2020-011-Alyssa miller, deep fakes, threatmodeling for Devops environments, and virtual conferences
Published March 25, 2020
70 min
    Add to queue
    Copy URL
    Show notes



    Looking forward to sharing my vision for ending the 60 year cycle of bad defense strategies in #infosec and my challenge to think about security in a more effective way. https://sched.co/TAqU


    #DianaInitiative2019 #cdwsocial



    1961 - MIT - CTSS - https://en.wikipedia.org/wiki/Compatible_Time-Sharing_System


    Egg, coconut, brick ( my example of security --brbr)


    Start with critical assets

        Layer outward, not perimeter in.

    Medieval castles

        Create the keep, build out from that

        Active defenses


    Dover Castle - https://en.wikipedia.org/wiki/Dover_Castle#/media/File:1_dover_castle_aerial_panorama_2017.jpg


    Detection defenses - watchguards

    Mitigation defenses - moats - give time/space to respond (network segmentation)

    Active countermeasures - knights/archers/cannons 

    DeepFake technology

    Election year

    Spoke at RSA

    Business threat? 

            “Outsider trading”

                “Video of Elon talking about problems - fake…”

                    Stocks tank - short


    Could it be done strategically to destabilize things

    Extort business leaders

        Fake videos used to extort 


    Still difficult to create

        What’s the hurdles stopping it from being mainstream?

            Huge render farms?


    https://www.youtube.com/watch?v=18LN7VQM1aw - deepfake Sharon Stone/ Steve Buscemi


    Threat modeling in devSecOps

    Agile env needs to be quick, fast, and 

    Build it into user stories

    Shostack’s method is a bit weighty

        How do we implement that in such a way to make dev want to do them?


    Organizing Virtual cons

        https://Allthetalks.online - April 15

            24 hour conference for charity

    Talks, followed by interactive channels, community generation

    Virtual Lobbycon


    CFP is open 01 April 2020

    Sticker swap!


        Bsides Atlanta

            27-29 March

            https://bsidesatl.org/ - All virtual this weekend!



        Infosec Oasis

            https://Infosecoasis.com - 18 April







    Check out our Store on Teepub! https://brakesec.com/store

    Join us on our #Slack Channel! Send a request to @brakesec on Twitter or email bds.podcast@gmail.com

    #Brakesec Store!:https://www.teepublic.com/user/bdspodcast


    #Pandora: https://pandora.app.link/p9AvwdTpT3


    #Youtube Channel:  http://www.youtube.com/c/BDSPodcast

    #iTunes Store Link: https://brakesec.com/BDSiTunes

    #Google Play Store: https://brakesec.com/BDS-GooglePlay

    Our main site:  https://brakesec.com/bdswebsite

    #iHeartRadio App:  https://brakesec.com/iHeartBrakesec


    Comments, Questions, Feedback: bds.podcast@gmail.com

    Support Brakeing Down Security Podcast by using our #Paypalhttps://brakesec.com/PaypalBDS OR our #Patreon


    #Twitter@brakesec @boettcherpwned @bryanbrake @infosystir

    #Player.FM : https://brakesec.com/BDS-PlayerFM

    #Stitcher Network: https://brakesec.com/BrakeSecStitcher

    #TuneIn Radio App: https://brakesec.com/TuneInBrakesec

        0:00:00 / 0:00:00