The final speaker list and agenda have yet to be finalized, but plenty of details are now available regarding BSides Boston 2014. Those details are below. As for the final agenda, stay tuned for that after the call for papers period closes March 31.
Get In Touch
Recently in Web Security Category
The full schedule has been released for next month's SOURCE Boston security conference. This year's keynote speakers are:
- Internationally renowned security technologist and author Bruce Schneier;
- Justine Aitel, who manages cyber security and identity programs at Dow Jones; and
- Dr. Andrea M. Matwyshyn, an academic studying technology innovation and its legal implications, particularly corporate information security regulation and commercial and consumer privacy.
International Data Group (IDG) announced yesterday that its Founder and Chairman, Patrick J. McGovern, died March 19 at Stanford Hospital in Palo Alto, California. Having worked at IDG for five years before coming to Akamai, the news made me profoundly sad. But this post is a celebration of a life well lived and the huge legacy he left in the world of tech media and beyond.
There's a lot of valuable perspective out there regarding the shutdown of Full Disclosure, a mailing list where researchers posted details of exploits and software security holes. I'll share that perspective below. But first, here are my thoughts as an ex-journalist who often relied on it for news.
The great videos David Spark produced during RSA Conference 2014 keep rolling in. In this latest episode, security professionals are asked what they would want if they could be granted one wish. The answers are amusing and, in most cases, unattainable.
Visit the site of our partner Tripwire for a related article.
One of the big topics at last month's RSA Conference was DevOps, the process by which developers and IT operations work together to speed up development and production at unprecedented levels, pushing sometimes thousands of updates to production in a single day.
Gene Kim (@RealGeneKim), author of "The Phoenix Project" and a huge proponent of DevOps production environments, and Josh Corman (@JoshCorman), CTO of Sonatype, explain the benefits in this Tripwire video:
The Tripwire site includes an article on DevOps. Check it out here.
Following last week's cyber-attacks on Meetup's infrastructure, Antone Gonsalves, a reporter from CSO Online, asked me, for an article he was writing, what steps I would recommend CISOs to take "if they came under a similar attack". I hesitated before giving a softball answer, "don't wait for the attack, prepare for it." I could sense the reporter's frustration immediately. He wanted to give his readers step-by-step instructions, to what I have observed to potentially be a very complex problem.
Our researchers spent much of yesterday tracking a massive DDoS exploiting weaknesses in the Wordpress blogging platform. Most of the news reports are consistent with what we saw, so let's take a look at some of the more comprehensive pieces, starting with a CSOonline blog post from Akamai Security Advocate Dave Lewis. The overall message: This latest attack is just another example of an old and unaddressed problem.
Akamai InfoSec personnel will be on hand this weekend to help run the seventh Annual Northeast Collegiate Cyber Defense Competition, in which students are divided into teams to carry out simulated cyber-defense scenarios.