SearchSecurity.com is pleased to partner with the father of software security, Gary McGraw, to feature his monthly Silver Bullet software security podcast, which discusses best practices in software security.
See below to play and download recent episodes!
Silver Bullet podcast episode: An interview with Christian Collberg
July 2013
In this episode, Gary talks with Christian Collberg, Ph.D., Associate Professor of Computer Science at the University of Arizona. Gary and Christian discuss what drew Christian to teaching Computer Security in the United States after living in several other countries, Christian’s book Surreptitious Software, Christian’s opinions on products that purport to offer software protection on mobile devices, and whether software security students should be taught to think like an attacker. They close out their talk with discussion of travel on planet Earth.
Silver Bullet podcast episode: An interview with James Walden
June 2013
In this episode, Gary chats with James Walden, Ph.D., Associate Professor of Computer Science at Northern Kentucky University. Gary and James discuss the progress being made in the field of software security, why there are plenty of top N lists for bugs but none for flaws, the difficulties of teaching how to fix code, the current generation’s outlook on privacy, and security metrics and measurement.
Silver Bullet podcast episode: An interview with Wenyuan Xu
May 2013
In this episode, Gary chats with Wenyuan Xu, Associate Professor in the Department of Computer Science and Engineering at the University of South Carolina. Gary and Wenyuan discuss the differences between American and Chinese technical culture, Wenyuan’s work on automatic meter reading systems, whether electrical engineering is more advanced in terms of design than computer science, and why there are so few women in engineering and computer science. They close out the episode with a discussion of tailgating.
Silver Bullet podcast episode: A discussion with Jim Routh and Scott Matsumoto
April 2013
In this episode, Gary talks mobile security with two guests—Jim Routh, former global head of application security at JP Morgan Chase (and newly-appointed CSO), and Scott Matusmoto, Principal Consultant and head of the mobile security practice at Cigital. All three discuss challenges associated with mobile security and how these challenges are exactly the same as and different than software security concerns from past years. Also discussed is use of new technologies including accelerometers in enhancing security (or compromising privacy), and the effect that massive phone rooting has on security.
Silver Bullet podcast episode: An interview with Hord Tipton
March 2013
In this podcast, Gary chats with W. Hord Tipton, Executive Director of (ISC)2. Gary and Hord discuss how to get into science and engineering when growing up in rural Tennessee, what insight being a nuclear and chemical engineer gives Hord about modern control systems, whether or not certification helps to advance software security, and the benefits of teaching software security to kids.
Silver Bullet podcast episode: An interview with Mark Graff
February 2013
In this podcast, Gary talks with Mark Graff, CISO at NASDAQ OMX. Gary and Mark discuss what a CISO actually does all day, how corporate security posture at NASDAQ compares to the security posture at Lawrence Livermore National Laboratory, Enrico Fermi and the piano tuners (the “Fermi problem”) and how it relates to estimation, and the most surprising cultural difference between the left and right coasts. They close out their conversation with talk about Mark’s favorite poem from the mid-19th century (and it still has a software security connection!).
Silver Bullet podcast episode: An interview with Kevin Fu
January 2013
In this podcast, Gary talks with Kevin Fu, Associate Professor in the EECS Department at the University of Michigan. Gary and Kevin talk about finding advisors and picking a grad school, the security implications of embedded medical devices, the presence of malware in hospital systems, the consumer trend toward analyzing health data, and the issues associated with teaching design analysis to other humans.
24 Apr 2013