A Fully Trained Jedi You Are Not | A Conversation With Adam Shostack | Black Hat 2022 And DEF CON 30 Las Vegas Event Coverage | Redefining CyberSecurity Podcast With Sean Martin And Marco Ciappelli episode artwork

EPISODE · Jul 28, 2022 · 40 MIN

A Fully Trained Jedi You Are Not | A Conversation With Adam Shostack | Black Hat 2022 And DEF CON 30 Las Vegas Event Coverage | Redefining CyberSecurity Podcast With Sean Martin And Marco Ciappelli

from Redefining CyberSecurity · host Sean Martin, ITSPmagazine, Marco Ciappelli, Adam Shostack

While many in the InfoSec industry try to be all things to all people, sometimes that just isn't a winning strategy? What is? Let's have a chat with Adam Shostack to find out.About the session, "A Fully Trained Jedi, You Are Not"As software organizations try to bring security earlier in the development processes, what can or should regular software or operations engineers know about security? Taking as given that we want them to build secure systems, that demands a shared understanding of the security issues that might come up, and agreement on what that body of knowledge might entail. Without this knowledge, they'll keep building insecure systems. With them, we can have fewer recurring problems that are trivially attackable.Training everyone at a firm is expensive. Even if the training content is free, people's time is not. If you have 1,000 people, one hour per person is half a person year (before any overhead). So there is enormous pressure to keep it quick, ensure it meets compliance standards like PCI, and … the actual knowledge we should be conveying is almost an afterthought. We need to design knowledge scaffolding and tiered approaches to learning, and this talk offers a structure and tools to get there.We don't need every developer to be a fully trained Jedi, and we don't have time to train everyone to that level or even as much as we train security champs. So what could we ask everyone to know, and how do we determine what meets that bar?Be sure to catch all of our conversations from Black Hat and DEF CON 2022 at https://www.itspm.ag/bhdc22____________________________GuestAdam ShostackPresident at Shostack & AssociatesOn LinkedIn | https://www.linkedin.com/in/shostack/On Twitter | https://twitter.com/adamshostack____________________________This Episode’s SponsorsCrowdSec | https://itspm.ag/crowdsec-b1vpEdgescan | https://itspm.ag/itspegwebPentera | https://itspm.ag/pentera-tyuw____________________________ResourcesSession | A Fully Trained Jedi, You Are Not: https://www.blackhat.com/us-22/briefings/schedule/#a-fully-trained-jedi-you-are-not-26650____________________________For more Black Hat and DEF CON  Event Coverage podcast and video episodes visit: https://www.itspmagazine.com/black-hat-2022-and-def-con-hacker-summer-camp-las-vegas-usa-cybersecurity-event-and-conference-coverageAre you interested in telling your story in connection with Black Hat and DEF CON by sponsoring our coverage?👉 https://itspm.ag/bhdc22spTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-cybersecurity-podcastAre you interested in sponsoring an ITSPmagazine Channel?👉 https://www.itspmagazine.com/sponsor-the-itspmagazine-podcast-network Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

While many in the InfoSec industry try to be all things to all people, sometimes that just isn't a winning strategy? What is? Let's have a chat with Adam Shostack to find out.

NOW PLAYING

A Fully Trained Jedi You Are Not | A Conversation With Adam Shostack | Black Hat 2022 And DEF CON 30 Las Vegas Event Coverage | Redefining CyberSecurity Podcast With Sean Martin And Marco Ciappelli

0:00 40:22

No transcript for this episode yet

We transcribe on demand. Request one and we'll notify you when it's ready — usually under 10 minutes.

No similar episodes found.

No similar podcasts found.

Frequently Asked Questions

How long is this episode of Redefining CyberSecurity?

This episode is 40 minutes long.

When was this Redefining CyberSecurity episode published?

This episode was published on July 28, 2022.

What is this episode about?

While many in the InfoSec industry try to be all things to all people, sometimes that just isn't a winning strategy? What is? Let's have a chat with Adam Shostack to find out.About the session, "A Fully Trained Jedi, You Are Not"As software...

Can I download this Redefining CyberSecurity episode?

Yes, you can download this episode by clicking the download button on the episode player, or subscribe to the podcast in your preferred podcast app for automatic downloads.
URL copied to clipboard!