Podcast 61

OWASP Podcast Series #61

OWASP Interview with Richard Bejtlich Published March 10, 2010

http://www.owasp.org/download/jmanico/itunes.jpg https://www.owasp.org/images/d/d3/Feed-icon-32x32.pngmp3

Participants
  Richard Bejtlich is the director of incident response at GE. He is also the author of http://taosecurity.blogspot.com  

Questions

 * 1) Would you care to tell us how did you get into IT and what lead you into a career in information security? What keeps you busy these days?
 * 2) What's the difference between focusing on threats vs focusing on vulnerabilities?
 * 3) What is your problem with the "protect the data" mindset?
 * 4) What do you mean by "building visibility in"?
 * 5) What is your take on the Aurora/Google hack?
 * 6) You just tweeted that "Network Security Monitoring ideology is the proper mechanism to combat APT/APA". Do you think network IPS/IDS/WAF can help defend insecure web applications? What are the limits of Network Security Monitoring?
 * 7) How important a role do you think secure coding and secure software development life-cycle play in defending the enterprise?
 * 8) Have HIPAA, PCI, SOX and other regulations helped reduce risk in the average enterprise?
 * 9) Is seems pretty clear that attackers have a clear advantage. Why is that? How can we turn the tide?
 * 10) Any thoughts on OWASP? Are we helping the cause?
 * 11) Where are we going to be as an industry in 10 years?
 * 12) You blogged that "The trustworthiness of a digital asset is limited by the owner's capability to detect incidents compromising the integrity of that asset." Given that we don't have any high integrity database, identities or application servers - how do you detect a breach of integrity when there is no verifiable integrity in the system in the first place?