SANS Las Vegas from October 26-27th will debut a new course titled "Embedded Device Security Assessments for the Rest of Us" which will teach students how to assess embedded systems of all varieties on pen tests and in your duties as a security professional. Register Here
PaulDotCom Security Weekly - Episode 222 Ron Gula Pool Party" - for Thursday December 2nd, 2010.
Roundtable Discussion Topic:
Thanks to Jack Daniel for a sampling of discussion topics:
- A perennial good one for a discussion: Privacy vs. Security. Can you have both, is there a balance, etc. This can get deep into human psychology and cultural anthropology very fast with the right crowd.
- A few years ago at Shmoocon, the closing panel discussion was around the responsibility of hackers, responsibility to each other, society, etc.
- In my speed debates in Las Vegas and Ottawa, the question "do vulnerabilities matter" sparked lively discussions- and the consensus was opposite at the two events. (in LV, Corman, Dennis Fisher, HD and I all took the "no" position, audience agreed. In Ottawa I was alone in that position on the panel, and the audience was against me, too).
- Another one from the debates- Security Metrics- are the real and actionable? Recent studies into medical science have shown that even the scientific methods we hold up as the standards are plagued with errors and outright fraud- where does that leave a new and rapidly evolving industry like ours?
And one from Larry...
- We've argued on the podcast that privacy is dead. What about security? Is security dead too? I ask, and would argue in one direction after seeing much more of the tender underbelly of SMBs, State and Local governement, and seeing the state of security there...
Stories For Discussion
Mod_Security Solves Slowlaris problem - For now?