Description: “Never open the door to a lesser evil, for other and greater ones invariably slink in after it.” – Balthazar Gracian
Military doctrine often speaks of attacking the seams — the weak points where two organizations meet and have to coordinate. Seams are notoriously difficult to protect because of the inherent risks and challenges associated with information sharing between two organizations. The US Military has doctrine to train its soldiers how to properly coordinate with their sister organizations to keep the bad guys from slipping through the seams; can the same be said of your IT organization? This talk will focus on the risks and risk mitigation strategies for three common ‘seams’ in integrating new technology into your stack:
coordination between the app developers and the sysadmins who will have to maintain it in production,
configuration management of all of the dependencies for the application(s) being fielded, and
the management of defects/errors in the system and its dependencies.
Bio
Paul Vencill provides full-stack software engineering, architecture and policy support to US Government agencies at MITRE, a non-profit company which runs Federally Funded Research and Development Centers. He also serves as the Chief Builder of Things at CyberStride, LLC, and the CIO of the Atlantic Division in the US Army Reserves.
Working in both the public and private sectors, he has a strong interest in the security environment of the development process. This includes addressing issues such as, establishing encrypted channels between developers and clients who may already be under online surveillance, and educating clients in good security practices during the development and deployment phases. In other words, making sure the client doesn’t compromise the application or architecture before it’s even coded.
An armor (tank) officer and graduate of West Point’s class of 1995, Paul is married, and the proud father of two budding geeks.
For More information please visit : - http://www.irongeek.com/i.php?page=videos/showmecon2014/mainlist
http://www.showmecon.com
Tags:
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.