Mon, 18 June 2012
Greetings fans, this episode promises to be a great one with the likes of Adam Shostack starting off talking about what the whole concept of "New School Security" is all about, and how it differs from the way we've all done it for the past 15+ years. Adam and I talked through some new interesting ideas for moving the information security community and discipline forward, and even commented on how we can start to overcome the security community's focus on 'secrecy' when things go wrong. How do security professionals understand what the desired outcomes should be, then start to move towards implemting pragmatic approaches to move closer to those desired outcomes - because in the end it's really about business and getting it done, not about 'security'.
You will be sorry if you miss this episode!
Direct download: Episode_17_-_Adam_Shostack_on_New_School_Security.mp3
Category:Information Security -- posted at: 12:36pm CST
Thu, 14 June 2012
Last winter, on a frigid afternoon I got a chance to sit down with 2 of my favorite Iowa locals, Kevin and Kenneth to talk about the tenuous relationship between QA and Information Security. Earlier in the day I had given a workshop on software security testing (of the web variety) to a ViViT user group, and with that topic and their questions/concerns fresh in my mind I settled down for a 30 minute conversation with Kevin and Kenneth ... we essentially continued the conversation from Episode 3 (please give that a listen if you haven't yet to get a background).
Some of the questions we tackled included "Which team within the software development or security organization is best positioned to test the security of applications?", and "Can Information Security ever really thoroughly test an application without the full context?" ...and much more.
Give this episode a listen!
Direct download: MicroCast_04_-_Kevin_Riggins__Kenneth_Johnson_-_QA__Security_Software_Testing.mp3
Category:Information Security -- posted at: 3:02pm CST
Mon, 4 June 2012
Greetings friends! I am taking some time to do something a little out of the ordinary right now... I'm coming to you from beautiful Las Vegas, Nevada and HP Discover 2012 where the theme is Make it matter.
Rather than doing yet another blog post on how beautiful the show floor is, and how amazing the content is going to be, I've recorded a little bit of audio, about 6:30 miutes or so to give you a feel for what we're up to, what's going on, and why I'm downright giddy with excitement.