InSecurity Podcast: Ted Harrington on Why You Need to Secure Your App… Then PROVE It’s Secure
ELLIE: “How do you know you’re not deluding yourself? As for me, I’d need proof.”
PALMER: “Proof. Did you love your father?”
PALMER: “Your Dad, did you love him?”
ELLIE: “Yes, very much.”
PALMER: “Prove it.”
~ Contact, 1984
That is, of course, Jodie Foster as Ellie Arroway and Matthew McConaughey as Palmer Joss in Robert Zemeckis’s 1997 adaptation of Carl Sagan’s 1984 novel Contact.
On this week’s episode of InSecurity, Matt Stephenson got some time with ethical hacker Ted Harrington. Ted is the author of HACKABLE: How to Do Application Security Right. He’s also Executive Partner at Independent Security Evaluators, and co-creator of IoT Village at DEFCON and beyond.
If you need more reasons to listen, Ted has some really interesting insights into what developers, companies and even regular people need to consider to keep their assets secure… dig it.
About Ted Harrington
Ted Harrington (@SecurityTed) is the Executive Partner at Independent Security Evaluators (ISE).
ISE is a company of ethical hackers most commonly known for their work hacking cars, medical devices, web applications, and password managers. ISE helps companies build better, more secure software, and has helped hundreds of companies fix tens of thousands of security vulnerabilities, including Google, Amazon, and Netflix.
Ted is an author, keynote speaker, a consultant, and a podcast host, specializing in penetration testing, secure software development, and related areas of cybersecurity.
He recently published the best-selling book HACKABLE: How to Do Application Security Right. Ted and his team also founded and continue to organize IoT Village, an event whose hacking contest is a three-time DEF CON Black Badge winner.
Hackable: How to Do Application Security Right
If you don’t fix your security vulnerabilities, attackers will exploit them. It’s simply a matter of who finds them first. If you fail to prove that your software is secure, your sales are at risk too.
Whether you’re a technology executive, developer, or a security professional, you are responsible for securing your application. However, you may be uncertain about what works, what doesn’t, how hackers exploit applications, or how much to spend. Or maybe you think you do know, but don’t realize what you’re doing wrong.
To defend against attackers, you must think like them. As a leader of ethical hackers, author Ted Harrington helps the world’s foremost companies secure their technology. HACKABLE teaches you exactly how. You’ll learn how to eradicate security vulnerabilities, establish a threat model, and build security into the development process. You’ll build better, more secure products. You’ll gain a competitive edge, earn trust, and win sales.
About Matt Stephenson
Insecurity Podcast host Matt Stephenson (@packmatt73) is the regular host of the InSecurity podcast and video series at events around the globe. Matt has spent the last 10 years in the world of data protection and cybersecurity. Since 2016, he has been with Cylance (acquired by BlackBerry in 2019), extolling the virtues of artificial intelligence and machine learning and how, when applied to network security, this cutting edge technology can wrong-foot the bad guys.
Prior to the COVID-19 shutdown, Matt was on the road over 100 days a year doing live malware demonstrations for audiences from San Diego, to DC, to London, to Abu Dhabi, to Singapore, to Sydney. He says that one of the funniest things he’s ever been a part of was blowing up a live instance of the notorious ransomware NotPetya just six hours after the news broke, in Washington DC, directly across the street from the FBI headquarters. As soon as he detonated the malware (on a VM, of course) a parade of police cars with sirens blaring roared past the building he was in. Matt is pretty sure they weren't there for him, but you never know...
Every week on the InSecurity Podcast, Matt gets to interview interesting people doing interesting things all over the world of cybersecurity and in the extended world of hacking. Sometimes, that means talking about hacking elections, or the coffee supply chain... other times, that means delving deep into the world of social manipulation or the sovereign wealth fund of a national economy.
The InSecurity podcast is about talking with the people who build, manage or wreck the systems that we have put in place to make the world go round. We hope you enjoy the show.