Upgrade to Pro — share decks privately, control downloads, hide ads and more …

BSidesSanFrancisco2011 - Misdirection: The Rise...

Avatar for Brett Hardin Brett Hardin
February 14, 2011
Technology
1
220

BSidesSanFrancisco2011 - Misdirection: The Rise and Fall and Rise of Regulatory Compliance

Avatar for Brett Hardin

Brett Hardin

February 14, 2011
Tweet

More Decks by Brett Hardin

See All by Brett Hardin
Penetration Testing is Stupid - BsidesSF 2013
Avatar for Brett Hardin bretthardin
2
2.2k
Building Your House on Sand
Avatar for Brett Hardin bretthardin
2
1.5k
Bad Version of Builders vs. Breakers
Avatar for Brett Hardin bretthardin
1
74
Builders vs. Breakers - AppSec 2012
Avatar for Brett Hardin bretthardin
2
1.5k
Security the Wrong Way
Avatar for Brett Hardin bretthardin
2
250
Security? Who Cares! - Privacy is Dead
Avatar for Brett Hardin bretthardin
1
180
OWASP - Top 10
Avatar for Brett Hardin bretthardin
0
1k

Other Decks in Technology

See All in Technology
「使い方教えて」「事例教えて」じゃもう遅い! Microsoft 365 Copilot を触り倒そう!
Avatar for Taichi Nakamura taichinakamura
0
450
LLMアプリの地上戦開発計画と運用実践 / 2025.10.15 GPU UNITE 2025
Avatar for Shumpei Miyawaki smiyawaki0820
1
660
CoRL 2025 Survey
Avatar for Haruki Abe harukiabe
1
220
コンテキストエンジニアリング入門〜AI Coding Agent作りで学ぶ文脈設計〜
Avatar for KNOWLEDGE WORK / 株式会社ナレッジワーク kworkdev
PRO
3
1.9k
Contract One Engineering Unit 紹介資料
Avatar for Sansan, Inc. sansan33
PRO
0
8.9k
Codexとも仲良く。CodeRabbit CLIの紹介
Avatar for Atsushi Nakatsugawa moongift
PRO
1
250
Azureコストと向き合った、4年半のリアル / Four and a half years of dealing with Azure costs
Avatar for AEON aeonpeople
1
210
Introduction to Sansan for Engineers / エンジニア向け会社紹介
Avatar for Sansan, Inc. sansan33
PRO
5
43k
HonoとJSXを使って管理画面をサクッと型安全に作ろう
Avatar for morimorikochan diggymo
0
130
AI-Readyを目指した非構造化データのメダリオンアーキテクチャ
Avatar for R-Miura r_miura
1
170
Wasmのエコシステムを使った ツール作成方法
Avatar for asuka askua
0
220
LLMプロダクトの信頼性を上げるには?LLM Observabilityによる、対話型音声AIアプリケーションの安定運用
Avatar for 株式会社IVRy(社員登壇資料) ivry_presentationmaterials
0
600

Featured

See All Featured
Done Done
Avatar for chrislema chrislema
185
16k
For a Future-Friendly Web
Avatar for Brad Frost brad_frost
180
10k
Designing Experiences People Love
Avatar for Jonathan Moore moore
142
24k
The Cost Of JavaScript in 2023
Avatar for Addy Osmani addyosmani
55
9k
The Power of CSS Pseudo Elements
Avatar for Geoffrey Crofte geoffreycrofte
79
6k
The Art of Delivering Value - GDevCon NA Keynote
Avatar for David Neal reverentgeek
16
1.7k
GraphQLとの向き合い方2022年版
Avatar for Yosuke Kurami quramy
49
14k
The Psychology of Web Performance [Beyond Tellerrand 2023]
Avatar for Tammy Everts tammyeverts
49
3.1k
Responsive Adventures: Dirty Tricks From The Dark Corners of Front-End
Avatar for Vitaly Friedman smashingmag
253
22k
GraphQLの誤解/rethinking-graphql
Avatar for sonatard sonatard
73
11k
StorybookのUI Testing Handbookを読んだ
Avatar for Shingo Yamazaki zakiyama
31
6.2k
The World Runs on Bad Software
Avatar for Brandon Keepers bkeepers
PRO
72
11k

Transcript

  1. Being Sneaky About Security and Regulations - OR - "Misdirection:

    The Rise and Fall and Rise of Regulatory Compliance" Brett Hardin and Mike Dahn

  2. Who the Hell Are you Two? Mike Dahn @MikD Payment

    Security Guy Brett Hardin @MiscSecurity Application Fixer Author: •  Hacking: The Next Generation •  SpotTheVuln.com •  MiscSecurity.com
  3. None

  4. How Do Regulatory Rules Get Made and The Goals of

    Compliance

  5. Stop Hitting Yourself

  6. None
  7. None
  8. None

  9. Immunization

  10. None
  11. None

  12. Transition.

  13. Black Swans & Data Breaches

  14. None

  15. Real Costs The Placebo Effect of Fear VS.

  16. None
  17. None

  18. Don't make Compliance the End Goal

  19. Transition.

  20. None

  21. Do not focus on the finger or you will miss

    all that heavenly glory [of Regulatory Compliance] Lee (Bruce Lee) Enter the Dragon
  22. None
  23. None
  24. None
  25. None

  26. CISSP

  27. None

  28. Compliance != Security

  29. Out of the Box

  30. THE END