Michael C and the team talk bout "going back to basics" and the
need for security fundamentals
Michael C talks a little about why we (security professionals)
fail at fixing problems at scale
We dive into the need for automation, and Michael C talks about
why creating more work for security professionals is a bad
Michael C and the crew talk through why many of our metrics
fail, highlighting the need to get away from the typical dashboard
approach of "bigger numbers is better"
We discuss the balance between false positives and false
negatives -- a super critical topic
Rafal brings up the role security professionals play in
software security, and why we can't be expected to drive the daily
We talk through centralized vs. de-centralized security, and
how to understand which works better, and where
Michael C gives us his 3 key take-aways for listeners (don't
We talk through "assume breach", and what it means for
Michael Coates ( @_mwc ) - Currently,
Michael is the Trust and Security Officer at Twitter where he leads
the information security team and drives overall security efforts
across the organization to a common goal and objective. Michael is
a staple of the OWASP community now serving on its board and having
contributed countless hours and lines of code to the
Security. Some assembly required.
Security is HARD, and 'real security' is a compromise between usability and security while knowing you're still accepting risk.
This podcast alternates between interesting interviews and news analysis every other week - tune in, subscribe and join the conversation on REAL security issues relevant to your enterprise.
Follow us on Twitter: @DtSR_Podcast
Check out Rafal's SecurityWeek column: http://www.securityweek.com/authors/rafal-los