BBQ Cyber Security Thoughts……

BBQ Cyber Security Thoughts……

During lockdown, I’ve taken to standing over the BBQ staring at the temperature gauge, lifting the lid occasionally and slow cooking various meats. Given the lockdown situation this provided a focal point for the day; something to attend to for the afternoon. 

360 Mobile Vision - 360mobilevision.com North & South Carolina Security products and Systems Installations for Commercial and Residential - $55 Hourly Rate. ACCESS CONTROL, INTRUSION ALARM, ACCESS CONTROLLED GATES, INTERCOMS AND CCTV INSTALL OR REPAIR 360 Mobile Vision - 360mobilevision.com is committed to excellence in every aspect of our business. We uphold a standard of integrity bound by fairness, honesty and personal responsibility. Our distinction is the quality of service we bring to our customers. Accurate knowledge of our trade combined with ability is what makes us true professionals. Above all, we are watchful of our customers interests, and make their concerns the basis of our business.

When standing there in a mindful stasis things go through your head, these are some of mine…

  • “Software testing Software, who thought that would work?”
  • “Using systems with potential vulnerabilities to discover potential vulnerabilities in systems”
  • “Shift Left would make more sense if development was linear”
  • “The reliance on automation to defend against a human adversary, sounds fair…..💀”
  • “We cant improve what we cant measure; We cant secure what we cant see.”
  • “We accept false positives in scanners (Software getting it wrong) but we don’t accept vulnerabilities (Software getting it wrong).” – Software testing software.
  • “The DevSecOps elephant in the room is “Validation”
  • “Change gives rise to Risk. Change occurs when a system does not change & When a system changes (duh!!)….Over time critical vulnerabilities are discovered. Patches are released. Yesterday I was secure, Today I’ve a Critical Risk. Need to patch/Redeploy. Also….when a system changes: New features deployed, new services exposed, larger attack surface, more exposed, more to attack, more headaches this also gives risk to risk.”

  • “Scale vs Depth – Scanners do scale, Humans “do” depth. – Our enemies “do” depth every time and are focused.”

  • “Automation accuracy is not a strong as human accuracy – Our attackers are humans.”
  • “Shift Left, Shift Right,  Not just pushing left, need to push both directions. Eg A System is live, nothing changes but might be vulnerable tomorrow.” 
  • Shift Left: Prevention. Catch Early. Shift Right: Detection, Vigilance
  • Shift Left: Enable & Assist developers build and deploy secure code & systems. Shift Right: Detect “the next CVE” and also mop-up anything that we missed in pre-prod.
  • We’re protecting our systems against breach by humans, not scanners right!!

BBQ Cyber Security Thoughts……

By admin