One of the revelations coming out of the Snowden releases is that the GCHQ and NSA have hacked into millions of Yahoo video chats. But don’t worry, they really aren’t looking at anything.
In this week’s news segment with Damon Edwards, we talk about the CIO of Target resigning, a hidden surveillance network that can track anyone with a car, and the outting of the creator of BitCoin by NewsWeek. Have a listen…
Resources in this segment
One of the objectives of going to conferences is to find resources that I haven’t seen before that look interesting. At RSA Conference 2014, I found two publication vendors that have a large following in the security community, with resources and magazine to supplement my “education” in the market place.
I spoke with Ted Rozolis from IEEE (75,000 members), and Becca Harper from InfoSecurity Magazine (65,000 readers) about their publications, who their audience is and why you should consider becoming part of their extended community.
The IEEE publications are mainly read by developers while the InfoSecurity Magazine is for B2B and business leaders. Have a listen and see it there is something here for you.
Who needs conference swag when your product looks like this?
The sandbox area at RSA Conference 2014 sucked me in when I saw the consumer grade robotics by Aldebaran Robotics. I spoke with Nicolas Rigaud about his team in France and their concept of the next generation consumer robotics. Don’t miss the end of the clip…
Earlier this week at RSA Conference 2014, HP Fortify and Sonatype announced a partnership that combines the reporting capability of code scanning by Fortify with the open source component analysis of Sonatype. In this interview, Mike Armistead, VP and General Manager of HP Fortify, and Debbie Rosen, COO of Sonatype, discuss what that partnership means to the security industry.
Resources for this Segment
(Disclaimer: I am the Community Advocate for Nexus, a Sonatype product.)
Dennis Charlebois from Hexis Cyber Solutions has created a show stopper when it comes to presenting his message: Agent Smith (“Never send a human to do a machine’s job.“) as a full on, 3d, talking representative. I have Dennis describe how Agent Smith was created and what his future plans are for the technology.
Oh, by the way, there is also a product behind the marketing: “Hexis identifies, validates and removes advanced threats automatically at machine speeds; before the damage is done.”
Just to show there I have no hard feelings after Canada beat USA in the hockey during the Olympics, I spoke with Keith Murphy, CEO of Defence Intelligence. Keith’s company specializes in advanced malware protection… plus he has a cool collection of hockey jerseys.
Resources in this Segment
Ryan Berg and I were walking the expo floor at RSA Conference 2014 and ran into Michael Coates. We stopped for a chat to find out what Michael has been up to and the plans for the future of “Shape”.
Resources in this Segment
- Shape Security
The ShapeShifter offers the first comprehensive defense against major web attacks. Existing security technologies try to detect attacks based on how they appeared or behaved in the past. This is not effective against adversaries who are constantly changing their code and behaviors to avoid detection. It also does nothing against previously unknown attacks.
- Michael Coates
Michael Coates, director of product security at Shape Security, was previously head of security at Mozilla, where he built the security program from the ground up to protect Firefox and other products. Coates is also the Chairman of OWASP, the worldwide organization dedicated to web application security, with over 40,000 participants in more than 100 countries.
- Ryan Berg
Ryan is the Chief Security Officer at Sonatype. Before joining Sonatype, Ryan was a co-founder and chief scientist for Ounce Labs which was acquired by IBM in 2009. Ryan holds multiple patents and is a popular speaker, instructor and author, in the fields of security, risk management, and secure application development. Prior to Ounce Labs, Ryan co-founded Qiave Technologies, a pioneer in kernel-level security, which later sold to WatchGuard Technologies in 2000. In the late 1990′s, Ryan also designed and developed the infrastructure for GTE Internetworking/Genuity’s appliance-based managed security services.
The SandBox area at RSA Conference 2014 has a huge board setup and a couple computer terminals where you can input a data, create a future vision statement and then have it put on the board. I like this a lot. Here’s an image from the first day. I’ll take another one at the end of the conference to see how dense the visions are around 2030.