A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Search Irongeek.com:

Affiliates:
ISDPodcast Button
RootSecure Button
Social-engineer-training Button
Irongeek Button

Web Hosting:
Dreamhost Logo
Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


Naked Boulder Rolling - Applying Risk Management to Web Application Security - J Wolfgang Goerlich Bsides Cleveland 2012 (Hacking Illustrated Series InfoSec Tutorial Videos)

Naked Boulder Rolling - Applying Risk Management to Web Application Security - J Wolfgang Goerlich

Every day we roll the boulder up hill. Every morning we find the boulder back down in the valley. Like Sisyphus, defenders face the daily challenge of getting all the systems secure and the morning realization that new vulnerabilities have crept in. It is so bad we say it is not if we will get breached but when we will get breached. Worse, defenders say most breaches are career-ending events. Ouch. There has to be a better way. In this talk, we will cover using business impact and risk management as a driving force for prioritizing security efforts. This reduces the likelihood of a breach and prevents any breaches from being career-ending event. We’ll round out the hour with a case study showing these principles applied to securing a million dollar website. Guaranteed, you will leave this talk a smarter boulder roller.

Download:
http://archive.org/download/BsidesCleveland2012Bsidescle/11NakedBoulderRolling-ApplyingRiskManagementToWebApplicationSecurity-JWolfgangGoerlich.avi

Back to Bsides Cleveland 2012 video list

Printable version of this article

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2014, IronGeek
Louisville / Kentuckiana Information Security Enthusiast