The State of Security in 2024
It's About Training
Insights, tools, and best practices to keep your organization and users secure.
It's About Training
Passwords are a poor solution for authenticating users–but none of the alternatives are very good, either. So, what do I use?
The xz Utils attack almost succeeded. Will we be as lucky next time?
Surveying Your Cybersecurity Landscape
Authentication, Backups, Updates, and Least Privilege
Runa Sandvik shares practical lessons on how to build and foster a culture of security across an organization.
Window Snyder says security basics are hard to implement consistently, but they're worth the effort.
Watch highlights covering security, defense, culture, and more. From the O'Reilly Security Conference in New York 2017.
Chris Wysopal explains how defenders can help developers create secure software through coaching, shared code, and services.
Katie Moussouris explains how to turn the forces that resist defense activities into the biggest supporters.
Haroon Meer says a new type of security engineering is taking root, which suggests hope for effective corporate security at enterprise scale.
Fredrick Lee shines a light on the ways security can be allowed into the world to do more.
A survey reveals a deep divide between developer aspirations for security and organizational practices.
Watch highlights covering security, defense, tools, and more. From the O'Reilly Security Conference in Amsterdam 2016.
Marie Moe shares her experience with being the host of a vulnerable medical implant, and why she started a hacking project to investigate the security of her own critical infrastructure.
Benjamin Buchanan explains why successful network intrusion attribution requires a range of skills—management, time, leadership, stress testing, and more.
Katie Moussouris offers insight into starting and running bug bounties.
Phil Stanhope discusses the DDoS attack on Dyn, how attack approaches are evolving, and what you can do about it.
Dan Kaminsky explains why a strong focus on ease of use—for developers, operators, and users—is our only hope for migrating toward a more secure Internet.
Shining a light on this year’s defensive security heroes.
Cory Doctorow says the Electronic Frontier Foundation is fighting for a future where our devices can be configured to do our bidding and where security researchers are always free to tell us what they’ve learned.
Michael Walker explores the results of DARPA’s Cyber Grand Challenge (CGC), a contest to develop first-generation autonomous cyber defense systems.
Watch highlights covering security, defense, tools, and more. From the O'Reilly Security Conference in New York 2016.