Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
BSidesSanFrancisco2011 - Misdirection: The Rise...
Search
Brett Hardin
February 14, 2011
Technology
1
210
BSidesSanFrancisco2011 - Misdirection: The Rise and Fall and Rise of Regulatory Compliance
Brett Hardin
February 14, 2011
Tweet
Share
More Decks by Brett Hardin
See All by Brett Hardin
Penetration Testing is Stupid - BsidesSF 2013
bretthardin
2
2.2k
Building Your House on Sand
bretthardin
2
1.5k
Bad Version of Builders vs. Breakers
bretthardin
1
65
Builders vs. Breakers - AppSec 2012
bretthardin
2
1.4k
Security the Wrong Way
bretthardin
2
240
Security? Who Cares! - Privacy is Dead
bretthardin
1
180
OWASP - Top 10
bretthardin
0
1k
Other Decks in Technology
See All in Technology
Classmethod AI Talks(CATs) #16 司会進行スライド(2025.02.12) / classmethod-ai-talks-aka-cats_moderator-slides_vol16_2025-02-12
shinyaa31
0
110
スタートアップ1人目QAエンジニアが QAチームを立ち上げ、“個”からチーム、 そして“組織”に成長するまで / How to set up QA team at reiwatravel
mii3king
2
1.5k
全文検索+セマンティックランカー+LLMの自然文検索サ−ビスで得られた知見
segavvy
2
110
トラシューアニマルになろう ~開発者だからこそできる、安定したサービス作りの秘訣~
jacopen
2
2k
オブザーバビリティの観点でみるAWS / AWS from observability perspective
ymotongpoo
8
1.5k
速くて安いWebサイトを作る
nishiharatsubasa
11
13k
プロダクトエンジニア構想を立ち上げ、プロダクト志向な組織への成長を続けている話 / grow into a product-oriented organization
hiro_torii
1
220
PHPカンファレンス名古屋-テックリードの経験から学んだ設計の教訓
hayatokudou
2
380
TAMとre:Capセキュリティ編 〜拡張脅威検出デモを添えて〜
fujiihda
2
250
クラウドサービス事業者におけるOSS
tagomoris
2
860
運用しているアプリケーションのDBのリプレイスをやってみた
miura55
1
740
個人開発から公式機能へ: PlaywrightとRailsをつなげた3年の軌跡
yusukeiwaki
11
3k
Featured
See All Featured
A Philosophy of Restraint
colly
203
16k
10 Git Anti Patterns You Should be Aware of
lemiorhan
PRO
656
59k
How To Stay Up To Date on Web Technology
chriscoyier
790
250k
Templates, Plugins, & Blocks: Oh My! Creating the theme that thinks of everything
marktimemedia
30
2.2k
Mobile First: as difficult as doing things right
swwweet
223
9.3k
We Have a Design System, Now What?
morganepeng
51
7.4k
Evolution of real-time – Irina Nazarova, EuRuKo, 2024
irinanazarova
6
550
GraphQLとの向き合い方2022年版
quramy
44
13k
[Rails World 2023 - Day 1 Closing Keynote] - The Magic of Rails
eileencodes
33
2.1k
Designing Experiences People Love
moore
140
23k
Product Roadmaps are Hard
iamctodd
PRO
50
11k
GitHub's CSS Performance
jonrohan
1030
460k
Transcript
Being Sneaky About Security and Regulations - OR - "Misdirection:
The Rise and Fall and Rise of Regulatory Compliance" Brett Hardin and Mike Dahn
Who the Hell Are you Two? Mike Dahn @MikD Payment
Security Guy Brett Hardin @MiscSecurity Application Fixer Author: • Hacking: The Next Generation • SpotTheVuln.com • MiscSecurity.com
None
How Do Regulatory Rules Get Made and The Goals of
Compliance
Stop Hitting Yourself
None
None
None
Immunization
None
None
Transition.
Black Swans & Data Breaches
None
Real Costs The Placebo Effect of Fear VS.
None
None
Don't make Compliance the End Goal
Transition.
None
Do not focus on the finger or you will miss
all that heavenly glory [of Regulatory Compliance] Lee (Bruce Lee) Enter the Dragon
None
None
None
None
CISSP
None
Compliance != Security
Out of the Box
THE END
bretthardin
shinyaa31
mii3king
segavvy
jacopen
ymotongpoo
nishiharatsubasa
.jpg){kind=avatar}
hiro_torii
hayatokudou
fujiihda
tagomoris
miura55
yusukeiwaki
colly
lemiorhan
chriscoyier
marktimemedia
swwweet
morganepeng
irinanazarova
quramy
eileencodes
moore
iamctodd
jonrohan
