How do you build a community? You have to build Trust first. Ethan Banks gave a great talk on Trust at Security Field Day and Tom Hollingsworth gives some thoughts on what this means.
Changing your passwords frequently is the best way to keep accounts secure, right? Or does frequently changing passwords cause users to lean on easily predictable patterns that ultimately make things less secure? The roundtable discusses what the best approach is, whether two-factor authentication changes your approach, and what changes when considering personal vs organizational passwords.
Inevitably when companies explore the prospect of microsegmentation, a common question arises. Why bother using a firewall at the hypervisor level when the VMs themselves have a host based firewall built into the OS or you could just use a hardware firewall to segment workloads?
Managing infrastructure is hard enough. But in today’s world of cloud computing it can be tough to manage constructs that live for seconds instead of persisting. How can you keep a handle on it all. Confidentially, the best way is with Aporeto. Tom Hollingsworth discusses the power of identity management for workloads in this post.
WPA3 is the new wireless authentication protocol just around the corner. It’s being developed to fix some of the issues with the ancient WPA2 protocol. But what about open encryption? Why don’t we just run everything over SSL and save time? Tom Hollingsworth examines the need for WPA3 with OWE and why TLS alone isn’t going to work.
Security is a complicated thing to deal with in the modern world. What we need now more than anything is education about what we face. Tom Hollingsworth takes a look at some of the things that impact our secure world and an upcoming event that can shed some light on how to face those challenges.
Tom Hollingsworth and Jack Daniel discussed the biggest challenge in becoming a part of the security community today: agreeing to disagree. One of the negative aspects of social media and hyper connectivity is the new frame of mind that people have a position and will fight and shout for it without compromise. While that does have a time and place, it is not contributing to a healthy debate in the security community or other technology communities either.