Programming, Information Security, Startups, and Learnings.
Security the Wrong Way
Posted on February 28, 2012
This talk covers how organizations, large and small, can benefit from looking at security a new way. The way we think about security is wrong. We are optimizing the wrong things.
Some examples of how we are handling security incorrectly include:
47% of developers don’t know if their open source is out-of-date.
We use vulnerability scanners to identify assets.
We hire penetration testers before having a simple security process in place.