Upgrade to Pro — share decks privately, control downloads, hide ads and more …

BSidesSanFrancisco2011 - Misdirection: The Rise...

Avatar for Brett Hardin Brett Hardin
February 14, 2011
Technology
1
220

BSidesSanFrancisco2011 - Misdirection: The Rise and Fall and Rise of Regulatory Compliance

Avatar for Brett Hardin

Brett Hardin

February 14, 2011
Tweet

More Decks by Brett Hardin

See All by Brett Hardin
Penetration Testing is Stupid - BsidesSF 2013
Avatar for Brett Hardin bretthardin
2
2.2k
Building Your House on Sand
Avatar for Brett Hardin bretthardin
2
1.5k
Bad Version of Builders vs. Breakers
Avatar for Brett Hardin bretthardin
1
74
Builders vs. Breakers - AppSec 2012
Avatar for Brett Hardin bretthardin
2
1.5k
Security the Wrong Way
Avatar for Brett Hardin bretthardin
2
250
Security? Who Cares! - Privacy is Dead
Avatar for Brett Hardin bretthardin
1
180
OWASP - Top 10
Avatar for Brett Hardin bretthardin
0
1k

Other Decks in Technology

See All in Technology
薬屋のひとりごとにみるトラブルシューティング
Avatar for tomokusaba tomokusaba
0
380
開発 × 生成AI × コミュニケーション:GENDAの開発現場で感じたコミュニケーションの変化 / GENDA Tech Talk #1
Avatar for GENDA genda
0
280
リリース2ヶ月で収益化した話
Avatar for Ken.T kent_code3
1
310
Amazon Qで2Dゲームを作成してみた
Avatar for Siromi siromi
0
160
o11yツールを乗り換えた話
Avatar for tak0x00 tak0x00
2
1.6k
Exadata Database Service on Dedicated Infrastructure セキュリティ、ネットワーク、および管理について
Avatar for oracle4engineer oracle4engineer
PRO
0
290
Infrastructure as Prompt実装記 〜Bedrock AgentCoreで作る自然言語インフラエージェント〜
Avatar for Yusuke Shimizu yusukeshimizu
1
150
Serverless Meetup #21
Avatar for 吉田真吾 yoshidashingo
1
130
React Server ComponentsでAPI不要の開発体験
Avatar for polidog polidog
PRO
0
330
Kiroでインフラ要件定義~テスト
 を実施してみた
Avatar for nagisa_53 nagisa53
3
380
メルカリIBIS:AIが拓く次世代インシデント対応
Avatar for ktykogm 0gm
2
280
JAWS AI/ML #30 AI コーディング IDE "Kiro" を触ってみよう
Avatar for Riku INADA inariku
3
390

Featured

See All Featured
The Illustrated Children's Guide to Kubernetes
Avatar for Chris Short chrisshort
48
50k
The Art of Delivering Value - GDevCon NA Keynote
Avatar for David Neal reverentgeek
15
1.6k
Designing for humans not robots
Avatar for Tammie Lister tammielis
253
25k
The Straight Up "How To Draw Better" Workshop
Avatar for Dennis Kardys denniskardys
235
140k
Being A Developer After 40
Avatar for Adrian Kosmaczewski akosma
90
590k
The Myth of the Modular Monolith - Day 2 Keynote - Rails World 2024
Avatar for Eileen M. Uchitelle eileencodes
26
3k
Scaling GitHub
Avatar for Zach Holman holman
462
140k
Adopting Sorbet at Scale
Avatar for Ufuk Kayserilioglu ufuk
77
9.5k
Gamification - CAS2011
Avatar for David Bonilla davidbonilla
81
5.4k
No one is an island. Learnings from fostering a developers community.
Avatar for Antonio thoeni
21
3.4k
Fireside Chat
Avatar for paigeccino paigeccino
39
3.6k
Cheating the UX When There Is Nothing More to Optimize - PixelPioneers
Avatar for Stéphanie Walter stephaniewalter
283
13k

Transcript

  1. Being Sneaky About Security and Regulations - OR - "Misdirection:

    The Rise and Fall and Rise of Regulatory Compliance" Brett Hardin and Mike Dahn

  2. Who the Hell Are you Two? Mike Dahn @MikD Payment

    Security Guy Brett Hardin @MiscSecurity Application Fixer Author: •  Hacking: The Next Generation •  SpotTheVuln.com •  MiscSecurity.com
  3. None

  4. How Do Regulatory Rules Get Made and The Goals of

    Compliance

  5. Stop Hitting Yourself

  6. None
  7. None
  8. None

  9. Immunization

  10. None
  11. None

  12. Transition.

  13. Black Swans & Data Breaches

  14. None

  15. Real Costs The Placebo Effect of Fear VS.

  16. None
  17. None

  18. Don't make Compliance the End Goal

  19. Transition.

  20. None

  21. Do not focus on the finger or you will miss

    all that heavenly glory [of Regulatory Compliance] Lee (Bruce Lee) Enter the Dragon
  22. None
  23. None
  24. None
  25. None

  26. CISSP

  27. None

  28. Compliance != Security

  29. Out of the Box

  30. THE END