JSJ 418: Security Scary Stories and How to Avoid Them with Kevin A McGrail
Aimee Knight explains the hell she has been in making changes to be compliant with CCPA. The panel considers how policies like this complicate security, are nearly impossible to be compliant with and how they can be weaponized. They discuss the need for technical people to be involved in writing these laws.
Kevin explains how you can know how secure your systems actually are. He shares the culture of security first he tries to instill in the companies he trains. He also trains them on how to think like a bad guy and explains how this helps developers become security first developers. The panel discusses how scams have evolved and how the same scams are still being run. They consider the importance of automated training and teaching developers to do it right the first time.
Finally, they consider the different ways of authentication, passwords, passphrases, sim card, biometrics. Kevin warns against oversharing or announcing vacations. The panel discusses real-world tactics bad guys use. Kevin explains what he trains people to do and look out for to increase security with both social engineering and technical expertise.
- Aimee Knight
- AJ O’Neal
- Charles Max Wood
- Dan Shappir
- Steve Edwards
- Kevin A McGrail
"The MaxCoders Guide to Finding Your Dream Developer Job" by Charles Max Wood is now available on Amazon. Get Your Copy Today!
- I'll Let Myself In: Tactics of Physical Pen Testers
- Copying Keys from Photos, Molds & More
- The LED Traffic Light and the Danger of "But Sometimes!"
- Regina Spektor
- The Weepies
Kevin A McGrail: