Wow! Six Months…and two job changes later, we are finally back to recording! YEAH!….Here the latest show from our intrepid hosts.
Show Notes:
InfoSec News Update –
- The Hacker News Hacking Awards: Best of Year 2011
- Japan’s Anti-Virus Virus
- Nginx (pronunciation: “engine-ex”) becomes #2 web server
- Saudi hackers break into Israeli site
- 3 Surefire Ways to Tick Off an Auditor
- OWASP AJAX Crawling Tool – Link2
Discussion Topic – 2012 Breach Report
- Care2 Discloses Breach; Company Has Nearly 18 Million Members
- AntiSec hit California and NY Law Enforcement Sites
- Anonymous Nabs 50,000 Credit Card Numbers From Security Think Tank
Music Notes: Special Thanks to the guys at RivetHead for use of their tracks
- Intro – RivetHead – “The 13th Step”
- News Bed – RivetHead – “Beautiful Disaster”
- Discussion Bed – RivetHead – “Difference”
- Outro – RivetHead – “Zero Gravity”
- Tour Dates:
- Jan 6 – Dallas – Curtain Club
- Jan 27 – Dallas – Trees
- Jan 28 – Dallas – Trees
- Mar 2 – Dallas – Curtain Club – 7th Album CD Release Party
- Mar 3 – Houston – BFE Rock Club
- Mar 24 – Fort Worth – The Rail Club
- May 5 – Dallas – Renos Chop Shop
Podcast: Play in new window | Download (Duration: 42:20 — 60.6MB)
Subscribe: Apple Podcasts | RSS
Thanks for your note about building surceity into the product. Too often surceity is thought of too late in the development process.Your final point about track them till closure – just because the develoeprs say they have met the surceity requirements doesn’t mean it actually meets it. Security engineers should participate in testing & validation to ensure that the implementation actually meets the intention of the requirements.