Preview Mode Links will not work in preview mode

Mar 16, 2015

In this episode...

  • Michael C and the team talk bout "going back to basics" and the need for security fundamentals
  • Michael C talks a little about why we (security professionals) fail at fixing problems at scale
  • We dive into the need for automation, and Michael C talks about why creating more work for security professionals is a bad thing
  • Michael C and the crew talk through why many of our metrics fail, highlighting the need to get away from the typical dashboard approach of "bigger numbers is better"
  • We discuss the balance between false positives and false negatives -- a super critical topic
  • Rafal brings up the role security professionals play in software security, and why we can't be expected to drive the daily tasks
  • We talk through centralized vs. de-centralized security, and how to understand which works better, and where
  • Michael C gives us his 3 key take-aways for listeners (don't miss these!)
  • We talk through "assume breach", and what it means for security


  • Michael Coates ( @_mwc ) - Currently, Michael is the Trust and Security Officer at Twitter where he leads the information security team and drives overall security efforts across the organization to a common goal and objective. Michael is a staple of the OWASP community now serving on its board and having contributed countless hours and lines of code to the effort.