Artwork

Sisällön tarjoaa The EPAM Continuum Podcast Network and EPAM Continuum. The EPAM Continuum Podcast Network and EPAM Continuum tai sen podcast-alustan kumppani lataa ja toimittaa kaiken podcast-sisällön, mukaan lukien jaksot, grafiikat ja podcast-kuvaukset. Jos uskot jonkun käyttävän tekijänoikeudella suojattua teostasi ilman lupaasi, voit seurata tässä https://fi.player.fm/legal kuvattua prosessia.
Player FM - Podcast-sovellus
Siirry offline-tilaan Player FM avulla!

Silo Busing 67: Andrew Whaley and Sam Rehman on App Security

25:28
 
Jaa
 

Manage episode 383159211 series 3215634
Sisällön tarjoaa The EPAM Continuum Podcast Network and EPAM Continuum. The EPAM Continuum Podcast Network and EPAM Continuum tai sen podcast-alustan kumppani lataa ja toimittaa kaiken podcast-sisällön, mukaan lukien jaksot, grafiikat ja podcast-kuvaukset. Jos uskot jonkun käyttävän tekijänoikeudella suojattua teostasi ilman lupaasi, voit seurata tässä https://fi.player.fm/legal kuvattua prosessia.
Going mobile: It’s going to create vulnerabilities. That’s the way things work with apps. They aren’t just friendly pieces of software that help you beat traffic or bring your favorite tunes into your eardrums… they are opportunities, rich ones, for the bad guys. Andrew Whaley, the Senior Technical Director (UK) at Promon and our guest on *Silo Busting,* says that with an app, “You have to be able to trust the security model that you've got around it.” Whaley talks with Sam Rehman, our Chief Information Security Officer and SVP, about how apps operate on a client-server model, but “all the client code is distributed outside of your enterprise.” Some of these users could well be criminals who, once gaining access to that code, could "reverse engineer it and come up with ways to attack that.” And the code in those apps can be a bit suspect. Whaley says that most apps are made up of 80% open-source software. “You know how many of those app developers go and build that source themselves from source and read over it before they compile?” he asks and then answers: “Probably close to zero.” Speaking of putting the work in… Rehman talks about calibrating “the level of effort that the attacker would have to go through versus the yield.” The trick is, he says, layering on cybersecurity techniques “so that the yield is not worth it for them.” Whaley replies that “once you layer obfuscation on, you then have this impenetrable forest” and that the “immediately accessible ways of attacking [an application] are taken off the table.” Together they chat about supply chain attacks, nonlinear programming, and more. Tune in and be safe(r)! Host: Glenn Gruber Editor: Kyp Pilalas Producer: Ken Gordon
  continue reading

165 jaksoa

Artwork
iconJaa
 
Manage episode 383159211 series 3215634
Sisällön tarjoaa The EPAM Continuum Podcast Network and EPAM Continuum. The EPAM Continuum Podcast Network and EPAM Continuum tai sen podcast-alustan kumppani lataa ja toimittaa kaiken podcast-sisällön, mukaan lukien jaksot, grafiikat ja podcast-kuvaukset. Jos uskot jonkun käyttävän tekijänoikeudella suojattua teostasi ilman lupaasi, voit seurata tässä https://fi.player.fm/legal kuvattua prosessia.
Going mobile: It’s going to create vulnerabilities. That’s the way things work with apps. They aren’t just friendly pieces of software that help you beat traffic or bring your favorite tunes into your eardrums… they are opportunities, rich ones, for the bad guys. Andrew Whaley, the Senior Technical Director (UK) at Promon and our guest on *Silo Busting,* says that with an app, “You have to be able to trust the security model that you've got around it.” Whaley talks with Sam Rehman, our Chief Information Security Officer and SVP, about how apps operate on a client-server model, but “all the client code is distributed outside of your enterprise.” Some of these users could well be criminals who, once gaining access to that code, could "reverse engineer it and come up with ways to attack that.” And the code in those apps can be a bit suspect. Whaley says that most apps are made up of 80% open-source software. “You know how many of those app developers go and build that source themselves from source and read over it before they compile?” he asks and then answers: “Probably close to zero.” Speaking of putting the work in… Rehman talks about calibrating “the level of effort that the attacker would have to go through versus the yield.” The trick is, he says, layering on cybersecurity techniques “so that the yield is not worth it for them.” Whaley replies that “once you layer obfuscation on, you then have this impenetrable forest” and that the “immediately accessible ways of attacking [an application] are taken off the table.” Together they chat about supply chain attacks, nonlinear programming, and more. Tune in and be safe(r)! Host: Glenn Gruber Editor: Kyp Pilalas Producer: Ken Gordon
  continue reading

165 jaksoa

Kaikki jaksot

×
 
Loading …

Tervetuloa Player FM:n!

Player FM skannaa verkkoa löytääkseen korkealaatuisia podcasteja, joista voit nauttia juuri nyt. Se on paras podcast-sovellus ja toimii Androidilla, iPhonela, ja verkossa. Rekisteröidy sykronoidaksesi tilaukset laitteiden välillä.

 

Pikakäyttöopas