Tag: security

Episode 395: Katharine Jarmul on Security and Privacy in Machine Learning

Filed in Episodes by on January 10, 2020 0 Comments
Episode 395: Katharine Jarmul on Security and Privacy in Machine Learning

Katharine Jarmul of DropoutLabs discusses security and privacy concerns as they relate to Machine Learning. Host Justin Beyer spoke with Jarmul about attacks that can be leveraged against data pipelines and machine learning models; attack types – adversarial example, model inference, deanonymization; and how they can be utilized to manipulate model outcomes; the dangers of […]

Continue Reading »

SE-Radio Episode 390: Sam Procter on Security in Software Design

Filed in Episodes by on November 26, 2019 0 Comments
SE-Radio Episode 390: Sam Procter on Security in Software Design

Sam Procter a researcher at the Software Engineering Institute of Carnegie Mellon University discusses Security in Software design. Justin Beyer spoke with Procter about Architecture Design Languages, specifically Architecture Analysis and Design Language (AADL) about what it is, how it can be used for security and privacy. Specifically, he discussed AADL, the tooling that is […]

Continue Reading »

Episode 385: Evan Gilman and Doug Barth on Zero-Trust Networks

Filed in Episodes by on October 22, 2019 0 Comments
Episode 385: Evan Gilman and Doug Barth on Zero-Trust Networks

Evan Gilman and Doug Barth, authors of Zero-Trust Networks: building secure systems in untrusted networks discuss zero-trust networks.  The discussion covers: the perimeter network architecture; the threat model in modern networks; the meaning of “trust in the network”; why we should not trust our networks (it’s probably already owned); the concept of zero trust in […]

Continue Reading »

Episode 383: Neil Madden On Securing Your API

Filed in Episodes by on October 10, 2019 0 Comments
Episode 383: Neil Madden On Securing Your API

Neil Madden, author of the API Security in Action book and Security Director of ForgeRock, discusses the key technical features of securing an API. Host Gavin Henry spoke with Madden about API versus Web App security, choice of authentication tokens, the various security models you can follow, NIST-800-92, ISO27001, STRIDE, CIA Triad, audit log best […]

Continue Reading »

Episode 378: Joshua Davies on Attacking and Securing PKI

Filed in Episodes by on August 28, 2019 1 Comment
Episode 378: Joshua Davies on Attacking and Securing PKI

Joshua Davies, author of Implementing SSL / TLS Using Cryptography and PKI discussed SSL/TLS, public-key infrastructure, certificate authorities, and vulnerabilities in the security infrastructure.  Robert Blumen spoke with Davies about the history of SSL/TLS; TLS 1.3; symmetric and asymmetric cryptography; the TLS handshake; the Diffie-Helman key exchange; the HTTPS protocol; verification of domain ownership; man-in-the-middle […]

Continue Reading »