Podcast: Play in new window | Download (Duration: 27:07 — 31.0MB)Subscribe: Android | Email | Google Podcasts | RSSIn this Spotlight Podcast, sponsored by Synopsys: In the wake of a presentation at Black Hat about security flaws in implantable pace maker devices, Synopsys Principal Consultant Dan Lyon joins us to talk about why medical device makers struggle to make their connected medical devices more secure. Dan and I discuss some of the flaws in the approach that medical device makers take to security, and how manufacturers can take a page out of their own book: applying the same standards to cyber security as they do to – say- device safety.
Podcast: Play in new window | Download (Duration: 33:40 — 38.5MB)Subscribe: Android | Email | Google Podcasts | RSSIn this week’s podcast (#108), sponsored by CA Veracode: hacker summer camp wrapped up on Sunday, as the 26th annual DEF CON conference concluded at Caesar’s Palace in Las Vegas. Hacks of connected and smart vehicles were a big theme again this year. We sat down with the organizers of DEF CON’s Car Hacking Village to see what was news at this year’s show. Also: open source software has revolutionized the way software gets made, and turbo charged the growth of companies like Facebook and Uber. But is the open source model failing us when it comes to security? We’re joined by OWASP founder Mark Curphey of CA Veracode to discuss it.
Podcast: Play in new window | Download (Duration: 29:46 — 34.1MB)Subscribe: Android | Email | Google Podcasts | RSSIn this special Black Hat edition of the Podcast, sponsored by UL: Parisa Tabriz, Google’s Director of Engineering for the Chrome Web browser, brought some strong medicine to Las Vegas for her Black Hat keynote speech. We talk about why her simple message was so groundbreaking. Also: Ken Modeste of UL joins us from the Black Hat briefings to talk about UL’s efforts to make cyber security as important to consumers in the 21st century as product safety was in the 20th.
Podcast: Play in new window | Download (Duration: 46:44 — 53.5MB)Subscribe: Android | Email | Google Podcasts | RSSIn this episode of The Security Ledger Podcast (#107): Hacker Summer Camp takes place in Las Vegas this week as the Black Hat, DEFCON and B-Sides conferences take place. We’re joined by DigiCert Chief Technology Officer Dan Timpson to talk about the presentations that are worth seeing. And, in our second segment, The Department of Homeland Security launched a new Risk Analysis Center that sounds a whole lot like some programs it already runs. Is this bureaucratic overkill or is DHS on to something?
Podcast: Play in new window | Download (Duration: 34:12 — 39.1MB)Subscribe: Android | Email | Google Podcasts | RSSIn this Spotlight Edition of the Security Ledger Podcast: identity is at the root of many of the security problems facing the Internet of Things, from vulnerable and “chatty” endpoints to a lack of robust update and lifecycle management features. To figure out how we might start to build a more secure IoT ecosystem, we invited Judah Aspler, the Vice President of IoT Strategy at Certified Security Solutions, or CSS Security in to talk about how more agile PKI infrastructure is one element in scaling the Internet of Things without creating a giant security mess.