Security – Software Engineering Daily

Containers have become the unit of infrastructure that many technology stacks deploy to. With the shift to containers, the attack surface of an application has changed, and we need to reconsider our security models; the resource allocation of our containers, the interactions between different containers on a single machine, and the big picture–how the external The post Container Security with Phil Estes appeared first on Software Engineering Daily.

Security for the popular chat application Slack is a major focus for the company. A corporate Slack account is as valuable to a hacker as a corporate email account. In today’s episode, Ryan Huber and I talk through Slack’s approach to security–from philosophical discussions of how to company approaches security to the technical practices of The post Slack Security with Ryan Huber appeared first on Software Engineering Daily.

When the US government hacks its own citizens, The Electronic Frontier Foundation is often the best source of reporting to find out what laws the government has broken. When a change to the privacy policy of Google or Facebook is made, the Electronic Frontier Foundation is the best place to find out how that change The post Electronic Frontier Foundation with Nate Cardozo appeared first on Software Engineering Daily.

When you hear about massive data breaches like the recent ones from LinkedIn, MySpace, or Ashley Madison, how can you find out whether your own data was compromised?   Troy Hunt created the website HaveIBeenPwned.com to answer this question. When a major data breach occurs, Troy acquires a copy of the stolen data and provides The post Data Breaches with Troy Hunt appeared first on Software Engineering Daily.

Call centers are a vulnerable point of attack for large enterprises. Fraud accounts for more than $20 billion in lost money every year, and a significant portion of that fraud is due to customer service representatives being fraudulent social engineering attacks.   Chris Halaschek joins the show today to discuss how Pindrop Security is addressing The post Security and Machine Learning in the Call Center with Pindrop Security’s Chris Halaschek appeared first on Software Engineering Daily.

Every software application has secrets. User passwords and database credentials must be managed carefully, because poor access controls can lead to disaster scenarios. Vault is a tool for secret management, developed at Hashicorp, a company that builds software tools for application delivery and infrastructure management. Seth Vargo is a software engineer and open source advocate The post Secret Management and Vault with Hashicorp’s Seth Vargo appeared first on Software Engineering Daily.

“The three legs of the stool are culture, process, and tooling, and I think process and tooling are the easy ones.” Continue reading… The post Internet of Things and DevOps with Anders Wallgren appeared first on Software Engineering Daily.

“If everyone is going to use TLS, people need to trust their certificate authority, and the way to gain trust is through openness.” Continue reading… The post Let’s Encrypt with Josh Aas appeared first on Software Engineering Daily.

Modern automated attacks using widespread botnets have evolved in sophistication, making cybercrime an increasingly relevant threat in today's internet. Security researchers and organizations have to stay vigilant in this cat-and-mouse game. Shuman Ghosemajumder is the VP of Product at Shape Security, which defends applications from malware and bots. He is the former click fraud czar at Google, and he will be speaking at QCon San Francisco. Continue reading… The post Botnets and Cybercrime with Shuman Ghosemajumder appeared first on Software Engineering Daily.

“If you don’t like what you see sometimes when you look at the world, it’s incumbent on you - you do something about it.” Adrián Lamo is a threat analyst, hacker, and writer. In the early 2000's, Adrián was a hobbyist white-hat hacker, breaking into companies to expose vulnerabilities and fix them. Continue reading… The post Intelligence and National Security with Adrián Lamo appeared first on Software Engineering Daily.

Keybase is an open-source key directory that allows users to encrypt messages and verify identities. Max Krohn is the co-founder of Keybase, and previously co-founded OKCupid and SparkNotes. Continue reading… The post Identity and Encryption with Keybase Founder Max Krohn appeared first on Software Engineering Daily.

"What we learn again and again is that security is less about what you think of, and more about what you didn't think of." Bruce Schneier is a security researcher and author of Data and Goliath. Continue reading… The post Security and Privacy with Bruce Schneier appeared first on Software Engineering Daily.

Automobiles are now computers with security vulnerabilities. Reverse engineers have begun to dissect car security. Craig Smith is the author of The Car Hacker's Handbook and the founder of Theia Labs, a research and consulting firm. Continue reading… The post Car Hacking with Craig Smith appeared first on Software Engineering Daily.