Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
BSidesSanFrancisco2011 - Misdirection: The Rise...
Search
Brett Hardin
February 14, 2011
Technology
1
220
BSidesSanFrancisco2011 - Misdirection: The Rise and Fall and Rise of Regulatory Compliance
Brett Hardin
February 14, 2011
Tweet
Share
More Decks by Brett Hardin
See All by Brett Hardin
Penetration Testing is Stupid - BsidesSF 2013
bretthardin
2
2.2k
Building Your House on Sand
bretthardin
2
1.5k
Bad Version of Builders vs. Breakers
bretthardin
1
74
Builders vs. Breakers - AppSec 2012
bretthardin
2
1.5k
Security the Wrong Way
bretthardin
2
250
Security? Who Cares! - Privacy is Dead
bretthardin
1
180
OWASP - Top 10
bretthardin
0
1k
Other Decks in Technology
See All in Technology
AIコーディングとエンジニアリングの現在地 / A Snapshot of AI Coding and Engineering(Sept. 2025)
ar_tama
0
130
Go Conference 2025: GoのinterfaceとGenericsの内部構造と進化 / Go type system internals
ryokotmng
3
470
日経が挑戦するデータ民主化 ~ セルフサービス基盤がもたらす利点と苦悩~/nikkei-tech-talk-37
nikkei_engineer_recruiting
0
200
Pure Goで体験するWasmの未来
askua
1
140
Tomorrow graphlib, Let us use everybody
hayaosuzuki
0
130
避けられないI/O待ちに対処する: Rails アプリにおけるSSEとasync gemの活用 / Tackling Inevitable I/O Latency in Rails Apps with SSE and the async gem
moznion
2
1.6k
北海道の人に知ってもらいたいGISスポット / gis-spot-in-hokkaido-2025
sakaik
0
180
あなたのWebサービスはAIに自動テストしてもらえる?アクセシビリティツリーで読み解く、AIの『視点』
yusukeiwaki
1
3.1k
Geospatialの世界最前線を探る [2025年版]
dayjournal
2
420
API提供者のためのMCPサーバー設計ガイド / MCP Server Design Guide for API Providers
yokawasa
0
220
kaigi_on_rails_2025_設計.pdf
nay3
8
3.3k
入門 FormObject / An Introduction to FormObject #kaigionrails
expajp
2
1.1k
Featured
See All Featured
It's Worth the Effort
3n
187
28k
ピンチをチャンスに:未来をつくるプロダクトロードマップ #pmconf2020
aki_iinuma
127
53k
4 Signs Your Business is Dying
shpigford
185
22k
Documentation Writing (for coders)
carmenintech
75
5k
Sharpening the Axe: The Primacy of Toolmaking
bcantrill
45
2.5k
Designing Dashboards & Data Visualisations in Web Apps
destraynor
231
53k
Measuring & Analyzing Core Web Vitals
bluesmoon
9
600
Why You Should Never Use an ORM
jnunemaker
PRO
59
9.5k
We Have a Design System, Now What?
morganepeng
53
7.8k
Context Engineering - Making Every Token Count
addyosmani
3
130
The Cult of Friendly URLs
andyhume
79
6.6k
StorybookのUI Testing Handbookを読んだ
zakiyama
31
6.1k
Transcript
Being Sneaky About Security and Regulations - OR - "Misdirection:
The Rise and Fall and Rise of Regulatory Compliance" Brett Hardin and Mike Dahn
Who the Hell Are you Two? Mike Dahn @MikD Payment
Security Guy Brett Hardin @MiscSecurity Application Fixer Author: • Hacking: The Next Generation • SpotTheVuln.com • MiscSecurity.com
None
How Do Regulatory Rules Get Made and The Goals of
Compliance
Stop Hitting Yourself
None
None
None
Immunization
None
None
Transition.
Black Swans & Data Breaches
None
Real Costs The Placebo Effect of Fear VS.
None
None
Don't make Compliance the End Goal
Transition.
None
Do not focus on the finger or you will miss
all that heavenly glory [of Regulatory Compliance] Lee (Bruce Lee) Enter the Dragon
None
None
None
None
CISSP
None
Compliance != Security
Out of the Box
THE END