Jeremiah Grossman of WhiteHat Security explains that the Citigroup breach was the result of a simple business logic flaw which should have been caught in the code review process.
Rob Rachwald, director of security strategy at Imperva discusses the firm’s latest research into the cybercriminal underground and how companies can use an understanding of hacker chatter to allocate resources in defending against attacks.
Andy Champagne, an engineer at Akamai Technologies discusses some of the security issues and threats posed by the transition to IPv6 and explains why enterprises need to begin planning now.
Bit9 CTO Harry Sverdlove, the former principal research scientist at McAfee Inc., talks about the latest spate of data breaches and some of the lessons that can be gleaned from them. Sverdlove also discusses the recent Microsoft Security Intelligence Report.
Eric Holmquist of Holmquist Advisory joins the SearchSecurity editorial team to talk about the Verizon DBIR, the recent Apple privacy debacle and the Amazon cloud services failure.
David Ladd of Microsoft’s software security engineering team talks about the SDL and how it can be applied to improve the security of your software development processes. This podcast is part of our special “Eye On Secure Software Development” package which examines secure coding trends and strategies.
Chris Wysopal, co-founder and CTO of Veracode talks about the evolution of secure software development and the road ahead. Wysopal says threat modeling is the next step. Editor’s note: This podcast is part of our special series, “Eye On Secure Software Development” which examines secure coding in the month of April.
The SearchSecurity Editorial team talks to Bryan Sartin, director of investigative response at Verizon about the firm’s 2011 Data Breach Investigations Report. Attackers are targeting smaller businesses. The value of account credentials and intellectual property on the black market is rising.
The editorial team discusses the latest string of data breaches. RSA continues to investigate its SecurID breach, Epsilon releases few details about its email breach and the Briar Group agrees to pay Massachusetts $110,000.
- RSA SecurID breach began with spear phishing attack
- Massachusetts levies data breach fines against restaurant group
- Massive Epsilon email breach could lead to email attacks, spam
(Music credit: “Take Time for the Tub” by by Derek K. Miller)
Markiyan Malko, compliance manager at payment processor Merchant Warehouse dissects the emerging market for mobile payment applications. The Payment Card Industry Security Standards Council recently withdrew the certification for some mobile payment applications and has a new task force investigating mobile payment technologies.