This year’s Security 7 Award winners discuss targeted attacks and how strategies for securing the network perimeter have changed.
The podcast participants include:
Bryan E. Simon, senior systems and security specialist at Prince George, BC-based Integris Credit Union, talks about the daily struggles security pros face, including the need to balance security demands with compliance requirements.
Marc Maiffret of eEye Digital Security talks about his hacking career and the revival of his company’s zero-day tracking service. Also, Jeremiah Grossman of WhiteHat Security on the latest Twitter vulnerability.
SearchSecurity.com editors talk with Pete Lindstrom, a longtime security industry observer and research director at Spire Security about the latest security vendor acquisitions and what they mean for the market. Also, should security pros be silenced by their employers?
Botnet and malware expert Joe Stewart explains why it is difficult for security teams to take down botnets. Stewart, director of malware research at SecureWorks talks about the data that can be gleaned from command and control servers and what ISPs are doing to defend against zombie computers.
Ryan Berg a senior architect of security research for IBM talks about ways enterprises can improve their software development processes and why some firms are falling behind.
In this edition of Patrolling the Channel, Check Point v.p. Amnon Bar-Lev sat down with SearchSecurityChannel.com and talked about the top challenges facing his partners today.
In this interview with Editorial Director Michael Mimoso, Jim Reavis, cofounder of the Cloud Security Alliance, discusses the group’s first user certification, the Certificate of Cloud Security Knowledge (CCSK). The CCSK will demonstrate an individual’s understanding of the key concepts of the Cloud Security Alliance’s guidance and best practices, as well as those of the European Network and Information Security Agency (ENISA). Reavis also discusses the state of cloud security awareness among enterprises moving services and processes into the cloud, and how IT organizations should address security and compliance in the context of cloud computing.)
Black Hat 2010: Tom Kellermann on advanced persistent threat (APT), and cybersecurity and the U.S. government
Core Security’s Tom Kellermann goes in depth on his thoughts about advanced persistent threat, how to deal with foreign adversaries and where and why the U.S. government is coming up short in fending off targeted and persistent attacks from cybercriminals and foreign governments
Greg Hoglund, founder of HB Gary Inc., presented his work on malware attribution and fingerprinting today at Black Hat in Las Vegas. In this interview, Hoglund talks about his research into looking at how to best trace malware to its author by looking at toolmarks left by the hacker within code. By studying similarities in coding techniques, different attacks can be linked and better traced to their source. Hoglund talks about how enterprises can take a similary approach and how a new open source tool released today can help.