Michael C and the team talk bout "going back to basics" and the need for security fundamentals
Michael C talks a little about why we (security professionals) fail at fixing problems at scale
We dive into the need for automation, and Michael C talks about why creating more work for security professionals is a bad thing
Michael C and the crew talk through why many of our metrics fail, highlighting the need to get away from the typical dashboard approach of "bigger numbers is better"
We discuss the balance between false positives and false negatives -- a super critical topic
Rafal brings up the role security professionals play in software security, and why we can't be expected to drive the daily tasks
We talk through centralized vs. de-centralized security, and how to understand which works better, and where
Michael C gives us his 3 key take-aways for listeners (don't miss these!)
We talk through "assume breach", and what it means for security
Michael Coates ( @_mwc ) - Currently, Michael is the Trust and Security Officer at Twitter where he leads the information security team and drives overall security efforts across the organization to a common goal and objective. Michael is a staple of the OWASP community now serving on its board and having contributed countless hours and lines of code to the effort.