Thursday, December 12, 2013

CPE: McAfee AudioParasitic: Episode 43: Interview with Didier Stevens

length: 00:15:57

Valid vs invalid test
VirusTotal is not meant to test AV BUT to test sample
-          Limited CLI capability
-          Giulo Canto help explain how VirusTotal works

AMTS: Anti Malware Testing S

Security is getting better:
1.       Non IT people become more  and more aware – include in the budge of SW
2.       Dev becoming more familiar
Ex: Dev implement cryptography that does really understand

We need to workout procedure/standard practice of coding that covers:
-          Designing system
-          Configuring sytem
Need a paradigm shift , need design that allow secure end result

Big challenges: understanding vulnerability & threats

Dev doest present a clear information about security problem, for example: invalid cert – too much / too complicated
Result: user ignore the warning.

Labels: ,


Post a Comment

Subscribe to Post Comments [Atom]

<< Home