Author Archive
Hi, my name is Dru Streicher, and I am going to talk about encryption today. A little bit about me, I am a Systems Administrator for Hurricane Labs, we’re Cleveland based network security company. I am a hardware hacker and a chip musician, and I also collect arcane technology. And I also collect vinyl records. […]
Read more →Posted in: News
Leave a Comment (0) →
A Proposal We’re done with the complaining. Now I’m going to spend a couple of minutes trying to talk about what you might be able to do about this, and what I think is going to happen to our industry over the next couple of years. Instead of looking at this as a sum of […]
Read more →Posted in: News
Leave a Comment (0) →
Data Center Security – an Incoherent Mess When I started thinking about a data center I had to try and find some lines to slice it along to try and make sense to the world. Here’s how I did it. I started thinking about the data center in 3 tiers: the Network, where the security […]
Read more →Posted in: News
Leave a Comment (0) →
Hi there! My name is Brian Chess. I’m Chief Scientist at Fortify Software. We were acquired by HP at the end of last year, and we’re excited to join the HP family. Today I’m talking about software security in the big picture. I tell you this is a real departure for me; I kind of […]
Read more →Posted in: News
Leave a Comment (0) →
Implementing process improvements Another area to focus on for security metrics would be to sort of look around and figure out what’s broken and what needs fixing. A few areas that I’ve broken this down into are the process area and the technology area. And I actually think that in some cases process improvements are […]
Read more →Posted in: News
Leave a Comment (0) →
Getting started with measuring security So, now that we’ve talked about why you would do security metrics in the first place, I’m going to go into a little bit of how you would get started. And this for me was a little bit of struggle. When I started a few years ago I looked for […]
Read more →Posted in: News
Leave a Comment (0) →
Hi, my name is Caroline Wong. And today I’m going to be talking about a beginner’s guide to security metrics. I currently manage the security program at Zynga Inc., and I was formerly the Chief of Staff for the Global Information Security Team at eBay, where I developed eBay’s security metrics program from the ground […]
Read more →Posted in: News
Leave a Comment (0) →
Standards and Compliance Most people who perform software security assurance do it for one of two reasons. First, they might be motivated by desire to manage their risk, this is really an internally facing motivation – our business faces certain risks, we might lose revenue or customers, we need to take security activities to avoid […]
Read more →Posted in: News
Leave a Comment (0) →
Code Review Now my favorite probably – code review, as I said, I got into software security from a code review static analysis standpoint. The origins of what we do in code review today, really, come from formal methods and verification processes. One of the most seminal works in this area was a document called […]
Read more →Posted in: News
Leave a Comment (0) →
Hi, my name is Jacob West. I’m the Director of Security Research at Fortify Software, recently acquired by Hewlett Packard. Today I want to talk about the evolution of software security assurance, some of the origins of the practices that we take for granted today, and where I think some of those practices are going […]
Read more →Posted in: News
Leave a Comment (0) →