Presented at
THOTCON 0x9 (2018),
May 5, 2018, 4 p.m.
(50 minutes)
Who is optimizing technology to work in the real world of adversaries, a world that creators are naive of? Startups and the willfully ignorant will continue to make insecure products. Someone has to call them out. It is our duty as those who can reason about the weaknesses of technological systems to improve them. Some would say it is a moral imperative. But as networked technology becomes omnipresent and every company becomes a software company is there enough of us to keep a check on it all? Each practitioner has their own biases of experience or is a degree removed. We have availability errors because we don’t have cyber science. Can we become more quantitative and automated and keep our culture?
Presenters:
-
Chris Wysopal / Weld Pond
as Chris Wysopal
Chris Wysopal is Veracode's CTO and co-founder. He is one of the original vulnerability researchers and an early member of L0pht Heavy Industries, which he joined in 1992. He is the author of netcat for Windows and one of the authors of L0phtCrack. He has testified on Capitol Hill in the US on the subjects of government computer security and how vulnerabilities are discovered in software. He published his first advisory in 1996 on parameter tampering in Lotus Domino and has been trying to help people not repeat this type of mistake for 15 years. He is also the author of "The Art of Software Security Testing" published by Addison-Wesley.
Similar Presentations: