ILTA Voices
Episodes
Friday Sep 23, 2022
Protecting Your Custom Software-Security Scanning and Runtime
Friday Sep 23, 2022
Friday Sep 23, 2022
This podcast reviews the various categories of vulnerability tools that should be used against custom software web applications and describe a couple of the vendors in each space. The types of scanners that will be covered include Dynamic Application Security Testing (DAST), Static Application Security Testing (SAST), Software Composition Analysis (SCA), Interactive Application Security Testing (IAST), and hiring a company to perform penetration testsQuestions that Corey will ask speaker:• What is the state of web application vulnerability testing tools today?• If you are on a tight budget, where would you consider using open source solutions over vendor offerings?• Is there a scanning category where you would not compromise, and absolutely would use a vendor solution? If so, why?• What are some of the limitations that people should be aware of when using various vendor scanning tools?• How has deploying web applications in a cloud infrastructure changed web application scanning?Moderator:@Corey Reitz - Distinguished Cyber Assurance Architect, Sandia National Laboratories
Speaker:Atahan Bozdag - Director of Information Security,MedeAnalytics Recorded on 09-23-2022
Thursday Oct 21, 2021
Common Security Worst Practices
Thursday Oct 21, 2021
Thursday Oct 21, 2021
This topic was one of ILTACON 2021's most popular conference sessions, and as security is a concern to many the original panel has reunited for a follow-up podcast.
Security is complex and when left without robust resources of money, knowledge, and people we sometimes revert to the ostrich head in the sand approach. Even though we try to do our best, we sometimes fall into bad habits.This podcast session is the opposite of sharing best practices . . . we will call out the absolute worst mistakes. Without mentioning any entity or name, we will discuss the criticality of certain practices. Our goal is to give you the opportunity to walk away with a private GOLD STAR or perhaps the feeling of "oh no, I do that and better fix that" without having to admit it to your peers.Moderator:@Corey Reitz - Cyber Assurance Architect, Sandia National LaboratoriesSpeakers: @James McKenna - Chief Information Officer, Fenwick & West LLPMelodi (Mel) Gates - Senior Legal Editor, Privacy & Data Security, Thomson Reuters@Rebecca Sattin - Chief Information Officer, Worldox@Robinson Roca - Practice Lead, Infrastructure Services, Helient Systems LLC@Heather Morrow -Director, Project Management & Training, Loeb & Loeb LLP.Recorded on 10-21-2021
Monday May 17, 2021
Houston - We Have a Vulnerability! Now What?
Monday May 17, 2021
Monday May 17, 2021
You’ve received an alert that you have a critical vulnerability within your environment. Now what? Is relying on the alerted risk rating and score sufficient? In this podcast session, the speaker will discuss what needs to be done after the vulnerability has been identified to assist you in understanding the risk to your firm and ensuring the risks are dealt with appropriately and in accordance with your firms risk management strategy.Moderator:@David Whale - Director Information Security , Fasken Martineau Dumoulin LLPSpeaker:Jon Rohrich - Cybersecurity Technical Architect, Microsoft
Recorded on 5-17-2021
Tuesday Aug 13, 2013
Emerging Tech Spotlight on Server Operations & Security
Tuesday Aug 13, 2013
Tuesday Aug 13, 2013
Listen
to this monthly series of podcasts from the Emerging Technologies Peer Group.
Each
month Lance Rea and Mark Manoukian have a conversation with the peer group of
the month. This month's spotlight is on the Server Operation & Security
Peer Group. Steven Shock, Chief Technology Officer at Irell & Manella LLP
and Jamie Herman, Manager of Information Security at Ropes & Gray talk
about issues and initiatives in the server operations and security space.
Format is conversational and touches on a number of different topics.