Lets face it, security sucks. I’ve been covering the security industry for the past several years. I’ve noticed trends that amaze me to this day. I will focus on three areas of FAIL: 1) Embedded Devices – This is the screaming baby that no one is paying attention to. How do we make it stop crying? 2) SQLi Injection – Injection may be how we got here, and there is lots of injection to go around. We do have vaccinations to help prevent this threat, but who uses those? 3) Patch & Vulnerability Management – Yep, I’m going to say, we’re constantly crapping ourselves. Learn how to change a dirty diaper! Fixing all these problems takes more than just a binky…
Paul Asadoorian is the founder of PaulDotCom (http://pauldotcom.com), an organization responsible for publishing award-winning Podcasts, Blogs and Videos on the topics of information security and hacking. Paul’s day job as the “Product Evangelist” for Tenable Network Security, keeps him busy showcasing cool vulnerability scanning technology through blogs, podcasts and videos. Paul has a background in penetration testing, embedded device hacking, and is the co-author of two books: “WRT54G Ultimate Hacking” and the latest publication titled “Offensive Countermeasures: The Art Of Active Defense”.