Contrarisk Security Podcast #0039: Open source security

Patrick Carey, Black Duck

» Listen or download now on the podcasts page » Open source code – in the form of libraries and frameworks – plays an important role in much of today’s software development. But it’s not without its risks. Many people assume that the open nature of the code means that it is heavily scrutinised and that , according to Linus’ Law, “given… Read more »

Contrarisk Security Podcast #0038: Security Operations Centres

Countercept-room

» Listen or download now on the podcasts page » Many organisations are centralising and concentrating their cyber-security efforts in Security Operation Centres (SOCs). The aim is to provide a more coherent and comprehensive view of the organisation’s neyworks, and enable a focused and timely response in the event of an attack. But are they doing it right? And will these… Read more »

Contrarisk Security Podcast #0037: The flaw in healthcare apps

Stephen McCarney, Arxan

» Listen or download now on the podcasts page » Mobile apps are increasingly being used by the healthcare industry to provide customers with access to data and services. Your smartphone might even be monitoring the state of your health and sending that information to remote servers for analysis by your healthcare provider. As Stephen McCarney of Arxan Technologies explains in… Read more »

Contrarisk Security Podcast #0036: Securing the Internet of Things

Cesare Garlati, prpl Foundation

» Listen or download now on the podcasts page » Connected devices – or the Internet of Things (IoT) if you prefer – is a reality now. As Cesare Garlati of the prpl Foundation explains in this interview, we’ve been through a “major wave of evolution”, heading towards a situation in which all electronic devices are likely to have some sort… Read more »

Contrarisk Security Podcast #0035: Security guarantees

Jeremiah Grossman, WhiteHat Security

» Listen or download now on the podcasts page » Security products and services never seem to come with guarantees. You have to take it on trust that they will do the job they claim to do. And if not? Well, try the next one. WhiteHat Security is following the example of vendors in other business areas and offering a guarantee… Read more »

Contrarisk Security Podcast #0034: Web application vulnerabilities

Sasha Zivojinovic, Context Information Security

» Listen or download now on the podcasts page » When it comes to web applications, Sasha Zivojinovic of Context Information Security believes we may have too much of a good thing. Web application frameworks (WAFs) have matured, providing a fast way to develop and deploy sophisticated sites. It’s hard to imagine life without them. WAFs relieve developers of much… Read more »

Contrarisk Security Podcast #0033: DDoS and information security

Dave Larson, COO, Corero Network Security

» Listen or download on the podcasts page » For a long time, the trends in DDoS have been towards a higher frequency of attacks and larger aggregate attacks. But more recently, there has been a significant trend towards the use of DDoS as part of multi-vector attacks, as a masking agent or enabling vector, where the intent has not been… Read more »

Contrarisk Security Podcast #0032: Smart buildings

Colin Tankard, Digital Pathways

» Listen or download on the podcasts page » The Internet of Things is truly upon us and all manner of devices are being Internet-enabled. Among these developments is the appearance of the so-called ‘smart building’, with web-based interfaces being used to control heating, lighting, safety and security systems and more. Adding Internet interfaces allows for remote management and reporting, and… Read more »

Review: Success Strategies from Women in STEM

Successful_Strategies_from_Women_in_STEM

Edited by Peggy A Pritchard and Christine Grant. Second edition, published by Academic Press. ISBN: 9780123971814. Price: €31.95, 518pgs, paperback. Ada Lovelace Day seems an appropriate time to publish this review. The domains of science, technology, engineering and mathematics (STEM) have often been difficult environments for women. And while great strides have been made in realising the previously untapped potential… Read more »

Contrarisk Security Podcast #0031: smarter alerts

Mark Kedgley, New Net Technologies

» Listen or download now on the podcasts page » Attacks keep coming, and the number  of data breach stories we read in the media shows how often they are successful. We have to assume that any organisation of a reasonable size has monitoring and defence systems, in place so what’s going wrong? Of course, organisations invariably claim that the attack… Read more »