorldUK’s Infosecurity Voice and on the (ISC)2 blog.

No Image

Added in (ISC)2 Corner My cooperation with is finally showing something. I was addded on the (ISC)2 Security Corner:                       Sorin Mustaca, Avira Operations GmbH & Co. KG Sorin Mustaca, (ISC)²-zertifizierter CSSLP, CompTIA Security+,Project+, ist seit 2000 in der IT Sicherheitsindustrie und seit 2003 bei Avira tätig. In seiner aktuellen Rolle als Produktmanager ist er verantwortlich für die bekannten AntiVir-Produkte, die von über 100 Millionen Anwendern weltweit genutzt werden. Herr Mustaca hat sein Software-Ingenieur Diplom an der Universität „Politechnica“ in Bukarest erworben. Seitdem ergänzt er sein akademisches Wissen mit Produkt- und Projekt-Management-Kenntnissen, um neue und fortschrittliche Lösungen für die IT-Sicherheit zu erschaffen.

No Image


I am becoming more and more interested in the (ISC)2 Certification called CSSLP: Certified Secure Software Lifecycle Professional They have a whitepaper for this certification called “Code (In)Security” written by Mano Paul. I am not allowed to publish the direct link because they request registration before giving the link to the whitepaper. In order to register (gratis), go to this link: There is something interesting in this whitepaper: the acronym I.N.S.E.C.U.R.E : I – Injectable code N – Non repudiation Mechanisms not present S – Spoofable code E – Exception and Errors not Properly handled C – Cryptographically Weak Code U – Usafe/Unsecure Functions and Routines in Code R – Reversible code E – Elevated Privileges Required to Run I can’t copy paste what each of these mean, but do please, read the paper 😉

%d bloggers like this: