Secure coding expert Chris Wysopal talks about dynamic and static testing and the state of secure software development tools. Wysopal also explains why he’s a big proponent of the SANS/CWE Top 25 Dangerous Programming Errors List.
Core Security’s Tom Kellermann, who served on the Commission for Cybersecurity for the 44th Presidency, talks about President Obama’s cybersecurity priorities. Also, Gary McGraw of Cigital explains why the CWE/SANS Top 25 list won’t do much to aid secure software development.
Larry Ponemon of the Ponemon Institute explains his firm’s Cost of Data Breach study. While costs are increasing, companies are struggling to avoid a second breach. Also, Henry Helgeson, CEO of payment processor Merchant Warehouse, talks about PCI and encryption in the wake of the Heartland breach.
In this edition of Security Squad the editorial team debates the usefulness of the CWE/SANS Top 25 List, the state of virtualization security and they discuss the top cybersecurity news stories of 2008.
Security experts explain the new Top 25 Errors list. Includes Bob Martin of MITRE Corp., Paul Kurtz, a principal author of the U.S. National Strategy to Secure Cyberspace and application security testers Jacob West of Fortify Software and Chris Wysopal of Veracode.
Will organizations be ready for next year’s enterprise security threats? Expert John Strand reviews what’s in store for 2009, including new weapons, old vulnerabilities, and new takes on old attack techniques.
Listen to the top security experts and learn about the latest cybersecurity research. Whether it’s the spread of malware, the explosion of spam or hackers exploiting flaws to steal sensitive data, this podcast series aims to find the right ways to defend against ongoing attacks to your systems.