Explore software security cryptography in this 52-minute conference talk from Central Ohio Infosec 2015. Delve into topics such as encryption, data safety, and threat modeling. Learn about handling sensitive information, including PHI and PPS, and understand the implications of vulnerabilities like Heartbleed. Gain insights on which security aspects to prioritize for investment. Discover the importance of reasonable encryption practices, data management strategies, and the role of Hardware Security Modules (HSMs) in protecting sensitive data.
Overview
Syllabus
Intro
Expectations
Encryption
Second Overflow
Reasonable Encryption
Data Safe
Data Management
Looking elsewhere
Handling sensitive information
HSMs
Questions
PHIPPS
Heartbleed
Threat Model
Which Pieces to Spend Money On
Related Courses
-
Identifying Security Vulnerabilities
-
Rebuilding and Transforming an Information Security Function
-
How the Cloud Drives Better Security
-
Compliance vs Security - How to Build a Secure Compliance Program
-
Threat Modeling for Secure Software Design
-
Bring Your Own Device and Whatever Security Controls You Want - One Approach to Re
