Sign up to save your podcasts
Or
Share Episode 32 - Subjectively Objective
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Episode 32 - Subjectively Objective
Discussed Articles
1) Kenneth White's Review of HTTP TLS in 2016
Ken White presents a great overview of the state of the art of HTTPS and TLS in 2016, covering: definitions, HTTPS by default, HSTS, Certificate Transparency, modern technologies, ciphersuites, OpenSSL 1.1 Audit
* https://speakerdeck.com/kwhite/https-and-tls-in-2016-security-practices-from-the-front-lines
* https://security.googleblog.com/2016/03/certificate-transparency-for-untrusted.html
* https://http2.github.io/faq/#does-http2-require-encryption
* https://daniel.haxx.se/blog/2015/03/06/tls-in-http2/
2) Chris Nickerson: Bring a bit more Zen to cybersecurity
In light of today's focus on data-driven, objectively proven methods of decision making and prioritization, it's fascinating to see a security vendor conference keynote focus on adding some subjectivity back into the mix. Or at least acknowledging it.
* http://www.csoonline.com/article/3138547/security/chris-nickerson-bring-a-bit-more-zen-to-cybersecurity.html
* http://chainsawsuit.com/comic/2014/09/16/on-research/
* https://www.amazon.com/Flaws-Fallacies-Statistical-Thinking-Mathematics/dp/0486435989?tag=braxtoncom0f-20
* https://goo.gl/TKJ9GS
Breach of the Week
DynDNS Record-breaking DDoS
The IoT cannon heard 'round the Internet.
* https://threatpost.com/dyn-ddos-could-have-topped-1-tbps/121609/
* https://dyn.com/blog/dyn-analysis-summary-of-friday-october-21-attack/
View all episodes
Discussed Articles
1) Kenneth White's Review of HTTP TLS in 2016
Ken White presents a great overview of the state of the art of HTTPS and TLS in 2016, covering: definitions, HTTPS by default, HSTS, Certificate Transparency, modern technologies, ciphersuites, OpenSSL 1.1 Audit
* https://speakerdeck.com/kwhite/https-and-tls-in-2016-security-practices-from-the-front-lines
* https://security.googleblog.com/2016/03/certificate-transparency-for-untrusted.html
* https://http2.github.io/faq/#does-http2-require-encryption
* https://daniel.haxx.se/blog/2015/03/06/tls-in-http2/
2) Chris Nickerson: Bring a bit more Zen to cybersecurity
In light of today's focus on data-driven, objectively proven methods of decision making and prioritization, it's fascinating to see a security vendor conference keynote focus on adding some subjectivity back into the mix. Or at least acknowledging it.
* http://www.csoonline.com/article/3138547/security/chris-nickerson-bring-a-bit-more-zen-to-cybersecurity.html
* http://chainsawsuit.com/comic/2014/09/16/on-research/
* https://www.amazon.com/Flaws-Fallacies-Statistical-Thinking-Mathematics/dp/0486435989?tag=braxtoncom0f-20
* https://goo.gl/TKJ9GS
Breach of the Week
DynDNS Record-breaking DDoS
The IoT cannon heard 'round the Internet.
* https://threatpost.com/dyn-ddos-could-have-topped-1-tbps/121609/
* https://dyn.com/blog/dyn-analysis-summary-of-friday-october-21-attack/