League of Extraordinary Defenders
Announcing the inaugural program committee for the O’Reilly Security conferences.
Security
Insights, tools, and best practices to keep your organization and users secure.
Security as a vector, not a point
The new O’Reilly Security conferences will unite in-the-trenches defensive security practitioners and provide a forum for sharing concrete solutions.
IoT security is your business
Why leaders need to carefully evaluate the cost of keeping IoT networks safe.
Navigating statistical data and common sense
An informed approach to consuming popular infosec research.
Intro to Hadoop security: Role assignments and gateway isolation
Learn the hands-on basics of securing a Hadoop cluster in AWS in this video excerpt.
Not all data is created equal
Some of the most profitable decisions are made by combining data in novel ways, but creative combinations of data can also spawn unknown risks. Learn how your organization can balance risk and reward in a data-driven economy.
Trusted vs trustworthy
Knowing the difference between trusted and trustworthy is fundamental to understanding how to build secure software. In this exclusive video excerpt from Introduction to Secure Software, Brian Sletten explains the browser's transitive trust model.
A data-centric approach to security monitoring
Learn how to understand the threats you face by collecting, mining, organizing, and analyzing as many relevant data sources as possible. Excerpt from Crafting the InfoSec Playbook.
Securing the cloud through industry consensus
Creating security leading practices for Amazon Web Services.
How to rethink security risk analysis
Why formulating the right kind of question is crucial to measuring risk.
What is good enough security?
Finding appropriate levels of security.
Who are the bad guys and what do they want?
Understand and defend against the many faces of cyber crime.
If you’re not worried about your DNS security then you don’t understand the problem
The “Golem” bug underscores the complex interdependencies associated with DNS.
Stranger danger: Tracking vulnerabilities in your third-party code
This talk introduces Snyk Stranger, a tool that helps you track and control third-party code and security concerns.
Managing secrets at scale
Learn about the core operations and key principles that make up a good secret management system.
The value of operations security
Good security policies do not guarantee protection against attacks. Learn why you need a strong operations security team to implement security measures.
Building better defenses
Announcing the O’Reilly Security Conference, Oct. 31-Nov. 2 in New York City and Nov. 9-11 in Amsterdam.
Delivering security: Faster, better, cheaper
The engineering principles inherent to DevOps and continuous deployment provide the groundwork for a number effective security mechanisms.
InfoSec vs the cyber people
"Cyber" this and "cyber" that may seem tedious, but it's time to treat cyber security as a meta-field overlaying information security.
Building an AppSec pipeline: Keeping your program, and your life, sane
This talk explores the motivation behind Pearson's AppSec pipeline, its implementation, and tips for getting the most from your own AppSec program.
The nature of the IoT and its implications on privacy, security, and society
In this webcast presentation, Gilad Rosner explores how the Internet of Things impacts privacy and, by extension, what it means for society.
Safeguarding the IoT: Designing security from the ground up
Hugo Fiennes examines key aspects of building and deploying secure Internet of Things devices, including hardware security, link security, identity, device updating, and servers, and more.
Securely enabling our future—a conversation on upcoming attack vectors
With our dependence on IoT devices expected to skyrocket, it's critical to consider plausible scenarios of attacks based upon our understanding of how these devices will serve our needs in the future.
In the age of connected devices, will our privacy regulations be good enough?
Controversial ideas for privacy protection.