PRO+ Premium Content/Information Security magazine

Thank you for joining!
Access your Pro+ Content below.
March 2008

Interview with Macbook Hacker Dino Dai Zovi

Dino Dai Zovi, one of the men behind the MacBook hack at last year's CanSecWest conference, is a respected researcher, and that's just in his spare time. By day, Dai Zovi is a security professional in the financial services industry, where he's knee-deep in the movement toward quantifying risk in an organization. DINO DAI ZOVI What can you share about the risk scoring system you're working on? It's based mainly on the Common Vulnerability Scoring System. I previously had a homebrew system, but I found having things standardized, with vulnerabilities coming pre-rated from vendors, made my life easier. What I really cared about was scoring them for my environment. Doing the research into a vulnerability provided a flexible framework for me to model less specific vulnerabilities, as opposed to specific security product vulnerabilities. It allowed me to model larger vulnerabilities in that same system. Are you seeing security moving toward a risk management function in the financial services community? I've seen a fair amount of ...

Access this PRO+ Content for Free!

By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.

You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

Features in this issue

  • Comparative Product Review: Six Web Application Firewalls

    No longer can security managers focus only on perimeter and host security. The application has become the prime target for hackers. We review six leading Web application firewalls from Barracuda, Bee Ware, Breach Security, Citrix, F5 and Imperva that help deliver your critical apps securely.

Columns in this issue