A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Search Irongeek.com:

Affiliates:
Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


Turn Your Head And Cough: Why Architecture Risk Assessments Are Like Being A General Physician - Nathaniel Husted (Circle City Con 2015 Videose 2015) (Hacking Illustrated Series InfoSec Tutorial Videos)

Turn Your Head And Cough: Why Architecture Risk Assessments Are Like Being A General Physician
Nathaniel Husted

Circle City Con 2015

While vulnerability assessments and penetration tests are all the rage for the modern information security professional, security architecture assessments are just as important. In fact, they are just as important as seeing your doctor about a yearly physical. This talk discusses the general process for security architecture reviews and how that process leaves the reviewer acting like a general physician. We will use this metaphore to shed light on the benefits and drawbacks of the security architecture review process and how we might improve outcomes from the process.

Bio: Nathaniel "Dr. Whom" Husted is an academic turned security consultant. He currently works for Cigital, Inc. and has at one point or another performed web vulnerability tests, security architecture reviews, and networking security tests. He also has a keen interest in security metrics. In past lives he's done research on Emergen Vulnerabilities and Attacks, Complexity Science and Security, Macroeconomics of Security, and Mobile Intrusion Detection. He spends his free time cavorting about Time and Space occasionally running hacker con CFPs.

Back to Circle City Con 2015 Videos list

Printable version of this article

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2016, IronGeek
Louisville / Kentuckiana Information Security Enthusiast