While vulnerability assessments and penetration tests are all the rage for the modern information security professional, security architecture assessments are just as important. In fact, they are just as important as seeing your doctor about a yearly physical. This talk discusses the general process for security architecture reviews and how that process leaves the reviewer acting like a general physician. We will use this metaphore to shed light on the benefits and drawbacks of the security architecture review process and how we might improve outcomes from the process.

Bio: Nathaniel "Dr. Whom" Husted is an academic turned security consultant. He currently works for Cigital, Inc. and has at one point or another performed web vulnerability tests, security architecture reviews, and networking security tests. He also has a keen interest in security metrics. In past lives he's done research on Emergen Vulnerabilities and Attacks, Complexity Science and Security, Macroeconomics of Security, and Mobile Intrusion Detection. He spends his free time cavorting about Time and Space occasionally running hacker con CFPs.

Back to Circle City Con 2015 Videos list