Cigital » The Silver Bullet Security Podcast with Gary McGraw show

Cigital » The Silver Bullet Security Podcast with Gary McGraw

Summary: Building Security In

Join Now to Subscribe to this Podcast

Podcasts:

 Show 067 – An Interview with Bill Pugh | File Type: audio/mpeg | Duration: 0:40:20

On the 67th episode of The Silver Bullet Security Podcast, Gary talks with Bill Pugh, professor at the University of Maryland College Park. Gary and Bill discuss the Marmoset and FindBugs projects, how to teach kids to code and whether coding is an innate ability or is something that can be taught. They also geek out regarding Bill’s favorite programming languages for coding and teaching about coding. They also discuss the relationship between coding and fire eating. Bill Pugh Marmoset Dilbert minivan strip Find Bugs David Hovemeyer Find Bugs t-shirt Cliff Click UMD: Fall 2011 CMSC 433 – Programming Language Technologies and Paradigms

 Show 067 – An Interview with Bill Pugh | File Type: audio/mpeg | Duration: 0:40:20

On the 67th episode of The Silver Bullet Security Podcast, Gary talks with Bill Pugh, professor at the University of Maryland College Park. Gary and Bill discuss the Marmoset and FindBugs projects, how to teach kids to code and whether coding is an innate ability or is something that can be taught. They also geek out regarding Bill’s favorite programming languages for coding and teaching about coding. They also discuss the relationship between coding and fire eating. Bill Pugh Marmoset Dilbert minivan strip Find Bugs David Hovemeyer Cliff Click UMD: Fall 2011 CMSC 433 – Programming Language Technologies and Paradigms The post Show 067 – An Interview with Bill Pugh appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw. The post Show 067 – An Interview with Bill Pugh appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

 Show 066 – An Interview with Shari Lawrence Pfleeger | File Type: audio/mpeg | Duration: 0:27:27

On the 66th episode of The Silver Bullet Security Podcast, Gary chats with Shari Lawrence Pfleeger, Director of Research for the Institute for Information Infrastructure Protection at Dartmouth College. Gary and Shari discuss the difference between safety-critical software and security-critical software, why measuring software is hard (security notwithstanding), how to speed up tech transfer, and why there are so few women in computer science. Shari Lawrence Pfleeger Software Engineering: Theory and Practice, 4th edition Many media types live in the land of Twitter, but most regular people don’t by Monica Hesse in the Washington Post My Blackberry’s Not Working!, The One Ronnie The Hours by Michael Cunningham

 Show 066 – An Interview with Shari Lawrence Pfleeger | File Type: audio/mpeg | Duration: 0:27:27

On the 66th episode of The Silver Bullet Security Podcast, Gary chats with Shari Lawrence Pfleeger, Director of Research for the Institute for Information Infrastructure Protection at Dartmouth College. Gary and Shari discuss the difference between safety-critical software and security-critical software, why measuring software is hard (security notwithstanding), how to speed up tech transfer, and why there are so few women in computer science. Software Engineering: Theory and Practice, 4th edition Many media types live in the land of Twitter, but most regular people don’t by Monica Hesse in the Washington Post My Blackberry’s Not Working!, The One Ronnie The Hours by Michael Cunningham The post Show 066 – An Interview with Shari Lawrence Pfleeger appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw. The post Show 066 – An Interview with Shari Lawrence Pfleeger appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

 Show 065 – An Interview with Giovanni Vigna | File Type: audio/mpeg | Duration: 0:30:43

On the 65th episode of The Silver Bullet Security Podcast, Gary is joined by Giovanni Vigna, professor of Computer Science at UC Santa Barbara. They discuss DEFCON’s classic Capture the Flag contest as well as UCSB’s international version. They ponder how the notion of “build security in” might be integrated into a CTF-type contest. Gary and Giovanni also talk about Giovanni’s favorite course to teach, the challenge of communicating security issues with non-technical people, and the role of blackbox testing in security. They close out the show discussing how to teach a toddler to pick locks. Giovanni at UCSB Internatonal Capture the Flag Building Versus Breaking: A White Hat goes to Blackhat

 Show 065 – An Interview with Giovanni Vigna | File Type: audio/mpeg | Duration: 0:30:43

On the 65th episode of The Silver Bullet Security Podcast, Gary is joined by Giovanni Vigna, professor of Computer Science at UC Santa Barbara. They discuss DEFCON’s classic Capture the Flag contest as well as UCSB’s international version. They ponder how the notion of “build security in” might be integrated into a CTF-type contest. Gary and Giovanni also talk about Giovanni’s favorite course to teach, the challenge of communicating security issues with non-technical people, and the role of blackbox testing in security. They close out the show discussing how to teach a toddler to pick locks. Giovanni at UCSB Internatonal Capture the Flag Building Versus Breaking: A White Hat goes to Blackhat The post Show 065 – An Interview with Giovanni Vigna appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw. The post Show 065 – An Interview with Giovanni Vigna appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

 Show 064 – An Interview with Markus Schumacher | File Type: audio/mpeg | Duration: 0:21:47

On the 64th episode of The Silver Bullet Security Podcast, Gary chats with Markus Schumacher, co-founder and CEO of Virtual Forge. Gary and Markus discuss the difference between working for a large corporate and a startup, why Virtual Forge built a code scanning tool for SAP’s ABAP code, whether security people understand the notion of security patterns, and Markus’ favorite beverage in Heidelberg. Virtual Forge Security Patterns, the site Security Patterns, the book Technology Transfer: A Software Security Marketplace Case Study, (IEEE Software, September/October 2011) Print Media Lounge Recipe for a Liberal (the drink) Out of Damage, Markus’ band

 Show 064 – An Interview with Markus Schumacher | File Type: audio/mpeg | Duration: 0:21:47

On the 64th episode of The Silver Bullet Security Podcast, Gary chats with Markus Schumacher, co-founder and CEO of Virtual Forge. Gary and Markus discuss the difference between working for a large corporate and a startup, why Virtual Forge built a code scanning tool for SAP’s ABAP code, whether security people understand the notion of security patterns, and Markus’ favorite beverage in Heidelberg. Virtual Forge Security Patterns, the site Security Patterns, the book Technology Transfer: A Software Security Marketplace Case Study, (IEEE Software, September/October 2011) Print Media Lounge Recipe for a Liberal (the drink) The post Show 064 – An Interview with Markus Schumacher appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw. The post Show 064 – An Interview with Markus Schumacher appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

 Show 063 – An Interview with Craig Miller | File Type: audio/mpeg | Duration: 0:32:54

On the 63rd episode of The Silver Bullet Security Podcast, Gary talks with Craig Miller, principal at the MAPA Group. Gary and Craig discuss entrepreneurship, the pluses and minuses of working for start-ups and very large corporations, smart grid security, and working with NRECA. They close out the show discussing movies and books. Dr. Craig Miller MAPA Group SAIC Smart grid NRECA NERC Continuous improvement On the Waterfront Moby Dick

 Show 063 – An Interview with Craig Miller | File Type: audio/mpeg | Duration: 0:32:54

On the 63rd episode of The Silver Bullet Security Podcast, Gary talks with Craig Miller, principal at the MAPA Group. Gary and Craig discuss entrepreneurship, the pluses and minuses of working for start-ups and very large corporations, smart grid security, and working with NRECA. They close out the show discussing movies and books. Dr. Craig Miller MAPA Group SAIC Smart grid NRECA NERC Continuous improvement On the Waterfront The post Show 063 – An Interview with Craig Miller appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw. The post Show 063 – An Interview with Craig Miller appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

 Show 062 – An Interview with Halvar Flake | File Type: audio/mpeg | Duration: 0:30:30

On the 62nd episode of The Silver Bullet Security Podcast, Gary chats with Halvar Flake (a.k.a. Thomas Dullien), founder of reverse engineering consultancy, Zynamics, which was recently purchased by Google. Gary and Halvar discuss the acquisition, Zynamics’ product BinDiff, whether the “bad guys” are using code understanding tools (including decompilers) better than developers, static versus dynamic analysis, international politics meets computer security, and the growing complexity of malware. They close out with a discussion of music. ADD / XOR / ROL – Halvar’s blog @halvarflake US Denies Entry (2007) Cyber Warmongering and Influence Peddling (November 24, 2010) Google’s purchase of Zynamics BinDiff Silver Bullet #41: Fred Schneider Silver Bullet #46: David Rice

 Show 062 – An Interview with Halvar Flake | File Type: audio/mpeg | Duration: 0:30:30

On the 62nd episode of The Silver Bullet Security Podcast, Gary chats with Halvar Flake (a.k.a. Thomas Dullien), founder of reverse engineering consultancy, Zynamics, which was recently purchased by Google. Gary and Halvar discuss the acquisition, Zynamics’ product BinDiff, whether the “bad guys” are using code understanding tools (including decompilers) better than developers, static versus dynamic analysis, international politics meets computer security, and the growing complexity of malware. They close out with a discussion of music. ADD / XOR / ROL – Halvar’s blog @halvarflake Cyber Warmongering and Influence Peddling (November 24, 2010) Google’s purchase of Zynamics BinDiff Silver Bullet #41: Fred Schneider Silver Bullet #46: David Rice The post Show 062 – An Interview with Halvar Flake appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw. The post Show 062 – An Interview with Halvar Flake appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

 Show 061 – An Interview with Carl Landwehr | File Type: audio/mpeg | Duration: 0:27:27

On the 61st episode of The Silver Bullet Security Podcast, Gary talks with Carl Landwehr, Director of Trustworthy Computing at the National Science Foundation and a Senior Research Scientist at the Institute for Systems Research within the University of Maryland. Gary and Carl discuss the most important changes in information security that have developed over the course of Carl’s career, the academic perspective of the state of commercial computer security, how to balance security and privacy, and the reason behind the leaking of government documents to Wikileaks. They close out the episode discussing books. National Science Foundation Silver Bullet #46: David Rice

 Show 061 – An Interview with Carl Landwehr | File Type: audio/mpeg | Duration: 0:27:27

On the 61st episode of The Silver Bullet Security Podcast, Gary talks with Carl Landwehr, Director of Trustworthy Computing at the National Science Foundation and a Senior Research Scientist at the Institute for Systems Research within the University of Maryland. Gary and Carl discuss the most important changes in information security that have developed over the course of Carl’s career, the academic perspective of the state of commercial computer security, how to balance security and privacy, and the reason behind the leaking of government documents to Wikileaks. They close out the episode discussing books. National Science Foundation Silver Bullet #46: David Rice The post Show 061 – An Interview with Carl Landwehr appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw. The post Show 061 – An Interview with Carl Landwehr appeared first on Cigital » The Silver Bullet Security Podcast with Gary McGraw.

 Show 060 – An Interview with Neil Daswani | File Type: audio/mpeg | Duration: 0:29:32

On the 5th anniversary, 60th episode of The Silver Bullet Security Podcast, Gary talks with Neil Daswani, CTO and co-founder of Dasient. Gary and Neil discuss Neil’s previous work at Google and how the “start-up like” atmosphere at Google compares with an actual start-up. They also discuss bad ads (aka malvertising), Clickbot.A, the software security related emphasis on testing at Google, and sushi in San Jose. Neil Daswani Dasient Q4 2010 Malware Update Certifiable, McGraw on Software Security Certification for darkreading (May 9, 2007) The Anatomy of Clickbot.A [PDF] Stanford Advanced Security Certification Program Tomo Sushi

Comments

Login or signup comment.