Android Backstage, a podcast by and for Android developers. Hosted by developers from the Android engineering team, this show covers topics of interest to Android programmers, with in-depth discussions and interviews with engineers on the Android team at Google. Subscribe to Android Developers YouTube → https://goo.gle/AndroidDevs
…
continue reading
Black Hat and Jeff Moss द्वारा प्रदान की गई सामग्री. एपिसोड, ग्राफिक्स और पॉडकास्ट विवरण सहित सभी पॉडकास्ट सामग्री Black Hat and Jeff Moss या उनके पॉडकास्ट प्लेटफ़ॉर्म पार्टनर द्वारा सीधे अपलोड और प्रदान की जाती है। यदि आपको लगता है कि कोई आपकी अनुमति के बिना आपके कॉपीराइट किए गए कार्य का उपयोग कर रहा है, तो आप यहां बताई गई प्रक्रिया का पालन कर सकते हैं https://hi.player.fm/legal।
Player FM - पॉडकास्ट ऐप
Player FM ऐप के साथ ऑफ़लाइन जाएं!
Player FM ऐप के साथ ऑफ़लाइन जाएं!
Gerhard Eschelbeck: The Laws of Vulnerabilities (English)
MP3•एपिसोड होम
Manage episode 155121161 series 1146743
Black Hat and Jeff Moss द्वारा प्रदान की गई सामग्री. एपिसोड, ग्राफिक्स और पॉडकास्ट विवरण सहित सभी पॉडकास्ट सामग्री Black Hat and Jeff Moss या उनके पॉडकास्ट प्लेटफ़ॉर्म पार्टनर द्वारा सीधे अपलोड और प्रदान की जाती है। यदि आपको लगता है कि कोई आपकी अनुमति के बिना आपके कॉपीराइट किए गए कार्य का उपयोग कर रहा है, तो आप यहां बताई गई प्रक्रिया का पालन कर सकते हैं https://hi.player.fm/legal।
"New vulnerabilities to networks are discovered and published on a daily base. With each such announcement, the same questions arise. How significant is this vulnerability? How prevalent is this vulnerability? How easy is this vulnerability to exploit? Are any of my systems affected by this vulnerability? Due to lack of global vulnerability data, answers to these questions are often hard to find and risk rating is even more difficult. As part of ongoing research, Gerhard Eschelbeck of Qualys, Inc. has been gathering statistical vulnerability information for more than two years. Those vulnerabilities have been identified in the real world across hundreds of thousands of systems and networks. This data is not identifiable to individual users or systems. However, it provides significant statistical data for research and analysis, which enabled Gerhard to define the Laws of Vulnerabilities. The Laws of Vulnerabilities is derived from vulnerability data gathered during the past 30 months from over five million scans of individual systems from global organizations. During this timeframe a collective amount of more than three million vulnerabilities - reflecting multiple levels of severity and prevalence - has been identified. Furthermore, the responses to external events (i.e. availability of an exploit or worm taking advantage of a vulnerability) have been studied providing valuable lessons for attendees on how to protect networks and systems from evolving threats. Gerhard Eschelbeck is a respected CTO, researcher and author in the network security field. He published the now well-known ""Laws of Vulnerabilities,"" the industry's first research derived from a statistical analysis of millions of critical vulnerabilities collected across thousands of networks over a multi-year period. Eschelbeck presented his findings before Congress at the hearing on ""Worm and Virus Defense: How Can We Protect Our Nation's Computers from These Serious Threats?"" His research has been featured at major security conferences including Black Hat, CSI, and RSA and in numerous media outlets, including The Wall Street Journal, The Economist and others. Gerhard was named one of Infoworld's 25 Most Influential CTO's in 2003 and 2004 and is a significant contributor to the SANS Top 20 expert consensus identifying the most critical security vulnerabilities. Prior to joining Qualys, Eschelbeck was Senior VP of Engineering for security products at Network Associates, VP of Engineering of anti-virus products at McAfee Associates, and Founder of IDS GmbH, a secure remote control company acquired by McAfee. Earlier, he was a research scientist at the University of Linz, Austria, where he earned Masters and Ph.D. degrees in computer science and where he still teaches regularly in the field of network security. Eschelbeck has authored several papers on active security, automating security management, and multi-tier IDS. He is an inventor of numerous patents in the field of managed network security."
…
continue reading
22 एपिसोडस
Gerhard Eschelbeck: The Laws of Vulnerabilities (English)
Black Hat Briefings, Japan 2004 [Audio] Presentations from the security conference
MP3•एपिसोड होम
Manage episode 155121161 series 1146743
Black Hat and Jeff Moss द्वारा प्रदान की गई सामग्री. एपिसोड, ग्राफिक्स और पॉडकास्ट विवरण सहित सभी पॉडकास्ट सामग्री Black Hat and Jeff Moss या उनके पॉडकास्ट प्लेटफ़ॉर्म पार्टनर द्वारा सीधे अपलोड और प्रदान की जाती है। यदि आपको लगता है कि कोई आपकी अनुमति के बिना आपके कॉपीराइट किए गए कार्य का उपयोग कर रहा है, तो आप यहां बताई गई प्रक्रिया का पालन कर सकते हैं https://hi.player.fm/legal।
"New vulnerabilities to networks are discovered and published on a daily base. With each such announcement, the same questions arise. How significant is this vulnerability? How prevalent is this vulnerability? How easy is this vulnerability to exploit? Are any of my systems affected by this vulnerability? Due to lack of global vulnerability data, answers to these questions are often hard to find and risk rating is even more difficult. As part of ongoing research, Gerhard Eschelbeck of Qualys, Inc. has been gathering statistical vulnerability information for more than two years. Those vulnerabilities have been identified in the real world across hundreds of thousands of systems and networks. This data is not identifiable to individual users or systems. However, it provides significant statistical data for research and analysis, which enabled Gerhard to define the Laws of Vulnerabilities. The Laws of Vulnerabilities is derived from vulnerability data gathered during the past 30 months from over five million scans of individual systems from global organizations. During this timeframe a collective amount of more than three million vulnerabilities - reflecting multiple levels of severity and prevalence - has been identified. Furthermore, the responses to external events (i.e. availability of an exploit or worm taking advantage of a vulnerability) have been studied providing valuable lessons for attendees on how to protect networks and systems from evolving threats. Gerhard Eschelbeck is a respected CTO, researcher and author in the network security field. He published the now well-known ""Laws of Vulnerabilities,"" the industry's first research derived from a statistical analysis of millions of critical vulnerabilities collected across thousands of networks over a multi-year period. Eschelbeck presented his findings before Congress at the hearing on ""Worm and Virus Defense: How Can We Protect Our Nation's Computers from These Serious Threats?"" His research has been featured at major security conferences including Black Hat, CSI, and RSA and in numerous media outlets, including The Wall Street Journal, The Economist and others. Gerhard was named one of Infoworld's 25 Most Influential CTO's in 2003 and 2004 and is a significant contributor to the SANS Top 20 expert consensus identifying the most critical security vulnerabilities. Prior to joining Qualys, Eschelbeck was Senior VP of Engineering for security products at Network Associates, VP of Engineering of anti-virus products at McAfee Associates, and Founder of IDS GmbH, a secure remote control company acquired by McAfee. Earlier, he was a research scientist at the University of Linz, Austria, where he earned Masters and Ph.D. degrees in computer science and where he still teaches regularly in the field of network security. Eschelbeck has authored several papers on active security, automating security management, and multi-tier IDS. He is an inventor of numerous patents in the field of managed network security."
…
continue reading
22 एपिसोडस
Semua episod
×प्लेयर एफएम में आपका स्वागत है!
प्लेयर एफएम वेब को स्कैन कर रहा है उच्च गुणवत्ता वाले पॉडकास्ट आप के आनंद लेंने के लिए अभी। यह सबसे अच्छा पॉडकास्ट एप्प है और यह Android, iPhone और वेब पर काम करता है। उपकरणों में सदस्यता को सिंक करने के लिए साइनअप करें।