THE
SECURITY
INFLUENCER’S
CHANNEL
HOSTED BY JEFF WILLIAMS,
CHIEF TECHNOLOGY OFFICER, CONTRAST SECURITY
Episode Thee:
Andre...
THE
SECURITY
INFLUENCER’S
CHANNEL
HOSTED BY JEFF WILLIAMS,
CHIEF TECHNOLOGY OFFICER, CONTRAST SECURITY
Episode Thee:
Andre...
JEFF WILLIAMS
“Tell me: What’s going on? What are the
top DNS-based attacks that are going on
these days?”
ANDREW HAY
“Not DNS-specific, but malware bots,
spammers are continuing to utilize
domain generation algorithms or DGAs
to...
ANDREW HAY
“Beyond DNS attacks, one of the big
concerns I have is data and information
leakage on the whole. That’s defini...
JEFF
“From an application security point of
view we hear about domain spoofing.
What can companies do to protect their
app...
ANDREW
“Well, I think the main thing that they
have to be very clearly aware of is what
their assets are doing and are cap...
ANDREW
“You need to know how you can
interact with that and how attackers
might interact with that system.”
ANDREW
“We want to make sure that everything
is going to be operational and working
24/7 and available to customers in a
s...
JEFF
“So how do firewalls play into all this? Do
they play a role in defending the new,
modern enterprise?”
ANDREW
“I doubt.”
ANDREW
“I think there’s always going to be a
place for the firewall at the network
edge. That being said, the network edge...
ANDREW
“They just want to be able to connect
safely and securely wherever they are
and on whatever platform they’re using....
JEFF
“It seems like you could get pretty
quickly to an organization that really
doesn’t have internal IT. They’ve got
mobi...
JEFF
“Do those organizations lose a critical
amount of control over their IT? How can
organizations deal with that?”
ANDREW
“I think there was a time with every new
iteration of technology where security
comes late in the game. Hosted serv...
ANDREW
“We are dazzled by the price and
cost…and then it’s the kind of think like,
well, “We’ll just figure out security
l...
ANDREW
‘“Okay, well, my Cloud provider; they’ll
protect me.” But Cloud providers aren’t
really in that business.’
JEFF
“So are we just doomed?”
C
JEFF
“Are we always doomed to play catch-
up? Is that just the way security has to
be?
ANDREW
“I think there’s always going to be a
place for security…the knowledge of the
technology gets broader, the attack
s...
ANDREW
“…people aren’t doing this proactive
method mainly because they don’t know
the threats; they may not have budgeted
...
ANDREW
“It’s really just user education. Like, ‘This
is why we need to be proactive…we
need predicitive securities so that...
JEFF
“With new development life cycles like
Agile and DevOps, they’re doing things
that we really didn’t imagine back in t...
JEFF
“There’s a lot of folks out there that say,
‘You’ve got to do security during the
SDLC!’ But what they really mean is...
JEFF
“How can we get security to be itself
more agile and more dynamic?”
ANDREW
“I think that security needs to be a key
component of not only development,
but the operationalization of code and
...
JEFF
“I think that’s right. We’ve got to get
out of this reactive mode and really
become part of the engineering
process.”
JEFF
“What happens with monitoring?
Organizations get better censors, gather
lots and lots of data, start gathering
applic...
ANDREW
“A lot of organizations are hiring or
planning to hire data scientists. And
these folks understand machine
learning...
ANDREW
“The hope is that the organization can
build their own data repository without
having to shell out hundreds of
thou...
JEFF
“So is that the way we get out of this
reactive security approach? We start
playing Moneyball and base everything
on ...
ANDREW
“I think that’s probably one aspect of it.
We also need to shift to more of a risk-
management style of handling
mi...
ANDREW
“We can’t just buy the flashy new box
because the vendor tells us that it’s
going to solve world hunger and cure
ev...
ANDREW
“I think people need to be put more into
this process. We need to put more
security in the development side and the...
JEFF WILLIAMS
WITH
ANDREW HAY
Episode 3: Andrew Hay of OpenDNS
Episode 3: Andrew Hay of OpenDNS
Upcoming SlideShare
Loading in …5
×

Episode 3: Andrew Hay of OpenDNS

370 views

Published on

Welcome to The Security Influencer's Channel. In this episode, Jeff Williams interviews Andrew Hay of Open DNS. They discuss bad credential management and the recent eBay breach, thinking with the mind of an attacker, firewalls, security in the cloud, and fast-moving agile and DevOps life cycles in the software development life cycle (SDLC).

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
370
On SlideShare
0
From Embeds
0
Number of Embeds
74
Actions
Shares
0
Downloads
2
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Episode 3: Andrew Hay of OpenDNS

  1. 1. THE SECURITY INFLUENCER’S CHANNEL HOSTED BY JEFF WILLIAMS, CHIEF TECHNOLOGY OFFICER, CONTRAST SECURITY Episode Thee: Andrew Hay, Open DNS
  2. 2. THE SECURITY INFLUENCER’S CHANNEL HOSTED BY JEFF WILLIAMS, CHIEF TECHNOLOGY OFFICER, CONTRAST SECURITY Episode Thee: Andrew Hay, Open DNS
  3. 3. JEFF WILLIAMS “Tell me: What’s going on? What are the top DNS-based attacks that are going on these days?”
  4. 4. ANDREW HAY “Not DNS-specific, but malware bots, spammers are continuing to utilize domain generation algorithms or DGAs to stand up tens, hundreds, or even thousands of randomly-generated domains at a time.”
  5. 5. ANDREW HAY “Beyond DNS attacks, one of the big concerns I have is data and information leakage on the whole. That’s definitely one thing I’m seeing a lot of these days.”
  6. 6. JEFF “From an application security point of view we hear about domain spoofing. What can companies do to protect their apps against that kind of problem?”
  7. 7. ANDREW “Well, I think the main thing that they have to be very clearly aware of is what their assets are doing and are capable of doing when connected to the internet.”
  8. 8. ANDREW “You need to know how you can interact with that and how attackers might interact with that system.”
  9. 9. ANDREW “We want to make sure that everything is going to be operational and working 24/7 and available to customers in a secure and safe way. But the attacker? They just want to get in through x, y, or z mechanism to get at what they want to get at.”
  10. 10. JEFF “So how do firewalls play into all this? Do they play a role in defending the new, modern enterprise?”
  11. 11. ANDREW “I doubt.”
  12. 12. ANDREW “I think there’s always going to be a place for the firewall at the network edge. That being said, the network edge is no longer the choke point for all of the organization’s Internet traffic. In fact, the network perimeter is eroding.”
  13. 13. ANDREW “They just want to be able to connect safely and securely wherever they are and on whatever platform they’re using. Whether it’s their flashy new Android tablet, or a clunky old laptop that work gave them.”
  14. 14. JEFF “It seems like you could get pretty quickly to an organization that really doesn’t have internal IT. They’ve got mobile applications pushed out via app stores accessing their applications running in a cloud-based environment.”
  15. 15. JEFF “Do those organizations lose a critical amount of control over their IT? How can organizations deal with that?”
  16. 16. ANDREW “I think there was a time with every new iteration of technology where security comes late in the game. Hosted server. Virtualization. The Cloud.”
  17. 17. ANDREW “We are dazzled by the price and cost…and then it’s the kind of think like, well, “We’ll just figure out security later.”
  18. 18. ANDREW ‘“Okay, well, my Cloud provider; they’ll protect me.” But Cloud providers aren’t really in that business.’
  19. 19. JEFF “So are we just doomed?”
  20. 20. C
  21. 21. JEFF “Are we always doomed to play catch- up? Is that just the way security has to be?
  22. 22. ANDREW “I think there’s always going to be a place for security…the knowledge of the technology gets broader, the attack surface area grows, etc. So we generally have to play catch-up.”
  23. 23. ANDREW “…people aren’t doing this proactive method mainly because they don’t know the threats; they may not have budgeted for the security side of things.”
  24. 24. ANDREW “It’s really just user education. Like, ‘This is why we need to be proactive…we need predicitive securities so that we can block these things before they impact you.’ It’s more of a frame of mind.”
  25. 25. JEFF “With new development life cycles like Agile and DevOps, they’re doing things that we really didn’t imagine back in the 80’s. Continuous integration, continuous deployment. It’s moving really quickly.”
  26. 26. JEFF “There’s a lot of folks out there that say, ‘You’ve got to do security during the SDLC!’ But what they really mean is: ‘Take these old, monolithic security activities…and shove them into a fast- moving DevOps life cycle.’ It’s really incompatible.”
  27. 27. JEFF “How can we get security to be itself more agile and more dynamic?”
  28. 28. ANDREW “I think that security needs to be a key component of not only development, but the operationalization of code and applications and hardware. It can’t be an afterthought because that’s when we get caught on our heels.”
  29. 29. JEFF “I think that’s right. We’ve got to get out of this reactive mode and really become part of the engineering process.”
  30. 30. JEFF “What happens with monitoring? Organizations get better censors, gather lots and lots of data, start gathering application layer data: How do enterprises deal with that?”
  31. 31. ANDREW “A lot of organizations are hiring or planning to hire data scientists. And these folks understand machine learning, big data analytics, mathematical algorithms.”
  32. 32. ANDREW “The hope is that the organization can build their own data repository without having to shell out hundreds of thousands of dollars for SIEM or log management products and associated consulting fees to tune the system to their environment.”
  33. 33. JEFF “So is that the way we get out of this reactive security approach? We start playing Moneyball and base everything on real-time monitors and responding to everything really quickly?
  34. 34. ANDREW “I think that’s probably one aspect of it. We also need to shift to more of a risk- management style of handling mitigations and technical controls.”
  35. 35. ANDREW “We can’t just buy the flashy new box because the vendor tells us that it’s going to solve world hunger and cure everything that ails us.”
  36. 36. ANDREW “I think people need to be put more into this process. We need to put more security in the development side and the IT operations side of things…[and that in turn] moves us more towards the proactive side of that.”
  37. 37. JEFF WILLIAMS WITH ANDREW HAY

×