Upgrade to Pro — share decks privately, control downloads, hide ads and more …

BSidesSanFrancisco2011 - Misdirection: The Rise...

Avatar for Brett Hardin Brett Hardin
February 14, 2011
Technology
1
220

BSidesSanFrancisco2011 - Misdirection: The Rise and Fall and Rise of Regulatory Compliance

Avatar for Brett Hardin

Brett Hardin

February 14, 2011
Tweet

More Decks by Brett Hardin

See All by Brett Hardin
Penetration Testing is Stupid - BsidesSF 2013
Avatar for Brett Hardin bretthardin
2
2.2k
Building Your House on Sand
Avatar for Brett Hardin bretthardin
2
1.5k
Bad Version of Builders vs. Breakers
Avatar for Brett Hardin bretthardin
1
76
Builders vs. Breakers - AppSec 2012
Avatar for Brett Hardin bretthardin
2
1.5k
Security the Wrong Way
Avatar for Brett Hardin bretthardin
2
250
Security? Who Cares! - Privacy is Dead
Avatar for Brett Hardin bretthardin
1
180
OWASP - Top 10
Avatar for Brett Hardin bretthardin
0
1k

Other Decks in Technology

See All in Technology
仕様駆動 x Codex で 超効率開発
Avatar for Izumu KUSUNOKI ismk
0
120
開発者から見たLLMの進化 202511
Avatar for Naoki Yoshitake ny7760
1
160
Logik: A Free and Open-source FPGA Toolchain
Avatar for Masanori Ogino omasanori
0
260
QAエンジニアがプロダクト専任で チームの中に入ると。。。?/登壇資料(杉森 太樹)
Avatar for Hacobu hacobu
PRO
0
150
今のコンピュータ、AI にも Web にも 向いていないので 作り直そう!!
Avatar for piacerex piacerex
0
740
Amazon Q Developer CLIをClaude Codeから使うためのベストプラクティスを考えてみた
Avatar for banquet.kuma dar_kuma_san
0
370
Sansan BIが実践する AI on BI とセマンティックレイヤー / data_summit_findy
Avatar for Sansan R&D sansan_randd
0
120
今日から使える AWS Step Functions 小技集 / AWS Step Functions Tips
Avatar for Masanori Yamaguchi kinunori
5
620
コミュニティと共に変化する 私とFusicの8年間
Avatar for MasayaYoshino ayasamind
0
390
メタプログラミングRuby問題集の活用
Avatar for Shinichi Maeshima willnet
1
570
MCP サーバーの基礎から実践レベルの知識まで
Avatar for azukiazusa azukiazusa1
26
13k
AIとの協業で実現!レガシーコードをKotlinらしく生まれ変わらせる実践ガイド
Avatar for ZOZO Developers zozotech
PRO
2
370

Featured

See All Featured
Done Done
Avatar for chrislema chrislema
186
16k
Producing Creativity
Avatar for Steve Smith orderedlist
PRO
348
40k
Making Projects Easy
Avatar for Brett Harned brettharned
120
6.4k
ReactJS: Keep Simple. Everything can be a component!
Avatar for Pedro Nauck pedronauck
666
130k
Visualization
Avatar for Eitan Lees eitanlees
150
16k
Navigating Team Friction
Avatar for Lara Hogan lara
190
15k
Code Review Best Practice
Avatar for Trisha Gee trishagee
72
19k
How to Create Impact in a Changing Tech Landscape [PerfNow 2023]
Avatar for Tammy Everts tammyeverts
55
3.1k
Building Better People: How to give real-time feedback that sticks.
Avatar for Will Jessup wjessup
370
20k
A Tale of Four Properties
Avatar for Chris Coyier chriscoyier
161
23k
The Cult of Friendly URLs
Avatar for Andy Hume andyhume
79
6.7k
CSS Pre-Processors: Stylus, Less & Sass
Avatar for Bermon Painter bermonpainter
359
30k

Transcript

  1. Being Sneaky About Security and Regulations - OR - "Misdirection:

    The Rise and Fall and Rise of Regulatory Compliance" Brett Hardin and Mike Dahn

  2. Who the Hell Are you Two? Mike Dahn @MikD Payment

    Security Guy Brett Hardin @MiscSecurity Application Fixer Author: •  Hacking: The Next Generation •  SpotTheVuln.com •  MiscSecurity.com
  3. None

  4. How Do Regulatory Rules Get Made and The Goals of

    Compliance

  5. Stop Hitting Yourself

  6. None
  7. None
  8. None

  9. Immunization

  10. None
  11. None

  12. Transition.

  13. Black Swans & Data Breaches

  14. None

  15. Real Costs The Placebo Effect of Fear VS.

  16. None
  17. None

  18. Don't make Compliance the End Goal

  19. Transition.

  20. None

  21. Do not focus on the finger or you will miss

    all that heavenly glory [of Regulatory Compliance] Lee (Bruce Lee) Enter the Dragon
  22. None
  23. None
  24. None
  25. None

  26. CISSP

  27. None

  28. Compliance != Security

  29. Out of the Box

  30. THE END