It takes on average 90-days to recover from a breach. Equifax did it in 3. If we were to be compromised, do we have the tools and processes for rapid response?
Watch more videos on my YouTube channel.
It takes on average 90-days to recover from a breach. Equifax did it in 3. If we were to be compromised, do we have the tools and processes for rapid response?
Watch more videos on my YouTube channel.
A couple of examples for tracking adversaries on the web applications, and using those metrics to drive security activities.
Watch more videos on my YouTube channel.
RSA: DevOps Connect, Hosted by Courtney Kissler
As DevOps continues to be adopted across industries, IT security and application security professionals are being asked to secure the workflow and products. And we get asked to evaluate, recommend, and implement security controls well after the DevOps team has been established. Sometimes, months or even years after the team has launched. This talk speaks to that audience, sharing practices on how to start off strong. Approaches for building relationships, creating intuition, and becoming a trusted partner will be discussed and demonstrated. It is imperative we add security without taking away speed and agility, and the first 90-days is a crucial period.
Watch more videos on my YouTube channel.
A brief bit on what we can learn from the RSA Conference app leaking attendee data.
Watch more videos on my YouTube channel.
A lesson learned from watching this year’s FIRST Michigan state competition.
Watch more videos on my YouTube channel.
Remember the old Bell-LaPadula model for data classification? Time to dust those classic concepts off. Take microservices, the new and shiny. These introduce new areas of problems when different classifications of services are used by different classifications of apps. Here’s an example.
Watch more videos on my YouTube channel.
Microsoft Malware Protection Engine is fatally flawed. Patch now. So that’s a tad scary. But how the flaw got there, that’s more interesting.
Watch more videos on my YouTube channel.
Security happens where man meshes with machine. Human psychology, things like object permanence and object constancy, just might influence whether our cloud (SaaS, IaaS, PaaS) environments are secured.
Watch more videos on my YouTube channel.
One question is whether Cloud computing is more or less secure. A better question is whether we have the processes in place to do new things securely.
Watch more videos on my YouTube channel.
Data protected by … RAID? It’s worth considering what criminals can get off of even a single disk drive from a SAN array.
Watch more videos on my YouTube channel.