Naked Security

Loading...

Flash Player 9 (or above) is needed to view presentations.
We have detected that you do not have it on your computer. To install it, go here.

more share options
Embed For WordPress.com

Without related presentations

6 comments

Comments 1 - 6 of 6 previous next Post a comment

+ magician_is 7 months ago
SUCKS I'VE LEARNED NOTHING ON THIS SLIDE :(

WASTE OF TIME READING IT SUCKS!!!!!
+ Albin Sebastian 9 months ago
Helpful slides.... thanks
+ maheshreddy005 12 months ago
gud
+ dragoslungu 3 years ago
splendid . you really got out the message of today's web app security . great work.
+ ronbannister 3 years ago
I'm sorry but I have yet to grasp the point of this presentation
+ banzai 3 years ago
That is awesome. mcurphey hits the nail on the head in an industry spiralling out of control. Well put togther and great flow.

Notes on slide 1

This presentation is an “after dinner” type speech with observations about the information security industry. The observations and opinions are my own and not those

25 Favorites

chmeee favorited this 1 month ago
Tags security visionary curphey budha
kerozene favorited this 7 months ago
Rajesh Koilpillai favorited this 8 months ago
Tags security
mailforlen favorited this 8 months ago
Tags security
rdatta favorited this 8 months ago
Tags security
Matthew Gatt favorited this 8 months ago
Tags security application
reddy0800 favorited this 8 months ago
Tags security
pappet favorited this 9 months ago
Tags security naked infosec
sandeep_naharia favorited this 10 months ago
Tags naked security
rachidbelkouch favorited this 11 months ago
joyShare favorited this 11 months ago
Tags hack
shauvik, Student at Georgia Tech, favorited this 2 years ago
Tags security
Srinivasan Rajagopal, Internet Business favorited this 2 years ago
Clint Laskowski, Information Security Consultant at Northwestern Mutual, favorited this 2 years ago
Tags infosec
khakenson favorited this 2 years ago

Naked Security - Presentation Transcript

… .….or the unclothed state of the application security industry today Mark Curphey
“ Software is a forklift for the left brain.” —Dan Pink
=
Culture New Topic Noun 1: a particular civilization at a particular stage 2: the tastes in art and manners that are favored by a social group 3: all the knowledge and values shared by a society
Application security people are from Mars, software developers are from Venus or The great skills divide A better title ?
Most application security people are not software people Most application security people have no idea what enterprise software really is or understand the process of how it is created Most application security people think that if they understand HTTP then they understand web application security and can advise people on how to build secure web sites Most application security people can’t write code
“ In the future everyone will have their 15 minutes of fame” – Andy Warhol
NEWS FLASH: The world is not falling down because of cross site scripting Security < Performance < Functionality Start caring about the important stuff (before application security becomes ignored)
Consortiums, forums and the open source dream
“ Lingua d’application security” Some readings from some (self-titled) web application security standards………..
Don’t get fooled into thinking the discussions on webappsec are representative of the problems business cares about!
Art of the security group
- Have “world renowned experts”
- Speak for the “entire industry”
- Create “standards”
- Be “thought leaders”
- Take yourself really, really seriously
Tools New Topic
Better title? How to buy a silver bullet ? Dude where's my shiny red button?
Its NOT about network security!
(IMPLEMENTTATION) BUGS (DESIGN) FLAWS
How many of the people that are building software security tools have come from a commercial development background?
Introducing the only tool in the world that really works effectively today……
A fool with a tool … .is still a fool
A tool with a tool … .is always a tool
News for people who run tools
China!
China!
China!
China!
Media have no clue!
What the industry really needs New Topic
Better title? A dose of reality or How does the industry grow up?
Communication
Peace, love and understanding
Credibility
Real standards
People Process Technology (back to basics)
“ If you don’t like change, you’re going to like irrelevance even less.” —General Eric Shinseki, Chief of Staff. U. S. Army
That’s all folks!

+ mcurphey, 3 years ago

Embed custom

13689 views, 25 favs, 2 embeds more stats

Mark Curpheys view on the application security indu more

More by user

View all presentations from this user

More Info

Go to text version

Total Views 13689
- 13686 on SlideShare
- 3 from embeds
Comments 6
Favorites 25
Downloads 0

Most viewed embeds

2 views on http://webwereld.nl
1 views on http://websecurity.com.ua

All embeds

2 views on http://webwereld.nl
1 views on http://websecurity.com.ua

Uploaded via SlideShare
Uploaded as Microsoft PowerPoint

Flagged as inappropriate Flag as inappropriate

Categories

Technology

Tags

application
security
information
infosec
naked
curphey
säkerhet
....?
network
budha