I want to thank Carolyn Kopprasch and the @BufferApp team
for getting back to me, and agreeing to not only join the podcast,
but also field questions from "anyone" ...what a cool group of
people!
In this episode
Carolyn gives us some of the insider's perspective on what
really happened, when Buffer got hacked
Carolyn and I discuss triage methodology, and how Buffer's
small team responded
In-depth conversation on the communications strategy and
implemented plan to be totally transparent
We discuss that point where it's time to "shut it down" and the
need to have the ability and information to make the decision
Buffer's team did when they shut down the service temporarily
Carolyn talks about some of the non-typical ways that her team
detects potential security issues
Caroly dispenses some solid advice for anyone in a small shop
that may be operating ultra-lean
Finally, Carolyn and I talk about software security and what
role it (or the lack thereof) played in the Buffer incident
Guest
Carolyn Kopprasch ( @CaroKopp ) - Carolyn is
currently Buffer's "Chief Happiness Officer". Her role is to
make sure that Buffer's customers are, in fact, happy. Also she has
a web presence right here: http://CaroKopp.com
Security. Some assembly required.
Security is HARD, and 'real security' is a compromise between usability and security while knowing you're still accepting risk.
This podcast alternates between interesting interviews and news analysis every other week - tune in, subscribe and join the conversation on REAL security issues relevant to your enterprise.
Follow us on Twitter: @DtSR_Podcast
Check out Rafal's SecurityWeek column: http://www.securityweek.com/authors/rafal-los