$30 off During Our Annual Pro Sale. View Details »

BSidesSanFrancisco2011 - Misdirection: The Rise...

Avatar for Brett Hardin Brett Hardin
February 14, 2011
Technology
1
230

BSidesSanFrancisco2011 - Misdirection: The Rise and Fall and Rise of Regulatory Compliance

Avatar for Brett Hardin

Brett Hardin

February 14, 2011
Tweet

More Decks by Brett Hardin

See All by Brett Hardin
Penetration Testing is Stupid - BsidesSF 2013
Avatar for Brett Hardin bretthardin
2
2.2k
Building Your House on Sand
Avatar for Brett Hardin bretthardin
2
1.5k
Bad Version of Builders vs. Breakers
Avatar for Brett Hardin bretthardin
1
76
Builders vs. Breakers - AppSec 2012
Avatar for Brett Hardin bretthardin
2
1.5k
Security the Wrong Way
Avatar for Brett Hardin bretthardin
2
250
Security? Who Cares! - Privacy is Dead
Avatar for Brett Hardin bretthardin
1
190
OWASP - Top 10
Avatar for Brett Hardin bretthardin
0
1.1k

Other Decks in Technology

See All in Technology
「え?!それ今ではHTMLだけでできるの!?」驚きの進化を遂げたモダンHTML
Avatar for Riya Amemiya riyaamemiya
2
800
Modern Data Stack大好きマンが語るSnowflakeの魅力
Avatar for Sagara sagara
0
210
MS Ignite 2025で発表されたFoundry IQをRecap
Avatar for Akira Sato satodayo
2
190
LangChain v1.0にトライ~ AIエージェントアプリの移行(v0.3 → v1.0) ~
Avatar for コロッケそば happysamurai294
0
140
Excelデータ分析で学ぶディメンショナルモデリング ~アジャイルデータモデリングへ向けて~ by @Kazaneya_PR / 20251126
Avatar for 風音屋 (Kazaneya) kazaneya
PRO
3
770
オープンデータの内製化から分かったGISデータを巡る行政の課題
Avatar for 室木直樹 naokim84
2
1.3k
useEffectってなんで非推奨みたいなこと言われてるの?
Avatar for マグロ隊長kinTV maguroalternative
9
5.9k
今すぐGoogle Antigravityを触りましょう
Avatar for ryu rfdnxbro
0
250
セキュリティAIエージェントの現在と未来 / PSS #2 Takumi Session
Avatar for GMO Flatt Security flatt_security
1
220
Pandocでmd→pptx便利すぎワロタwww
Avatar for meow meow_noisy
2
1.1k
AI開発の定着を推進するために揃えるべき前提
Avatar for Suguru Ohki suguruooki
1
460
Bill One 開発エンジニア 紹介資料
Avatar for Sansan, Inc. sansan33
PRO
4
15k

Featured

See All Featured
Keith and Marios Guide to Fast Websites
Avatar for Keith Pitt keithpitt
413
23k
Measuring & Analyzing Core Web Vitals
Avatar for Philip Tellis bluesmoon
9
690
Learning to Love Humans: Emotional Interface Design
Avatar for Aarron Walter aarron
274
41k
The Cost Of JavaScript in 2023
Avatar for Addy Osmani addyosmani
55
9.3k
Six Lessons from altMBA
Avatar for Skipper Chong Warson skipperchong
29
4.1k
GitHub's CSS Performance
Avatar for Jon Rohan jonrohan
1032
470k
KATA
Avatar for Megan Lloyd mclloyd
PRO
32
15k
"I'm Feeling Lucky" - Building Great Search Experiences for Today's Users (#IAC19)
Avatar for Dan Newman danielanewman
231
22k
Building Flexible Design Systems
Avatar for Yesenia Perez-Cruz yeseniaperezcruz
329
39k
Reflections from 52 weeks, 52 projects
Avatar for Jefferson Lam jeffersonlam
355
21k
Fantastic passwords and where to find them - at NoRuKo
Avatar for Phil Nash philnash
52
3.5k
The World Runs on Bad Software
Avatar for Brandon Keepers bkeepers
PRO
72
12k

Transcript

  1. Being Sneaky About Security and Regulations - OR - "Misdirection:

    The Rise and Fall and Rise of Regulatory Compliance" Brett Hardin and Mike Dahn

  2. Who the Hell Are you Two? Mike Dahn @MikD Payment

    Security Guy Brett Hardin @MiscSecurity Application Fixer Author: •  Hacking: The Next Generation •  SpotTheVuln.com •  MiscSecurity.com
  3. None

  4. How Do Regulatory Rules Get Made and The Goals of

    Compliance

  5. Stop Hitting Yourself

  6. None
  7. None
  8. None

  9. Immunization

  10. None
  11. None

  12. Transition.

  13. Black Swans & Data Breaches

  14. None

  15. Real Costs The Placebo Effect of Fear VS.

  16. None
  17. None

  18. Don't make Compliance the End Goal

  19. Transition.

  20. None

  21. Do not focus on the finger or you will miss

    all that heavenly glory [of Regulatory Compliance] Lee (Bruce Lee) Enter the Dragon
  22. None
  23. None
  24. None
  25. None

  26. CISSP

  27. None

  28. Compliance != Security

  29. Out of the Box

  30. THE END