Veracode

Cult of the Dead Cow DC6

Episode 148: Joseph Menn on Cult of the Dead Cow also Veracode CEO Sam King on InfoSec’s Leaky Talent Pipeline

In this week’s episode of the podcast: Joseph Menn’s new book Cult of the Dead Cow: How the Original Hacking Supergroup Might Just Save the World hit store shelves this week. We reprise our March interview with Joe and talk about the origins of CDC. Also: is the talent pipeline for information security empty, or has it sprung a leak? We’re joined by Veracode CEO Sam King to talk about one of the top problems facing organizations: how to cultivate and keep information security talent.

Interview: securing the University using NIST’s Cyber Framework

College and university campuses are notoriously difficult to tame. In this one-on-one interview, I speak with Plamen Martinov, the Chief Information Security Officer for the Biological Sciences Division at the University of Chicago about how his organization has used NIST’s Cybersecurity Framework to create a security lingua franca at UChicago and improve the organization’s security posture.

Episode 108: DEF CON’s Car Hacking Village and is the Open Source Model Failing on Security

Podcast: Play in new window | Download (Duration: 33:40 — 38.5MB)Subscribe: Android | Email | Google Podcasts | RSSIn this week’s podcast (#108), sponsored by CA Veracode: hacker summer camp wrapped up on Sunday, as the 26th annual DEF CON conference concluded at Caesar’s Palace in Las Vegas. Hacks of connected and smart vehicles were a big theme again this year. We sat down with the organizers of DEF CON’s Car Hacking Village to see what was news at this year’s show.  Also: open source software has revolutionized the way software gets made, and turbo charged the growth of companies like Facebook and Uber. But is the open source model failing us when it comes to security? We’re joined by OWASP founder Mark Curphey of CA Veracode to discuss it.

Hacking Warships, Capitol Hill takes a Swing at IoT Security and why CS Grads don’t get Security

Podcast: Play in new window | Download (22.3MB)Subscribe: Apple Podcasts | Android | Email | Google Podcasts | Stitcher | TuneIn | RSS | https://www.securityledger.com/subscribeIn-brief: on this week’s Security Ledger Podcast, we delve deeper into the question of maritime cyber security, speaking with noted researcher Ruben Santamarta of the firm IOActive about the work he’s done exposing vulnerabilities in the software that runs both commercial and navy vessels. Also: Alan Brill of Kroll joins us to talk about The Internet of Things Cybersecurity Improvement Act. And we talk to Maria Loughlin of the firm Veracode about a new survey that suggests undergraduate computer science majors aren’t receiving adequate instruction in cyber security. 

White House Effort Yields Rating System for Software Security

In-brief: A White  House-backed effort to develop a system for rating software security is set to launch at this week’s Black Hat briefings with famed hacker Peiter Zatko (aka “Mudge”) at the helm.