Tag Security

Container Security with Phil Estes

http://traffic.libsyn.com/sedaily/Container_Edited.mp3Podcast: Play in new window | Download Containers have become the unit of infrastructure that many technology stacks deploy to. With the shift to containers, the attack surface of an application has changed, and we need to reconsider our security models; the resource allocation of our containers, the interactions between different containers on a single machine, and the big picture–how the external web may interact with our containers. Phil Estes

Continue reading…

Slack Security with Ryan Huber

http://traffic.libsyn.com/sedaily/Slack_Security_edited.mp3Podcast: Play in new window | Download Security for the popular chat application Slack is a major focus for the company. A corporate Slack account is as valuable to a hacker as a corporate email account. In today’s episode, Ryan Huber and I talk through Slack’s approach to security–from philosophical discussions of how to company approaches security to the technical practices of logging and monitoring, and why Slack has a

Continue reading…

Electronic Frontier Foundation with Nate Cardozo

http://traffic.libsyn.com/sedaily/EFF_Nate_Edited.mp3Podcast: Play in new window | Download When the US government hacks its own citizens, The Electronic Frontier Foundation is often the best source of reporting to find out what laws the government has broken. When a change to the privacy policy of Google or Facebook is made, the Electronic Frontier Foundation is the best place to find out how that change in privacy exploits users. The Electronic Frontier Foundation

Continue reading…

Data Breaches with Troy Hunt

http://traffic.libsyn.com/sedaily/Troy_Hunt_Edited_2.mp3Podcast: Play in new window | Download When you hear about massive data breaches like the recent ones from LinkedIn, MySpace, or Ashley Madison, how can you find out whether your own data was compromised?   Troy Hunt created the website HaveIBeenPwned.com to answer this question. When a major data breach occurs, Troy acquires a copy of the stolen data and provides a safe way for individuals to check if

Continue reading…

Industries of the Future with Alec Ross

http://traffic.libsyn.com/sedaily/Industries_Edited.mp3Podcast: Play in new window | Download Alec Ross worked in the White House as a Senior Policy Advisor to Hillary Clinton. His book Industries of the Future explores the biggest technological opportunities and threats to our society. The industries addressed in his book include robotics, genetics, and cybersecurity. Technological familiarity is increasingly correlated with an individual’s optimism. Cyberwarfare presents attack vectors that are difficult to insulate against. Arguments about

Continue reading…

Security and Machine Learning in the Call Center with Pindrop Security’s Chris Halaschek

http://traffic.libsyn.com/sedaily/Pindrop_Edited.mp3Podcast: Play in new window | Download Call centers are a vulnerable point of attack for large enterprises. Fraud accounts for more than $20 billion in lost money every year, and a significant portion of that fraud is due to customer service representatives being fraudulent social engineering attacks.   Chris Halaschek joins the show today to discuss how Pindrop Security is addressing this attack vector. Every phone call that gets

Continue reading…

Secret Management and Vault with Hashicorp’s Seth Vargo

http://traffic.libsyn.com/sedaily/Vault_Edited.mp3Podcast: Play in new window | Download Every software application has secrets. User passwords and database credentials must be managed carefully, because poor access controls can lead to disaster scenarios. Vault is a tool for secret management, developed at Hashicorp, a company that builds software tools for application delivery and infrastructure management. Seth Vargo is a software engineer and open source advocate at Hashicorp, and in today’s episode he discusses

Continue reading…

Let’s Encrypt with Josh Aas

“If everyone is going to use TLS, people need to trust their certificate authority, and the way to gain trust is through openness.”

Continue reading…

QCon: Fundamental Answers

Software Engineering Daily prefaces each theme with a collection of fundamental questions. These are the answers to our questions from QCon Week. What are the common threads that disparate speakers are talking about? You are building a distributed system. “There will never be a silver bullet,” said Caitie McCaffrey. Consistency, availability, and partition tolerance: pick two, and you often have no choice but to first pick partition tolerance. Engineers must first identify

Continue reading…

Botnets and Cybercrime with Shuman Ghosemajumder

Modern automated attacks using widespread botnets have evolved in sophistication, making cybercrime an increasingly relevant threat in today’s internet. Security researchers and organizations have to stay vigilant in this cat-and-mouse game.

Shuman Ghosemajumder is the VP of Product at Shape Security, which defends applications from malware and bots. He is the former click fraud czar at Google, and he will be speaking at QCon San Francisco.

Continue reading…

Security: Fundamental Answers

This week, Software Engineering Daily sought answers to some fundamental questions from the following guests: David Schwartz talked about maintaining security in Ripple, a distributed cryptographic payment system Craig Smith explained the attack surfaces of cars and the consequences of the Wired Jeep hacking Bruce Schneier surveyed Ashley Madison and other recent events, and talked about Data and Goliath Max Krohn talked about verifying identities with Keybase and protecting OKCupid’s users from bots Adrián Lamo gave a

Continue reading…

Intelligence and National Security with Adrián Lamo

“If you don’t like what you see sometimes when you look at the world, it’s incumbent on you – you do something about it.”

Adrián Lamo is a threat analyst, hacker, and writer. In the early 2000’s, Adrián was a hobbyist white-hat hacker, breaking into companies to expose vulnerabilities and fix them.

Continue reading…

Identity and Encryption with Keybase Founder Max Krohn

Keybase is an open-source key directory that allows users to encrypt messages and verify identities.

Max Krohn is the co-founder of Keybase, and previously co-founded OKCupid and SparkNotes.

Continue reading…

Security and Privacy with Bruce Schneier

“What we learn again and again is that security is less about what you think of, and more about what you didn’t think of.”

Bruce Schneier is a security researcher and author of Data and Goliath.

Continue reading…

Car Hacking with Craig Smith

Automobiles are now computers with security vulnerabilities. Reverse engineers have begun to dissect car security.

Craig Smith is the author of The Car Hacker’s Handbook and the founder of Theia Labs, a research and consulting firm.

Continue reading…

Security: Fundamental Questions

New types of computers and systems create fresh problems for IT security experts. Security Week is about the vulnerabilities in our accelerating world, and the people and companies that are working to guard against those vulnerabilities. Processor-powered automobiles and cryptocurrencies are new types of networks. They require new types of security models. Academic distributed systems theory is proving necessary but not sufficient. This week is also about the societal consequences of security

Continue reading…

Ethereum with Aaron Davis

http://traffic.libsyn.com/sedaily/ethereum_aarondavis.mp3Podcast: Play in new window | DownloadEthereum is a decentralized platform that runs smart contracts: applications that run exactly as programmed without any possibility of downtime, censorship, fraud, or third-party interference. Aaron Davis works on MetaMask, which brings Ethereum apps to the web browser. In this monologue episode, Aaron dives deep into the Ethereum internals, philosophy, and developer experience. Questions How does a blockchain represent a Merkle tree? Can a

Continue reading…

  • 1 2