End of year, end of decade
Are things better than 10 years ago? 5 years ago?
If there was one thing to change things for the better, what would that be?
Good, Bad, Ugly
Did naming vulns make things better?
Which industries are doing a good job of securing themselves? Finance?
What do you wished never happened (security/compliance wise)?
Ransomware infections with no bounties
Still have people believing “Nessus” is a pentest
Bryan: The rise of the vetting programs (Companies will want to vet content creators in their eco-systems)
Cybuck: An uptick in surveillance tech; both disguised as cool home smart gadgets and straight up public safety. Triggering a US GDPR type response.
Injection remains as the undisputed heavyweight champion of app sec vulnerability (OWASP top 10). And wishful thinking...broken authentication moves lower, denial of service goes down. https://twitter.com/WeldPond/status/1207383327491137536/photo/1
JB: a major change in social media/generational shift in how we use it, legal or focus on new types of mobile tech for example… Human networking in real-life in the age of ‘social’ ….“When you hire someone… you also hire their rolodex” --- what do you think about this statement? ..it’s role in InfoSec? Talent?
JB- shouted out https://github.com/redcanaryco/atomic-red-team (Invoke-Atomic framework with powershell now on Linux, OSX, and Windows)
JB - Link to hunting/stopping-human-trafficing org i mentioned :
Sherrie Caltagirone, Executive Director, Global Emancipation Network @GblEmancipation
Talk about where you were 10 years ago, and what you did to get where you are?
Best Hacking tool?
Best Enterprise Tool?
News Stories from 2010 (see if they still make sense, or outdated)