This presentation will take you through the biggest areas where you need to focus your efforts in order to keep your data safe in AWS, and will show some real-life examples of what could go wrong if you make compromises or allow bad practices.
Abstract Many believe that better security comes from robust independent gating, but DevOps has proven that you can safely deploy orders of magnitude faster without human gating. Comcast uses a DevSecOps approach which focuses on automation, speed and team ownership of end-to-end product security lifecycle. It’s agile and developer-focused. It’s about building security in rather … Read More
Justin Reagor attended “The Eleventh HOPE” – a conference from the Hacker Quarterly. This is his show review.
This talk has two parts. First, I will present technical ideas from research, including my own, that help secure software by construction. Even though these are reasonable ideas, however, the gap between academia and industry often prevents these ideas from becoming realized in practice. Second, I will discuss what prevents longer-term security solutions from being commercialized, how we started the Cybersecurity Factory accelerator bridge the research/industry gap, and how we can work together to address the issues that remain.
Social engineers use a dangerous combination of technology and old-fashioned con artistry to infiltrate organizations every day. In this talk we’ll walk through the social engineering process including research, target selection, attack selection, and attack execution.
Podcast: Play in new window | Download (Duration: 26:38 — 30.5MB) | Embed
Ken and Joel wrap up the year with a bit of conversation about smart watches, whether you’re a user of tools or conversationalist with your code, and a number of other little ditties.
Podcast: Play in new window | Download (Duration: 29:18 — 33.5MB) | Embed
YEAH! Integrating yeoman-style projects into a larger maven build – Addy Osmani comes up with the goods. Making Maven Grunt We buried the lead – NSA can get to everything Joel brings up the counter-point, an article by ARS. Vertx 2.0 Q&A on InfoQ w/Tim Fox – As per last week’s episode, Vert.X is an … Read More
Podcast: Play in new window | Download (Duration: 27:40 — 31.7MB) | Embed
It’s our 50th episode! More to come, now weekly. Send us feedback on @techcast. Topics ARS – You can crack iPhone auto-generated hotspot passwords in seconds – http://arstechnica.com/security/2013/06/new-attack-cracks-iphone-autogenerated-hotspot-passwords-in-seconds/ Android phone #s breeched by Facebook app – http://www.darkreading.com/mobile/android-phone-numbers-leaked-by-facebook/240157723 – ARS – The more complex the rules, the more annoying, and is it really more effective than just a longer … Read More
Podcast: Play in new window | Download (Duration: 37:50 — 43.3MB) | Embed
It’s the big return of the regular DevNews this week. My co-host Joel Confino and I discuss lots of big data stuff, including: They hype it, then they try to kill it – Why Big Data is not truth – just using Big Data techniques doesn’t make it easy to select good data to begin … Read More
The recent news that the popular dating site Plenty Of Fish was hacked and that passwords and other user information was stolen truly disheartened me. It was just the latest in a seemingly endless list of such hacks over the years, recently including Gawker Media (Lifehacker, Gizmodo), McDonald’s, Walgreen’s and Pizza Hut. Apparently, Little Bobby … Read More
