1/ In researching #breakingsmart, I concluded security is Achilles heel of pragmatic-Promethean rough consensus and running code philosophy
-
-
8/ But you can't fully model either user behavior or threat environment that early, to build usability/security "theory" into product DNA
-
9/ So InfoSec people, like design people often seem to feel ignored and underappreciated until a crisis makes their role important
- Show replies
New conversation -
-
-
@vgr this is because people think of security as a property located within systems rather than located at the boundaries between them -
@maradydd so...red team starts on day 1 on high-security-risk projects? Or would that burden dev team too much? - Show replies
New conversation -
-
-
@vgr there are probably some RulesOfThumb that security folks could give to trigger red flags along the way: "don't store clear user pw"Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.