Tag: security
Episode 406: Torin Sandall on Distributed Policy Enforcement
Torin Sandall of Styra and Open Policy Agent discussed OPA and policy engines and how they can benefit software projects security and compliance. Host Justin Beyer spoke with Sandall about the benefits of removing authorization logic from your applications. Specifically, how OPA can create a single view of all policies across your software stack for […]
Episode 404: Bert Hubert on DNS Security
Bert Hubert, author of the open source PowerDNS nameserver discusses DNS security and all aspects of the Domain Name System with its flaws and history. Host Gavin Henry spoke with Hubert about what DNS is, DNS history, DNS attacks, DNS flaws, DNS privacy, DNS Encryption, DNS integrity, how DNS is used against your privacy, how […]
Episode 395: Katharine Jarmul on Security and Privacy in Machine Learning
Katharine Jarmul of DropoutLabs discusses security and privacy concerns as they relate to Machine Learning. Host Justin Beyer spoke with Jarmul about attacks that can be leveraged against data pipelines and machine learning models; attack types – adversarial example, model inference, deanonymization; and how they can be utilized to manipulate model outcomes; the dangers of […]
SE-Radio Episode 390: Sam Procter on Security in Software Design
Sam Procter a researcher at the Software Engineering Institute of Carnegie Mellon University discusses Security in Software design. Justin Beyer spoke with Procter about Architecture Design Languages, specifically Architecture Analysis and Design Language (AADL) about what it is, how it can be used for security and privacy. Specifically, he discussed AADL, the tooling that is […]
Episode 385: Evan Gilman and Doug Barth on Zero-Trust Networks
Evan Gilman and Doug Barth, authors of Zero-Trust Networks: building secure systems in untrusted networks discuss zero-trust networks. The discussion covers: the perimeter network architecture; the threat model in modern networks; the meaning of “trust in the network”; why we should not trust our networks (it’s probably already owned); the concept of zero trust in […]
