DtSR Episode 134 - Fundamental Security

Send the hosts a message - try it now!

In this episode...

• Michael C and the team talk bout "going back to basics" and the need for security fundamentals
• Michael C talks a little about why we (security professionals) fail at fixing problems at scale
• We dive into the need for automation, and Michael C talks about why creating more work for security professionals is a bad thing
• Michael C and the crew talk through why many of our metrics fail, highlighting the need to get away from the typical dashboard approach of "bigger numbers is better"
• We discuss the balance between false positives and false negatives -- a super critical topic
• Rafal brings up the role security professionals play in software security, and why we can't be expected to drive the daily tasks
• We talk through centralized vs. de-centralized security, and how to understand which works better, and where
• Michael C gives us his 3 key take-aways for listeners (don't miss these!)
• We talk through "assume breach", and what it means for security

Guest

• Michael Coates ( @_mwc ) - Currently, Michael is the Trust and Security Officer at Twitter where he leads the information security team and drives overall security efforts across the organization to a common goal and objective. Michael is a staple of the OWASP community now serving on its board and having contributed countless hours and lines of code to the effort. 

Support the show

>>> Please consider clicking the link above to support the show!
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHq
LinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/
X/Twitter: https://twitter.com/dtsr_podcast