Gary McGraw - Podcast Details

Shows

Cigital » The Silver Bullet Security Podcast with Gary McGraw Show 123: Yanek Korff Discusses How to Build a Successful Technical TeamYanek Korff is the owner of Korff Consulting, LLC where he is a strategic consultant advising firms on information security topics. Having worked at Bell Atlantic, Cigital, AOL, and Mandiant, Yanek has well over a decade of experience in security operations, development, and infrastructure. Listen as Gary and Yanek discuss outsourcing, people vs. automation, incident … Continue reading Show 123: Yanek Korff Discusses How to Build a Successful Technical Team The post Show 123: Yanek Korff Discusses How to Build a Successful Technical Team appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

2016-06-2827 min

Cigital » The Silver Bullet Security Podcast with Gary McGraw Show 120: Silver Bullet Celebrates 10 Years! Marcus Ranum Interviews Gary McGrawTo celebrate 10 straight years of the monthly Silver Bullet Security Podcast, we’re flipping the mic. During the past decade, Dr. Gary McGraw has interviewed some of the security industry’s most influential gurus. A globally recognized authority on security and software, he is the CTO of Cigital and the author of eight bestselling books on … Continue reading Show 120: Silver Bullet Celebrates 10 Years! Marcus Ranum Interviews Gary McGraw The post Show 120: Silver Bullet Celebrates 10 Years! Marcus Ranum Interviews Gary McGraw appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

2016-03-3025 min

Cigital » The Silver Bullet Security Podcast with Gary McGraw Show 118: Jack Daniel Discusses Security BSides, Communities, and the Big Picture of SecurityGary talks to Jack Daniel, a leading technology community activist, about the evolution of the community-driven BSides Con, changes in the security field over the last decade, and his thoughts on where good security people come from. Jack is currently a Strategist for Tenable Network Security, and has over twenty years of experience in network … Continue reading Show 118: Jack Daniel Discusses Security BSides, Communities, and the Big Picture of Security The post Show 118: Jack Daniel Discusses Security BSides, Communities, and the Big Picture of Security appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

2016-01-2939 min

Cigital » The Silver Bullet Security Podcast with Gary McGraw Show 117: Jamie Butler Discusses Security Research, Thinking Like a Hacker, And Rootkit DevelopmentGary talks to Jamie Butler, a self-proclaimed “coder at heart,” about the importance of an offensive security approach, attack patterns, and his specialization in rootkit development. Jamie is currently the CTO and Chief Scientist at Endgame where he leads research on advanced threats, vulnerabilities, and attack patterns. He has directed vulnerability research teams at a … Continue reading Show 117: Jamie Butler Discusses Security Research, Thinking Like a Hacker, And Rootkit Development The post Show 117: Jamie Butler Discusses Security Research, Thinking Like a Hacker, And Rootkit Development appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

2015-12-2237 min

Cigital » The Silver Bullet Security Podcast with Gary McGraw Show 116: Doug Maughan Discusses the Current State Of Cyber Security In the U.S. Department Of Homeland SecurityGary talks to Dr. Doug Maughan about scientific research in computer security and its relationship to wider government efforts in security. Maughan is currently the Cyber Security Division (CSD) Director for the Homeland Security Advanced Research Projects Agency. With a Ph.D. in Computer Science and over 10 years of experience working with the Department of Homeland … Continue reading Show 116: Doug Maughan Discusses the Current State Of Cyber Security In the U.S. Department Of Homeland Security The post Show 116: Doug Maughan Discusses the Current State Of Cyber Security In the U.S. Department Of Homeland Security appeared fi...

2015-12-0129 min

Cigital » The Silver Bullet Security Podcast with Gary McGraw Show 115: Peiter “mudge” Zatko Discusses the L0pht and Government InfluenceGary talks to Peiter Zatko, better known as “mudge” in hacker and security circles, about the evolution of the L0pht hacker collective and how his work in security influenced key agencies within the U.S. government to ramp up their cybersecurity efforts. During his time as a Program Manager with DARPA, mudge worked to fund much needed … Continue reading Show 115: Peiter “mudge” Zatko Discusses the L0pht and Government Influence The post Show 115: Peiter “mudge” Zatko Discusses the L0pht and Government Influence appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

2015-10-2838 min

Cigital » The Silver Bullet Security Podcast with Gary McGraw Show 114: Peter Clay Discusses the Evolution of the CISO RoleGary talks to the Chief Information Security Officer of Qlik, Peter “Pete” Clay, who holds 20+ years of experience in technology growth and its relationship to security from a risk management perspective. Pete brings federal, public, private and start-up insight into the global security space. He shares personal lessons he has learned as a consultant … Continue reading Show 114: Peter Clay Discusses the Evolution of the CISO Role The post Show 114: Peter Clay Discusses the Evolution of the CISO Role appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

2015-09-2931 min

Cigital » The Silver Bullet Security Podcast with Gary McGraw Show 113: Chandu Ketkar Discusses Software Security Best PracticesGary talks to Cigital’s Chandu Ketkar. With 20+ years of experience as a developer prior to getting into security, Chandu brings a unique and enlightened view to software security. Chandu shares his insight into why developers and security experts struggle to get along, and offers a solution from the world of economics. He also provides … Continue reading Show 113: Chandu Ketkar Discusses Software Security Best Practices The post Show 113: Chandu Ketkar Discusses Software Security Best Practices appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

2015-08-3127 min

Cigital » The Silver Bullet Security Podcast with Gary McGraw Show 111 – An Interview with Marcus RanumHas software security actually gotten worse? On the 111th episode of The Silver Bullet Security Podcast, Gary talks with Marcus Ranum, Chief Security Officer of Tenable Network Security. He is the inventor of both the proxy firewall and early-advanced intrusion systems. Gary and Marcus discuss the current state of software security, firewalls, de-perimeterization, and hackers. … Continue reading Show 111 – An Interview with Marcus Ranum The post Show 111 – An Interview with Marcus Ranum appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

2015-06-3034 min

Cigital » The Silver Bullet Security Podcast with Gary McGraw Show 110 – An Interview with Paul DoreyOn the 110th episode of The Silver Bullet Security Podcast, Gary talks with Paul Dorey, founder of CSO Confidential and Visiting Professor at the University of London. Gary and Paul discuss the modern role of the CSO and the ideal background for a CSO, Paul’s biggest win and biggest mistake as a CSO, and the … Continue reading Show 110 – An Interview with Paul Dorey The post Show 110 – An Interview with Paul Dorey appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

2015-05-3025 min

Cigital » The Silver Bullet Security Podcast with Gary McGraw Show 109 – An Interview with Bart PreneelOn the 109th episode of The Silver Bullet Security Podcast, Gary is joined by Bart Preneel. Bart is a full professor at the KU Leuven, one of the oldest universities in the world. Gary and Bart discuss the differences in approaches to security between the EU and the US, what the picture of building security … Continue reading Show 109 – An Interview with Bart Preneel The post Show 109 – An Interview with Bart Preneel appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

2015-04-2225 min

Cigital » The Silver Bullet Security Podcast with Gary McGraw Show 108 – An Interview with Katie MoussourisIn the 108th episode of the Silver Bullet Security podcast, Gary talks with Katie Moussouris, Chief Policy Officer of HackerOne. Gary and Katie discuss her first program (a piece of interactive fiction in the Choose Your Own Adventure category written in Basic), bug bounty programs, how financial services and healthcare firms might approach vulnerability management, … Continue reading Show 108 – An Interview with Katie Moussouris The post Show 108 – An Interview with Katie Moussouris appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

2015-03-2730 min

Cigital » The Silver Bullet Security Podcast with Gary McGraw Show 107 – An Interview with Jean CampL. Jean Camp is a Professor at the Indiana University School of Informatics and Computing. Gary and Jean discuss usability and security, whether users’ implicit expectations of security and privacy are enough to move the mobile market, and “old people” and security. They close out their discussion with the most surprising hangover cure and Jean’s … Continue reading Show 107 – An Interview with Jean Camp The post Show 107 – An Interview with Jean Camp appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

2015-02-2833 min

Cigital » The Silver Bullet Security Podcast with Gary McGraw Show 106 – An Interview with Steve KatzSteve Katz is owner and founder of Security Risk Solutions and the “world’s first CISO.” Gary and Steve discuss the history and evolution of the CISO position, the difficulty of measuring risk in a realistic fashion, how to allocate resources between proactive security engineering and standard network security, triage, and incident response, what it means … Continue reading Show 106 – An Interview with Steve Katz The post Show 106 – An Interview with Steve Katz appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

2015-01-3135 min

Cigital » The Silver Bullet Security Podcast with Gary McGraw The History of Public Key Cryptography with Whitfield DiffieOn the 105th episode of the Silver Bullet Security Podcast, Gary talks with the legendary Whitfield Diffie, a pioneer of public-key cryptography. Gary and Whitfield discuss the history of public key cryptography, Diffie’s work on the “proof of correctness of programs,” and if backdoors into crypto systems are a bad idea. They close out by … Continue reading The History of Public Key Cryptography with Whitfield Diffie The post The History of Public Key Cryptography with Whitfield Diffie appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

2014-12-3143 min

Cigital » The Silver Bullet Security Podcast with Gary McGraw Show 104 – An Interview with Rick GordonOn the 104th episode of the Silver Bullet Security Podcast, Gary chats with Rick Gordon, Managing Partner at MACH37. Gary and Rick discuss Rick’s time in the Navy and what it taught him about security, Rick’s lessons learned from his time as CEO of Tovaris, whether the government outside of DARPA understands security engineering, and … Continue reading Show 104 – An Interview with Rick Gordon The post Show 104 – An Interview with Rick Gordon appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

2014-11-3034 min

Cigital » The Silver Bullet Security Podcast with Gary McGraw Show 103 – An Interview with Brian KrebsOn the 103rd episode of the Silver Bullet Security Podcast, Gary talks with Brian Krebs, reporter and blogger at Krebs on Security. Gary and Brian discuss how growing up with a computer affected their future careers in security, MUD vs MAD, why “old media” can’t support in-depth security reporting, and why the government continues to … Continue reading Show 103 – An Interview with Brian Krebs The post Show 103 – An Interview with Brian Krebs appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

2014-10-3138 min

Cigital » The Silver Bullet Security Podcast with Gary McGraw Show 102 – An Interview with Richard DanzigOn the 102nd episode of the Silver Bullet Security Podcast, Gary chats with Richard Danzig, one time Secretary of the Navy and Board member of the Center for New American Security (among several other things). Gary and Richard discuss Richard’s time at the Department of Defense, what he learned when running the US Navy that … Continue reading Show 102 – An Interview with Richard Danzig The post Show 102 – An Interview with Richard Danzig appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

2014-09-1738 min

Cigital » The Silver Bullet Security Podcast with Gary McGraw Software Security with the Founders of the Center for Secure DesignOn the 101st episode of the Silver Bullet Security Podcast, Gary talks with Jim Del Grosso (Cigital), Yoshi Kohno (University of Washington), and Christoph Kern (Google) in a roundtable devoted to the new IEEE Center for Secure Design. The participants discuss the origin of the Center, why design flaws are more difficult to fix than … Continue reading Software Security with the Founders of the Center for Secure Design The post Software Security with the Founders of the Center for Secure Design appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

2014-08-2637 min

Cigital » The Silver Bullet Security Podcast with Gary McGraw The State of Software Security with Cigital’s PrincipalsAfter 100 months in a row (over 8 years), the Silver Bullet Security Podcast with Gary McGraw hits its landmark 100th episode. In this episode Gary talks live on video with Cigital’s Principals: John Steven, Scott Matsumoto, Paco Hope, Jim DelGrosso and Sammy Migues. The group discusses the state of software security and how its … Continue reading The State of Software Security with Cigital’s Principals The post The State of Software Security with Cigital’s Principals appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

2014-07-2329 min

Cigital » The Silver Bullet Security Podcast with Gary McGraw the PLDI and Software Security with Michael HicksOn the 99th episode of the Silver Bullet Security Podcast, Gary talks with Michael Hicks, professor Computer Science at the University of Maryland. In this episode, they discuss the Programming Language Design and Implementation (PLDI) conference, type safety, closure, dynamic languages, why C is problematic, and how Javascript is dangerous. They go on to discuss … Continue reading the PLDI and Software Security with Michael Hicks The post the PLDI and Software Security with Michael Hicks appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

2014-07-0134 min

Cigital » The Silver Bullet Security Podcast with Gary McGraw The Hype behind Heartbleed with Bart MillerOn the 98th episode of the Silver Bullet Security Podcast, Gary chats with Bart Miller, Professor of Computer Science at the University of Wisconsin-Madison and Chief Scientist of the DHS Software Assurance Marketplace Research Facility. Gary and Bart discuss Heartbleed, fuzz testing, his work with Jeff Hollingsworth on dynamic instrumentation of binaries, and the SWAMP … Continue reading The Hype behind Heartbleed with Bart Miller The post The Hype behind Heartbleed with Bart Miller appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

2014-05-3037 min

Cigital » The Silver Bullet Security Podcast with Gary McGraw The Development Side of Software Security with Aaron BedraOn the 97th episode of the Silver Bullet Security Podcast, Gary chats with Aaron Bedra, Senior Manager of Application Security at Groupon. Gary and Aaron discuss how security is viewed by development teams that Aaron has worked with, how a security person could transition into software security, the importance of developing a security culture, type … Continue reading The Development Side of Software Security with Aaron Bedra The post The Development Side of Software Security with Aaron Bedra appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

2014-05-0135 min

Cigital » The Silver Bullet Security Podcast with Gary McGraw Show 096 – An Interview with Nate FickOn the 96th episode of the Silver Bullet Security Podcast, Gary talks with Nate Fick, CEO of Endgame. Gary and Nate discuss the use of the term “cyber war” from the perspective of an ex-Marine, Nate’s time at the Center for a New American Security, the Estonia DDOS attack, and how Nate has turned around … Continue reading Show 096 – An Interview with Nate Fick The post Show 096 – An Interview with Nate Fick appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

2014-04-0134 min

Cigital » The Silver Bullet Security Podcast with Gary McGraw Show 095 – An Interview with Charlie MillerOn the 95th episode of the Silver Bullet Security Podcast, Gary talks with Charlie Miller, a computer security researcher with Twitter. They discuss Charlie’s history in finding security flaws in Apple products, hacking cars, and whether we’re past the bug whack-a-mole days. They close out their chat with Charlie’s official car hacking soundtrack. @0xcharlie Charlie … Continue reading Show 095 – An Interview with Charlie Miller The post Show 095 – An Interview with Charlie Miller appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

2014-02-2531 min

Cigital » The Silver Bullet Security Podcast with Gary McGraw Show 094 – An Interview with Ming ChowOn the 94th episode of the Silver Bullet Security Podcast, Gary chats with Ming Chow, lecturer at Tufts University School of Engineering’s Department of Computer Science. Gary and Ming discuss whether it’s better to start with security people or people that know how to code already when building new software security professionals. They also talk … Continue reading Show 094 – An Interview with Ming Chow The post Show 094 – An Interview with Ming Chow appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

2014-01-3133 min

Cigital » The Silver Bullet Security Podcast with Gary McGraw Show 093 – An Interview with Yoshi KohnoOn the 93rd episode of the Silver Bullet Security Podcast, Gary chats with Yoshi Kohno, Associate Professor of Computer Science and Engineering at the University of Washington. Gary and Yoshi discuss how much impact academic security impacts commercial security, car hacking, whether it’s possible to get the media to cover good software security, and helping … Continue reading Show 093 – An Interview with Yoshi Kohno The post Show 093 – An Interview with Yoshi Kohno appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

2013-12-2435 min

Cigital » The Silver Bullet Security Podcast with Gary McGraw The Early Days of Computing with Jon CallasOn the 92nd episode of the Silver Bullet Security Podcast, Gary chats with Jon Callas, Chief Technology Officer at Silent Circle and all around crypto freedom fighter. Gary and Jon talk about the early days of computing, insanely early computer security, nascent crypto, PGP, Lavabit, Snowden, and what Silent Circle is doing to make secure … Continue reading The Early Days of Computing with Jon Callas The post The Early Days of Computing with Jon Callas appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

2013-11-2737 min

Cigital » The Silver Bullet Security Podcast with Gary McGraw A Breakdown of the BSIMM-V with Caroline WongOn the 91st episode of the Silver Bullet Security Podcast, Gary talks with Caroline Wong, Cigital’s Director of Security Initiatives. Gary and Caroline discuss the newly-released BSIMM-V, the concept of “SSI (Software Security Initative) in a box,” the most successful metrics that Caroline has used throughout her career at eBay and other high-profile firms, and … Continue reading A Breakdown of the BSIMM-V with Caroline Wong The post A Breakdown of the BSIMM-V with Caroline Wong appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

2013-10-3033 min

Cigital » The Silver Bullet Security Podcast with Gary McGraw Cryptography compared with Matthew GreenOn the 90th episode of the Silver Bullet Security Podcast, Gary talks with Matthew Green, Assistant Research Professor at the Johns Hopkins Information Security Institute. Gary and Matt discuss the difference between theoretical cryptography and applied cryptography, the “On the NSA” blog post takedown scare, and the allegedly ‘backdoored’ Dual_EC_DRBG RSA/EMC random number generator. Gary … Continue reading Cryptography compared with Matthew Green The post Cryptography compared with Matthew Green appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

2013-10-0126 min

Cigital » The Silver Bullet Security Podcast with Gary McGraw Academic vs. Corporate research with Michael ReiterOn the 89th episode of the Silver Bullet Security Podcast, Gary chats with Mike Reiter, Lawrence M. Slifkin Distinguished Professor in the Department of Computer Science at the University of North Carolina at Chapel Hill. Gary and Mike discuss the differences and similarities between academic research and corporate research, the challenges of teaching computer security, … Continue reading Academic vs. Corporate research with Michael Reiter The post Academic vs. Corporate research with Michael Reiter appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

2013-09-0129 min

Cigital » The Silver Bullet Security Podcast with Gary McGraw Teaching Security Globally with Christian CollbergOn the 88th episode of the Silver Bullet Security Podcast, Gary talks with Christian Collberg, Ph.D., Associate Professor of Computer Science at the University of Arizona. Gary and Christian discuss what drew Christian to teaching Computer Security in the United States after living in several other countries, Christian’s book Surreptitious Software, Christian’s opinions on products … Continue reading Teaching Security Globally with Christian Collberg The post Teaching Security Globally with Christian Collberg appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

2013-07-3121 min

Cigital » The Silver Bullet Security Podcast with Gary McGraw Progression of Software Security with James WaldenOn the 87th episode of the Silver Bullet Security Podcast, Gary chats with James Walden, Ph.D., Associate Professor of Computer Science at Northern Kentucky University. Gary and James discuss the progress being made in the field of software security, why there are plenty of top N lists for bugs but none for flaws, the difficulties … Continue reading Progression of Software Security with James Walden The post Progression of Software Security with James Walden appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

2013-06-3028 min

Cigital » The Silver Bullet Security Podcast with Gary McGraw Technical Culture across the Pacific with Wenyuan XuOn the 86th episode of the Silver Bullet Security Podcast, Gary chats with Wenyuan Xu, Associate Professor in the Department of Computer Science and Engineering at the University of South Carolina. Gary and Wenyuan discuss the differences between American and Chinese technical culture, Wenyuan’s work on automatic meter reading systems, whether electrical engineering is more … Continue reading Technical Culture across the Pacific with Wenyuan Xu The post Technical Culture across the Pacific with Wenyuan Xu appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

2013-05-3126 min

Cigital » The Silver Bullet Security Podcast with Gary McGraw Show 085 – A Discussion with Jim Routh and Scott MatsumotoThe 85th episode of the Silver Bullet Security Podcast is a double whammy. Gary talks mobile security with two guests —Jim Routh, former global head of application security at JP Morgan Chase (and newly-appointed CSO), and Scott Matusmoto, Principal Consultant and head of the mobile security practice at Cigital. All three discuss the challenges of … Continue reading Show 085 – A Discussion with Jim Routh and Scott Matsumoto The post Show 085 – A Discussion with Jim Routh and Scott Matsumoto appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

2013-04-3036 min

Cigital » The Silver Bullet Security Podcast with Gary McGraw Learning Science in the Country with Hord TiptonOn the 84th episode of the Silver Bullet Security Podcast, Gary chats with W. Hord Tipton, Executive Director of (ISC)2. Gary and Hord discuss how one gets into science and engineering when growing up in rural Tennessee, what insight being nuclear and chemical engineer gives Hord about modern control systems, whether or not certification can … Continue reading Learning Science in the Country with Hord Tipton The post Learning Science in the Country with Hord Tipton appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

2013-04-0137 min

Cigital » The Silver Bullet Security Podcast with Gary McGraw Show 083 – An Interview with Mark GraffOn the 83rd episode of the Silver Bullet Security Podcast, Gary talks with Mark Graff, CISO at NASDAQ OMX. Gary and Mark discuss what exactly a CISO does all day, how corporate security posture at NASDAQ compares to the security posture at Lawrence Livermore National Laboratory, Enrico Fermi and the piano tuners (the “Fermi problem”) … Continue reading Show 083 – An Interview with Mark Graff The post Show 083 – An Interview with Mark Graff appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

2013-02-2837 min

Cigital » The Silver Bullet Security Podcast with Gary McGraw Show 082 – An Interview with Kevin FuOn the 82nd episode of the Silver Bullet Security Podcast, Gary talks with Kevin Fu, Associate Professor in the EECS Department at the University of Michigan. Gary and Kevin discuss finding advisors and picking a grad school, the security implications of embedded medical devices, malware in hospital systems, the consumer trend toward analyzing one’s own … Continue reading Show 082 – An Interview with Kevin Fu The post Show 082 – An Interview with Kevin Fu appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

2013-01-1827 min

Cigital » The Silver Bullet Security Podcast with Gary McGraw Show 081 – An Interview with Steve BellovinOn the 81st episode of the Silver Bullet Security Podcast, Gary talks with Steve Bellovin, Professor of Computer Science at Columbia University, currently on leave and acting as CTO of the Federal Trade Commission. Gary and Steve discuss how often academic research finds its way into the real world versus research that’s done in a … Continue reading Show 081 – An Interview with Steve Bellovin The post Show 081 – An Interview with Steve Bellovin appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

2012-12-2633 min

Cigital » The Silver Bullet Security Podcast with Gary McGraw Show 080 – An Interview with Thomas RidOn the 80th episode of the Silver Bullet Security Podcast, Gary talks with Thomas Rid, Reader in War Studies at King’s College London and a non-resident fellow at the Center for Transatlantic Relations in the School for Advanced International Studies, Johns Hopkins University, in Washington, DC. In this episode, Gary and Thomas discuss how Thomas’ … Continue reading Show 080 – An Interview with Thomas Rid The post Show 080 – An Interview with Thomas Rid appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

2012-11-3000 min

Cigital » The Silver Bullet Security Podcast with Gary McGraw Show 079 – Software Security Initiative at Sony with Per-Olof PerssonOn the 79th episode of the Silver Bullet Security Podcast, Gary talks with Per-Olof Persson (a.k.a. Peo), head of Global Software Security Operations at Sony Mobile and Board member of Sony Corporation. Gary and Per-Olof discuss the importance of working different positions within the same company, Sony Mobile’s software security initiative, the political concerns of … Continue reading Show 079 – Software Security Initiative at Sony with Per-Olof Persson The post Show 079 – Software Security Initiative at Sony with Per-Olof Persson appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

2012-10-2427 min

Cigital » The Silver Bullet Security Podcast with Gary McGraw Show 078 – An Interview with Jacob WestOn the 78th episode of the Silver Bullet Security Podcast, Gary talks with Jacob West, Director, Software Security Research for the Enterprise Security Products division of Hewlett-Packard and newly minted CTO. Gary and Jacob discuss HP’s acquisition of Fortify, the technical trade-offs that have to be made to allow a tool become widely adopted, BSIMM4, … Continue reading Show 078 – An Interview with Jacob West The post Show 078 – An Interview with Jacob West appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

2012-09-3030 min

Cigital » The Silver Bullet Security Podcast with Gary McGraw Show 077 – An Interview with Gary WarzalaOn the 77th episode of the Silver Bullet Security Podcast, Gary talks with Gary Warzala, CISO of Visa International. The Garys discuss what a CISO’s day-to-day job looks like, how companies can attract and retain good security employees, whether consumers need to understand the difference between software security and security software, and how one can … Continue reading Show 077 – An Interview with Gary Warzala The post Show 077 – An Interview with Gary Warzala appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

2012-08-2824 min

Cigital » The Silver Bullet Security Podcast with Gary McGraw Show 076 – An Interview with David EvansOn the 76th episode of the Silver Bullet Security Podcast, Gary chats with David Evans, Associate Professor of Computer Science at the University of Virginia. Gary and Dave discuss the founding of the Interdisciplinary Major in Computer Science (BA) at UVa and why a broad approach to Computer Science and Computer Security is a good … Continue reading Show 076 – An Interview with David Evans The post Show 076 – An Interview with David Evans appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

2012-07-2732 min

Cigital » The Silver Bullet Security Podcast with Gary McGraw Show 075 – An Interview with Howard SchmidtOn the landmark 75th episode of Silver Bullet, Gary talks with Howard Schmidt, former Cybersecurity Coordinator for the Obama administration. In this episode, Gary and Howard discuss the differences between doing security work in the public and private sectors, the difficulties of establishing cybersecurity in the government (especially when it comes to software security), the … Continue reading Show 075 – An Interview with Howard Schmidt The post Show 075 – An Interview with Howard Schmidt appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

2012-06-3000 min

Cigital » The Silver Bullet Security Podcast with Gary McGraw Show 074 – An Interview with Bruce SchneierOn the 74th episode of The Silver Bullet Security Podcast, Gary talks for a second time with Bruce Schneier. They revisit Bruce’s prediction in episode 9 that insight into economics and security would help vendors sell their products more efficiently. In addition, they discuss Bruce’s new book Liars and Outliers: Enabling the Trust that Society … Continue reading Show 074 – An Interview with Bruce Schneier The post Show 074 – An Interview with Bruce Schneier appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

2012-05-3029 min

Cigital » The Silver Bullet Security Podcast with Gary McGraw Show 073 – An Interview with Robert VamosiOn the 73rd episode of The Silver Bullet Security Podcast, Gary talks with Robert Vamosi, senior analyst with Mocana, freelance security reporter, and author of When Gadgets Betray Us. Gary and Robert discuss whether we’re doomed to idiocy as a species thanks to gadget dependency, why designers ignore security and privacy issues in gadget design. … Continue reading Show 073 – An Interview with Robert Vamosi The post Show 073 – An Interview with Robert Vamosi appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

2012-04-3026 min

Cigital » The Silver Bullet Security Podcast with Gary McGraw Show 072 – An Interview with Randy SabettOn the 72nd episode of The Silver Bullet Security Podcast, Gary talks with Randy Sabett, a lawyer with the ZwillGen cyber-law firm in Washington, DC. Gary and Randy discuss Microsoft’s Zeus Botnet raid, alleged AT&T/NSA wiretapping, whether cyberlaw is full of loopholes, and if security always trades off against privacy and anonymity. They close out … Continue reading Show 072 – An Interview with Randy Sabett The post Show 072 – An Interview with Randy Sabett appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

2012-03-3037 min

Cigital » The Silver Bullet Security Podcast with Gary McGraw Show 071 – An Interview with Bill ArbaughOn the 71st episode of The Silver Bullet Security Podcast, Gary talks with Bill Arbaugh, Associate Professor of Computer Science at University of Maryland. Gary and Bill discuss how malware has evolved and changed over the last decade and how it’s affected software security practices, BIOS-based attacks, academia vs. startup, and why the NSA doesn’t … Continue reading Show 071 – An Interview with Bill Arbaugh The post Show 071 – An Interview with Bill Arbaugh appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

2012-02-2900 min

Cigital » The Silver Bullet Security Podcast with Gary McGraw Show 070 – An Interview with Ross AndersonThe 70th episode of The Silver Bullet Security Podcast is our first repeat performance. Gary chats a second time with Ross Anderson, Professor of Security Engineering at the Computer Laboratory at Cambridge University and author of the book Security Engineering. Ross was a guest on episode 13 of The Silver Bullet Security Podcast and is … Continue reading Show 070 – An Interview with Ross Anderson The post Show 070 – An Interview with Ross Anderson appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

2012-01-3100 min

Cigital » The Silver Bullet Security Podcast with Gary McGraw Show 069 – An Interview with Steve MyersOn the 69th episode of The Silver Bullet Security Podcast, Gary talks with Steve Myers, Assistant Professor of Informatics and Computing in the School of Informatics at Indiana University and a member of the Center for Applied Cybersecurity. During this show, Gary and Steve discuss the gap between “real world” computer security and “academic” computer … Continue reading Show 069 – An Interview with Steve Myers The post Show 069 – An Interview with Steve Myers appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

2011-12-2929 min

Cigital » The Silver Bullet Security Podcast with Gary McGraw Show 068 – An Interview with John StevenOn the 68th episode of The Silver Bullet Security Podcast, Gary is joined in the studio by John Steven, internal CTO at Cigital. Gary and John discuss how software architecture is being pulled by financial services instead of being pushed by technology firms, why architecture risk analysis is so important (and so hard to automate), … Continue reading Show 068 – An Interview with John Steven The post Show 068 – An Interview with John Steven appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

2011-11-3034 min

Cigital » The Silver Bullet Security Podcast with Gary McGraw Show 067 – An Interview with Bill PughOn the 67th episode of The Silver Bullet Security Podcast, Gary talks with Bill Pugh, professor at the University of Maryland College Park. Gary and Bill discuss the Marmoset and FindBugs projects, how to teach kids to code and whether coding is an innate ability or is something that can be taught. They also geek … Continue reading Show 067 – An Interview with Bill Pugh The post Show 067 – An Interview with Bill Pugh appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

2011-10-2840 min

Cigital » The Silver Bullet Security Podcast with Gary McGraw Show 066 – An Interview with Shari Lawrence PfleegerOn the 66th episode of The Silver Bullet Security Podcast, Gary chats with Shari Lawrence Pfleeger, Director of Research for the Institute for Information Infrastructure Protection at Dartmouth College. Gary and Shari discuss the difference between safety-critical software and security-critical software, why measuring software is hard (security notwithstanding), how to speed up tech transfer, and … Continue reading Show 066 – An Interview with Shari Lawrence Pfleeger The post Show 066 – An Interview with Shari Lawrence Pfleeger appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

2011-09-2927 min

Cigital » The Silver Bullet Security Podcast with Gary McGraw Show 065 – An Interview with Giovanni VignaOn the 65th episode of The Silver Bullet Security Podcast, Gary is joined by Giovanni Vigna, professor of Computer Science at UC Santa Barbara. They discuss DEFCON’s classic Capture the Flag contest as well as UCSB’s international version. They ponder how the notion of “build security in” might be integrated into a CTF-type contest. Gary … Continue reading Show 065 – An Interview with Giovanni Vigna The post Show 065 – An Interview with Giovanni Vigna appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

2011-08-2930 min

Cigital » The Silver Bullet Security Podcast with Gary McGraw Show 064 – An Interview with Markus SchumacherOn the 64th episode of The Silver Bullet Security Podcast, Gary chats with Markus Schumacher, co-founder and CEO of Virtual Forge. Gary and Markus discuss the difference between working for a large corporate and a startup, why Virtual Forge built a code scanning tool for SAP’s ABAP code, whether security people understand the notion of … Continue reading Show 064 – An Interview with Markus Schumacher The post Show 064 – An Interview with Markus Schumacher appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

2011-07-2921 min

Cigital » The Silver Bullet Security Podcast with Gary McGraw Show 063 – An Interview with Craig MillerOn the 63rd episode of The Silver Bullet Security Podcast, Gary talks with Craig Miller, principal at the MAPA Group. Gary and Craig discuss entrepreneurship, the pluses and minuses of working for start-ups and very large corporations, smart grid security, and working with NRECA. They close out the show discussing movies and books. Dr. Craig … Continue reading Show 063 – An Interview with Craig Miller The post Show 063 – An Interview with Craig Miller appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

2011-06-2832 min

Cigital » The Silver Bullet Security Podcast with Gary McGraw Show 062 – An Interview with Halvar FlakeOn the 62nd episode of The Silver Bullet Security Podcast, Gary chats with Halvar Flake (a.k.a. Thomas Dullien), founder of reverse engineering consultancy, Zynamics, which was recently purchased by Google. Gary and Halvar discuss the acquisition, Zynamics’ product BinDiff, whether the “bad guys” are using code understanding tools (including decompilers) better than developers, static versus … Continue reading Show 062 – An Interview with Halvar Flake The post Show 062 – An Interview with Halvar Flake appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

2011-05-3130 min

Cigital » The Silver Bullet Security Podcast with Gary McGraw Show 061 – An Interview with Carl LandwehrOn the 61st episode of The Silver Bullet Security Podcast, Gary talks with Carl Landwehr, Director of Trustworthy Computing at the National Science Foundation and a Senior Research Scientist at the Institute for Systems Research within the University of Maryland. Gary and Carl discuss the most important changes in information security that have developed over … Continue reading Show 061 – An Interview with Carl Landwehr The post Show 061 – An Interview with Carl Landwehr appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

2011-04-2827 min

Cigital » The Silver Bullet Security Podcast with Gary McGraw Show 060 – An Interview with Neil DaswaniOn the 5th anniversary, 60th episode of The Silver Bullet Security Podcast, Gary talks with Neil Daswani, CTO and co-founder of Dasient. Gary and Neil discuss Neil’s previous work at Google and how the “start-up like” atmosphere at Google compares with an actual start-up. They also discuss bad ads (aka malvertising), Clickbot.A, the software security … Continue reading Show 060 – An Interview with Neil Daswani The post Show 060 – An Interview with Neil Daswani appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

2011-03-3029 min

Cigital » The Silver Bullet Security Podcast with Gary McGraw Show 058 – An Interview with John SavageOn the 58th episode of The Silver Bullet Security Podcast, Gary talks with John Savage, professor of Computer Science at Brown University and Jefferson Science Fellow for the State Department. Gary and John discuss whether Wikileaks is a terrorist organization, if the use of a cyber-weapon like Stuxnet can be a morally justified act, and … Continue reading Show 058 – An Interview with John Savage The post Show 058 – An Interview with John Savage appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

2011-01-2429 min

Cigital » The Silver Bullet Security Podcast with Gary McGraw Show 057 – An Interview with Elinor MillsOn the 57th Silver Bullet Security Podcast, Gary talks with Elinor Mills, senior writer at CNET’s news.com. At CNET, Elinor covers Internet technology and security. Gary and Elinor discuss how writing about technology for news organizations has changed over the last 20 years, how technology adoption in Portugal differs from the States, WikiLeaks and the … Continue reading Show 057 – An Interview with Elinor Mills The post Show 057 – An Interview with Elinor Mills appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

2010-12-2330 min

Cigital » The Silver Bullet Security Podcast with Gary McGraw Show 056 – An Interview with Sammy MiguesOn the 56th Silver Bullet Security Podcast, Gary sits down with Sammy Migues, Principal and Director of Knowledge Management at Cigital. Gary and Sammy discuss how Sammy’s southern upbringing affects his approach to security, his experience speaking to the National Rural Electric Cooperative Association, the advantages of defensive programming versus “the bug parade” and the … Continue reading Show 056 – An Interview with Sammy Migues The post Show 056 – An Interview with Sammy Migues appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

2010-11-3026 min

Cigital » The Silver Bullet Security Podcast with Gary McGraw Show 055 – An Interview with Deborah FrinckeOn the 55th Silver Bullet Security Podcast, Gary chats with Deborah Frincke, Chief Scientist, Cybersecurity at Pacific Northwest National Laboratory. Gary and Deb discuss the differences between being a professor and a researcher, whether a professional certification is better than an academic degree, and how a woman’s reasons for getting into the computer security field … Continue reading Show 055 – An Interview with Deborah Frincke The post Show 055 – An Interview with Deborah Frincke appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

2010-10-2922 min

Cigital » The Silver Bullet Security Podcast with Gary McGraw The Decades Science Fiction with Marc DonnerOn the 54th Silver Bullet Security Podcast, Gary talks with Dr. Marc Donner, engineering director for Google Health and Google Finance. Gary and Marc discuss science-fiction books from the last decade, why Americans like to talk about cyberwarfare, and security issues and privacy concerns as related to Google Health initiatives. They finish up their discussion … Continue reading The Decades Science Fiction with Marc Donner The post The Decades Science Fiction with Marc Donner appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

2010-09-2727 min

Cigital » The Silver Bullet Security Podcast with Gary McGraw A Breakdown of Security Analysis with Paul KocherOn the 52nd episode of The Silver Bullet Security Podcast, Gary chats with Paul Kocher, President and Chief Scientist of Cryptography Research. Gary and Paul discuss the first system that Paul ever broke, whether engineers and architects need to think like the “bad guys” or not, the decision to put content protection on Blu-Ray discs … Continue reading A Breakdown of Security Analysis with Paul Kocher The post A Breakdown of Security Analysis with Paul Kocher appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

2010-07-2127 min

Cigital » The Silver Bullet Security Podcast with Gary McGraw Startup versus Government Research with Anup GhoshOn the 51st episode of The Silver Bullet Security Podcast, Gary talks with former co-worker Dr. Anup Ghosh. Anup has authored three books on e-commerce security and over 40 peer-reviewed articles and is founder and chief scientist of Invincea. Gary and Anup discuss the difference between working in a startup and in government research, why … Continue reading Startup versus Government Research with Anup Ghosh The post Startup versus Government Research with Anup Ghosh appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

2010-06-2533 min

Cigital » The Silver Bullet Security Podcast with Gary McGraw Lacking Defense in Cyber War with Richard ClarkeOn the landmark 50th episode of Silver Bullet, Gary talks with Richard A. Clarke. Richard Clarke is an internationally-recognized expert on security, including homeland security, national security, cyber security, and counterterrorism. Gary and Dick discuss what needs to change in order for the United States to focus more attention on defense against cyber war (as … Continue reading Lacking Defense in Cyber War with Richard Clarke The post Lacking Defense in Cyber War with Richard Clarke appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

2010-06-0133 min

Cigital » The Silver Bullet Security Podcast with Gary McGraw Imitating the Attackers Prespective with Ivan ArceOn the 49th episode of The Silver Bullet Security Podcast, Gary talks with Ivan Arce, co-founder and CTO of Core Security Technologies. Gary and Ivan discuss whether teaching builders to think like attackers is worthwhile, how living in Argentina both helps and hinders a career in computer security, the current state of embedded systems attacks, … Continue reading Imitating the Attackers Prespective with Ivan Arce The post Imitating the Attackers Prespective with Ivan Arce appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

2010-04-3036 min

Cigital » The Silver Bullet Security Podcast with Gary McGraw Changes in Security Compliance with Andrew JaquithOn the 48th episode of The Silver Bullet Security Podcast, Gary interviews Andrew Jaquith, senior analyst at Forrester. Gary and Andy discuss how security has become overrun by compliance in the biggest change to corporate security in 15 years, the battle between social networking technology use in the workplace (think Twitter, Facebook, AIM…) and security, … Continue reading Changes in Security Compliance with Andrew Jaquith The post Changes in Security Compliance with Andrew Jaquith appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

2010-03-2530 min

Cigital » The Silver Bullet Security Podcast with Gary McGraw A Look Inside Infowar with David RiceOn the bonus-length 46th episode of The Silver Bullet Security Podcast, Gary talks with David Rice, Executive Director of the Monterey Group and author of Geekonomics: The Real Cost of Insecure Software. Gary and David discuss David’s involvement with Infowar at the Naval Postgraduate School and how it impacted his thinking about software, the recent … Continue reading A Look Inside Infowar with David Rice The post A Look Inside Infowar with David Rice appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

2010-01-2736 min

Cigital » The Silver Bullet Security Podcast with Gary McGraw The Common Disregard for Privacy with Lorrie CranorOn the 45th episode of The Silver Bullet Security Podcast, Gary chats with Lorrie Cranor, Associate Professor of Computer Science and Engineering and Public Policy at Carnegie Melon University. Gary and Lorrie discuss how everyday people think about privacy and what we can do to get them to care about it, the relationship between trust … Continue reading The Common Disregard for Privacy with Lorrie Cranor The post The Common Disregard for Privacy with Lorrie Cranor appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

2009-12-1826 min

Cigital » The Silver Bullet Security Podcast with Gary McGraw The History of Network Security with Steve KentOn the 44th episode of The Silver Bullet Security Podcast, Gary talks with Steve Kent, Chief Scientist – Information Security, for BBN Technologies, a division of Raytheon. Gary and Steve discuss the history of network security, secure transport and base Internet protocols, the role of politics in the adoption of security on the Internet, applied … Continue reading The History of Network Security with Steve Kent The post The History of Network Security with Steve Kent appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

2009-11-2532 min

Cigital » The Silver Bullet Security Podcast with Gary McGraw Informatics and Health Security with Gilian HayesOn the 42nd episode of The Silver Bullet Security Podcast, Gary chats with Gillian Hayes, Assistant Professor in Informatics at the Bren School of Information and Computer Sciences at UC Irvine. Gary and Gillian discuss how much people really need to know about security going on behind the scenes, how usability affects the health records … Continue reading Informatics and Health Security with Gilian Hayes The post Informatics and Health Security with Gilian Hayes appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

2009-09-2530 min

Cigital » The Silver Bullet Security Podcast with Gary McGraw Security vs. Reliability with Fred SchneiderOn the 41st episode of The Silver Bullet Security Podcast, Gary talks with Fred Schneider, Samuel B. Eckert Professor of Computer Science at Cornell University and author of Trust in Cyberspace. On the show, Gary and Fred discuss the relationship between security and reliability, diversity as a security mechanism, and the continuum of attack categories … Continue reading Security vs. Reliability with Fred Schneider The post Security vs. Reliability with Fred Schneider appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

2009-08-2131 min

Cigital » The Silver Bullet Security Podcast with Gary McGraw Comparing Security Models with Bob BlakleyFor the 40th episode of The Silver Bullet Security Podcast, Gary interviews Bob Blakley, VP and research director of The Burton Group’s Identity and Privacy Strategies. Gary and Bob discuss the importance of liberal arts degrees, the (over) complications of CORBA security, whether computer security requires a complete shift in approach, cybersecurity and governments, and … Continue reading Comparing Security Models with Bob Blakley The post Comparing Security Models with Bob Blakley appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

2009-07-1725 min

Cigital » The Silver Bullet Security Podcast with Gary McGraw “Cyber Coordinator” defined with Matt BlazeFor the 39th episode of The Silver Bullet Security Podcast, Gary chats with Matt Blaze, Associate Professor of Computer and Information Science at the University of Pennsylvania. Gary and Matt start the show off discussing the Obama administration’s “cyber coordinator” plan and the large number of cyber plans that are never cyber realized. They also … Continue reading “Cyber Coordinator” defined with Matt Blaze The post “Cyber Coordinator” defined with Matt Blaze appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

2009-06-1732 min

Cigital » The Silver Bullet Security Podcast with Gary McGraw The Importance of In-Situ Usability with Kay ConnellyFor the 38th episode of The Silver Bullet Security Podcast, Gary talks privacy with Kay Connelly, Associate Professor of Computer Science at Indiana University and Senior Associate Director of IU’s Center for Applied Cybersecurity Research. Gary and Kay discuss why in situ usability study is important, the E.T.H.O.S. living lab (including the “presence clock” and … Continue reading The Importance of In-Situ Usability with Kay Connelly The post The Importance of In-Situ Usability with Kay Connelly appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

2009-05-1925 min

Cigital » The Silver Bullet Security Podcast with Gary McGraw Changes and Immortality of Security with Virgil GilgorOn the 37th episode of The Silver Bullet Security Podcast, Gary interviews Virgil Gligor, Professor at Carnegie Mellon University in the Department of Electrical and Computer Engineering and co-director of CyLab. Gary and Virgil discuss how information security has changed over the last 35 years, why software security will be with us forever, and how … Continue reading Changes and Immortality of Security with Virgil Gilgor The post Changes and Immortality of Security with Virgil Gilgor appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

2009-04-2127 min

Cigital » The Silver Bullet Security Podcast with Gary McGraw The Birth of the BSIMM with Gary McGrawWe switch things up for this special third anniversary episode of Silver Bullet. This time around, Gary is the victim, being interviewed by James McGovern, Enterprise Architect for The Hartford Financial Services Group, Inc. and OWASP maven. Gary and James discuss the recently released Building Security In Maturity Model, how companies with Software Security Groups … Continue reading The Birth of the BSIMM with Gary McGraw The post The Birth of the BSIMM with Gary McGraw appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

2009-03-1834 min

Cigital » The Silver Bullet Security Podcast with Gary McGraw Show 034 – An Interview with Bill BrennerOn the 34th episode of The Silver Bullet Security Podcast, Gary interviews Bill Brenner, senior editor at CSO Online and CSO Magazine. Gary and Bill discuss how delivering the security message changes based on the audience (executives versus geeks and CSO’s versus CIO’s), the much-exaggerated death of print media, and balancing headline-grabbing sensationalism with solid … Continue reading Show 034 – An Interview with Bill Brenner The post Show 034 – An Interview with Bill Brenner appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

2009-01-1427 min

Cigital » The Silver Bullet Security Podcast with Gary McGraw Show 033 – An Interview with Laurie WilliamsOn the 33rd episode of The Silver Bullet Security Podcast, Gary talks with Laurie Williams, Associate Professor of Computer Science at North Carolina State University. Gary and Laurie discuss Laurie’s nine years at IBM, Agile’s adoption in the commercial space, XP and software security, and what changes Laurie would make to the standard computer science … Continue reading Show 033 – An Interview with Laurie Williams The post Show 033 – An Interview with Laurie Williams appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

2008-12-2223 min

Cigital » The Silver Bullet Security Podcast with Gary McGraw Show 031 – An Interview with Matt BishopOn the 31st episode of The Silver Bullet Security Podcast, Gary talks with Matt Bishop, professor of Computer Science at UC Davis and author of the book Computer Security: Art and Science as well as many peer-reviewed papers. Gary and Matt discuss Matt’s plan to work security analysis and secure coding into a wider computer … Continue reading Show 031 – An Interview with Matt Bishop The post Show 031 – An Interview with Matt Bishop appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

2008-10-2024 min

Cigital » The Silver Bullet Security Podcast with Gary McGraw Show 030 – An Interview with Ken van WykOn the 30th episode of The Silver Bullet Security Podcast, Gary talks with Ken van Wyk, principal and founder of KRvW Associates. Ken was the first employee of CERT and has been an active member of FIRST. Ken and Gary discuss why the discipline of computer science doesn’t learn from failure like mechanical engineering does, … Continue reading Show 030 – An Interview with Ken van Wyk The post Show 030 – An Interview with Ken van Wyk appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

2008-09-2621 min

Cigital » The Silver Bullet Security Podcast with Gary McGraw Show 029 – An Interview with Dennis FisherOn the 29th episode of The Silver Bullet Security Podcast, Gary talks with Dennis Fisher, executive editor of The Security Media Group at TechTarget. Dennis helps run SearchSecurity.com and Information Security Magazine. Gary and Dennis discuss the current “BS factor” in security journalism, shopping at TJ Maxx right after the TJX privacy breach, the state … Continue reading Show 029 – An Interview with Dennis Fisher The post Show 029 – An Interview with Dennis Fisher appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

2008-08-1823 min

Cigital » The Silver Bullet Security Podcast with Gary McGraw Show 027 – An Interview with Gunnar PetersonOn the 27th episode of The Silver Bullet Security Podcast, Gary interviews software security expert Gunnar Peterson, a Managing Principal at Arctec Group. Gary and Gunnar begin with the age-old question, “What is security?” They go on to discuss how Web 2.0 and SOA security is progressing, the big idea behind “federated identity,” whether all … Continue reading Show 027 – An Interview with Gunnar Peterson The post Show 027 – An Interview with Gunnar Peterson appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

2008-06-1827 min

Cigital » The Silver Bullet Security Podcast with Gary McGraw Show 020 – An Interview with Markus JakobssonFor the landmark 20th episode of The Silver Bullet Security Podcast, Gary interviews Markus Jakobsson, soon to be a reseacher at PARC after a stint as an Associate Professor of Informatics and associate director of the Center for Applied Cybersecurity Research at Indiana University. Gary and Markus discuss the difference between academic and corporate research, … Continue reading Show 020 – An Interview with Markus Jakobsson The post Show 020 – An Interview with Markus Jakobsson appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

2007-11-1624 min

Cigital » The Silver Bullet Security Podcast with Gary McGraw The Legitimacy of Mobile Viruses with Mikko HyppönenFor the 19th episode of The Silver Bullet Security Podcast, Gary interviews Mikko Hyppönen, Chief Research Officer at F-Secure. During this show, Gary and Mikko discuss Helsinki and Finnish pronunciation, whether mobile viruses are all hype or a legitimate threat, if the iPhone as a closed system is good or bad for security, and Mikko’s … Continue reading The Legitimacy of Mobile Viruses with Mikko Hyppönen The post The Legitimacy of Mobile Viruses with Mikko Hyppönen appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

2007-10-1822 min

Cigital » The Silver Bullet Security Podcast with Gary McGraw The Importance of Software Testing with Eugene SpaffordOn the 18th episode of The Silver Bullet Security Podcast, Gary talks with Dr. Eugene Spafford, better known as “Spaf.” Spaf is a professor of computer science and Electrical and Computer Engineering at Purdue University and executive director of the Center for Education and Research in Information Assurance and Security (CERIAS). On this episode, Gary … Continue reading The Importance of Software Testing with Eugene Spafford The post The Importance of Software Testing with Eugene Spafford appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

2007-09-2528 min

Cigital » The Silver Bullet Security Podcast with Gary McGraw The ROI of Computer Security with Eric ColeOn the 17th episode of The Silver Bullet Security Podcast, Gary talks with Eric Cole, CEO of Secure Anchor. Eric has written seven books on computer security, including books on steganography and network security. Gary and Eric discuss how to demostrate security ROI in different types of organizations (ranging from government to corporate), the academic … Continue reading The ROI of Computer Security with Eric Cole The post The ROI of Computer Security with Eric Cole appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

2007-08-2429 min

Cigital » The Silver Bullet Security Podcast with Gary McGraw Understanding Exploits with Greg HoglundOn the 16th episode of The Silver Bullet Security Podcast, Gary talks with Greg Hoglund, who runs the popular rootkit.com, CEO of HB Gary, and co-author of Rootkits: Subverting the Windows Kernel and Exploiting Software. In addition to shameless self-promotion of their new book, Exploiting Online Games, Gary and Greg discuss the natural tendency of … Continue reading Understanding Exploits with Greg Hoglund The post Understanding Exploits with Greg Hoglund appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

2007-07-1224 min

Cigital » The Silver Bullet Security Podcast with Gary McGraw Data Privacy Defined with Annie AntónOn the 15th episode of The Silver Bullet Security Podcast, Gary interviews Annie Antón, Associate Professor of Software Engineering at North Carolina State University and director of theprivacyplace.org. During their discussion, Annie and Gary focus on privacy. They start with an attempt to define what “privacy” is in the digital world, moving on to Annie’s … Continue reading Data Privacy Defined with Annie Antón The post Data Privacy Defined with Annie Antón appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

2007-06-1925 min

Cigital » The Silver Bullet Security Podcast with Gary McGraw Security Engineering Described with Ross AndersonOn the 13th episode of The Silver Bullet Security Podcast, Gary chats with Ross Anderson, Professor of Security Engineering at the Computer Laboratory at Cambridge University and author of the book Security Engineering. Gary and Ross discuss the effect of posting his excellent book on the net for free, the simple reasons why most systems … Continue reading Security Engineering Described with Ross Anderson The post Security Engineering Described with Ross Anderson appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

2007-04-1322 min

Cigital » The Silver Bullet Security Podcast with Gary McGraw From Ruralism to Computer Security with Becky BaceOn the 12th episode of The Silver Bullet Security Podcast, Gary talks with Becky Bace, Advisor to Venture Capital firm Trident Capital. Becky spent twelve years at the NSA working on intrusion detection and cryptography from 1984 until 1996, followed by a stint at Los Alamos National Laboratory. Gary and Becky discuss growing up in rural … Continue reading From Ruralism to Computer Security with Becky Bace The post From Ruralism to Computer Security with Becky Bace appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

2007-03-1323 min

Cigital » The Silver Bullet Security Podcast with Gary McGraw Teaching Computer Security with Dorothy DenningOn the 11th episode of The Silver Bullet Security Podcast, Gary talks with Dorothy Denning, a professor in the Department of Defense Analysis at the Naval Postgraduate School. Previously, Dorothy was a distinguished professor at Georgetown University and a professor at Purdue University. Gary and Dorothy discuss Dorothy’s involvement in the Clipper Chip controversy (which … Continue reading Teaching Computer Security with Dorothy Denning The post Teaching Computer Security with Dorothy Denning appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

2007-02-1522 min

Cigital » The Silver Bullet Security Podcast with Gary McGraw Show 008 – An Interview with Brian ChessIn the eighth episode of The Silver Bullet Podcast, Gary talks with Brian Chess, co-founder and chief scientist of Fortify Software. Brian completed his computer science Ph.D. at UC Santa Cruz after several years in the commercial sector. Gary and Brian discuss what commercial developers and academics have to learn from each other, what it’s … Continue reading Show 008 – An Interview with Brian Chess The post Show 008 – An Interview with Brian Chess appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

2006-11-1724 min

Cigital » The Silver Bullet Security Podcast with Gary McGraw Day in The Life of a CSO with John StewartIn the seventh episode of The Silver Bullet Podcast, Gary interviews Cisco Chief Security Officer John Stewart. Gary and John discuss what CSOs do all day, how John got started in computer security, and the infamous Morris Worm from 1988 (which John was deeply involved in while a student at Syracuse). John and Gary also … Continue reading Day in The Life of a CSO with John Stewart The post Day in The Life of a CSO with John Stewart appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

2006-10-2527 min

Cigital » The Silver Bullet Security Podcast with Gary McGraw A Software Security Industry 360 with Dana EppIn the fourth episode of the Silver Bullet Security Podcast, Gary’s guest is Dana Epp, CEO and founder of Scorpion Software. Dana also runs a popular software security blog and is a jazz trumpeter. On this show, Dana and Gary talk about past programming disasters (“code lives forever”), the security implications of systems with ever-increasing … Continue reading A Software Security Industry 360 with Dana Epp The post A Software Security Industry 360 with Dana Epp appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

2006-07-3124 min

Cigital » The Silver Bullet Security Podcast with Gary McGraw The Computer Security Plateau with Marcus RanumIn the third episode of the Silver Bullet Security Podcast, Gary talks with Marcus Ranum, who is an acclaimed security guru widely credited with inventing the proxy firewall. Marcus and Gary discuss why Marcus thinks we’re not making progress in the computer security field, how common sense would help computer security, Richard Feynman, and power … Continue reading The Computer Security Plateau with Marcus Ranum The post The Computer Security Plateau with Marcus Ranum appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

2006-07-1422 min

Cigital » The Silver Bullet Security Podcast with Gary McGraw The Necessities of a Security Practitioner with Dan GeerIn this episode of the Silver Bullet Security Podcast, Gary chats with Dan Geer, Chief Scientist at Verdasys. Dan has a Ph.D. in biostatistics from Harvard. He and Gary discuss the need to understand both technology and business in order to be a good security practitioner, Dan’s paper Cyber Insecurity, his work on Project Athena, … Continue reading The Necessities of a Security Practitioner with Dan Geer The post The Necessities of a Security Practitioner with Dan Geer appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

2006-06-1222 min