From Paul's Security Weekly
Recorded April 29, 2019 at G-Unit Studios in Rhode Island!
- John Strand will be teaching Active Defense and Cyber Deception at Black Hat 2019. Please register here! Register Now @ .
- We just released our 2019 Security Weekly 25 Index Survey. Please go to securityweekly.com and click the Survey link to help us understand who's evaluating, using, or formerly used any of the Security Weekly 25 companies. The results will be summarized and presented back to all responders in a private webcast.
Interview: Larry Maccherone, Comcast
Larry currently sees a huge opportunity for the concepts he helped developed with Build-Security-In a decade ago to finally take hold with the recent emergence of DevOps, which he thinks of as a natural successor to agile development because it further breaks down silos. As such, he characterizes DevOps as empowered development teams taking ownership for how their product behaves in production. He's currently applying agile transformation techniques that he previously quantified to spread DevOps and DevSecOps through large organizations.
Larry firmly believes in learning by doing so in his spare time, he is the author of several open source projects which get hundreds of downloads a month and one, node-localstorage, which gets over 300,000 downloads a month.
Bugs, Breaches, and More!
- Software update gums up fingerprints, which can be hard to keep in order
- Credentials and convenience in IOT
- A counterproductive security practice expires thanks to well-considered guidelines
- Docker Hub breach response
- A path to hacking Ruby Gems
If you build it, they will come
Learning & Tools
Food for Thought