Author Archives: Kevin Lam

Kevin Lam, CISSP has over 10 years of experience in information security and has been publicly recognized in 2008, 2009 and 2010 by companies such as Microsoft for his online security contributions and vulnerability research. In 2010 he was awarded a Developer Security Most Valuable Professional (MVP) award from Microsoft Corporation.

Prior to 2007, Kevin was a senior security team member at Microsoft Corporation. At Microsoft he was responsible for protecting and assessing (penetration testing, vulnerability research and application security code review) the security of high-valued highly-targeted products, infrastructure and assets, as well as envisioning and delivering corporate security strategies. He was also a trusted security advisor and trainer to the executive and security teams of some of Microsoft’s largest customers on malicious hacker techniques, best practices and security strategies. Before Microsoft, Kevin was a lead penetration tester at a Big 4 audit firm where he led simulated malicious hacker attacks against Fortune 100 customer networks and trained other global security consultants.

Kevin is the lead author of the book Assessing Network Security (ISBN: 9780735620339), has contributed to several other books and has published several magazine and online articles. He was also responsible for releasing the initial two versions of the Microsoft Anti-Cross Site Scripting Library, which is used by enterprises world-wide to provide protection from the #1 online attack today.

Sony PlayStation Network Hack

This came across my desk yesterday and looks like the Sony PlayStation Network was hacked according to  Details are trickling in, but it’s believed that over 70 million credit cards were compromised as part of this hack.  Here’s the official response from Sony. –Kevin LOCKBOX SFT, the easiest to use and most secure file transfer […]

RSA Security Breach, SecurID Data Stolen

RSA recently reported that its networks were breached and data was stolen regarding their SecurID tokens.  You can find stories about this pretty easily, but this link I found was the most helpful in terms of what customers can do now. –Kevin LOCKBOX SFT, the easiest to use and most secure file transfer service

LOCKBOX Passwords iPhone App Was Released!

Our iPhone passwords app called LOCKBOX Passwords was release last week.  Check it out on the Apple AppStore at  If you have lots of passwords to remember, and want to keep them organized and highly secured, this app is for you! –Kevin LOCKBOX SFT, the easiest to use and most secure file transfer service

Make Your Own Secret Sauce: Guest Post on Sources of Insight

Not related to security, but still might be an interesting read for some of you.  Here’s a guest post I wrote for the Sources of Insight site on “secret sauces”.  Enjoy, –Kevin

LOCKBOX Passwords iPhone App Releasing Soon

Just wanted to share the news that over at LOCKBOX we will soon be releasing our iPhone app that lets you store your most sensitive passwords in a highly secure and safe way.  Sure we know that there are lots of similar apps, but this one has extended security features that help protect your data […]

Impacta donates 10% of its 2010 revenue to local charities

2010 was another great year for Impacta and I am proud to announce that we just gave away 10% of our 2010 revenue (top line) to local charities, like the Seattle Humane Society.  It is my personal opinion that in times like these, charities need as much help as they can get in order to […]

Top 3 Things Obama Wished He Had Known in 2010 About Data Protection – What You Can Do To Not Be the Next WikiLeaks Featured Story

Checkout our data protection post about the WikiLeaks fiasco and how it could have been prevented. Enjoy, –Kevin LOCKBOX SFT, the easiest to use and most secure file transfer service:

Microsoft releases case study of LOCKBOX SFT

Microsoft last week released a great case study of our LOCKBOX Secure File Transfer (SFT) and data protection solution (, and how we leverage Microsoft Azure to bring a fast, reliable and secure solution to our customers.  Microsoft did a fantastic job describing the business problems we are solving, how we solved those problems and […]

Shaking my head again … the Microsoft security patch MS10-070

Microsoft earlier this week released an important patch that addresses the MS10-070 security issue which affects nearly every ASP.NET Web application, and I have to say I once again find myself shaking my head with disappointment.  But not at Microsoft. Microsoft did the right thing: they acknowledged the issue, released details about how to implement controls […]

3 Top Ways to Lose Your Best Security People

National Public Radio (NPR) reported several weeks ago that the United States government was seeing a shortage of qualified ‘cyber (security) warriors’, that is professionals who are skilled enough to effectively protect the US digital infrastructure from cyber attacks. The original article lives here: The article glanced at the general problem and what the US […]


Get every new post delivered to your Inbox.