Upgrade to Pro — share decks privately, control downloads, hide ads and more …

BSidesSanFrancisco2011 - Misdirection: The Rise...

Avatar for Brett Hardin Brett Hardin
February 14, 2011
Technology
250
1

BSidesSanFrancisco2011 - Misdirection: The Rise and Fall and Rise of Regulatory Compliance

Avatar for Brett Hardin

Brett Hardin

February 14, 2011

More Decks by Brett Hardin

See All by Brett Hardin
Penetration Testing is Stupid - BsidesSF 2013
Avatar for Brett Hardin bretthardin
2
2.3k
Building Your House on Sand
Avatar for Brett Hardin bretthardin
2
1.5k
Bad Version of Builders vs. Breakers
Avatar for Brett Hardin bretthardin
1
91
Builders vs. Breakers - AppSec 2012
Avatar for Brett Hardin bretthardin
2
1.5k
Security the Wrong Way
Avatar for Brett Hardin bretthardin
2
270
Security? Who Cares! - Privacy is Dead
Avatar for Brett Hardin bretthardin
1
210
OWASP - Top 10
Avatar for Brett Hardin bretthardin
0
1.1k

Other Decks in Technology

See All in Technology
Oracle AI Database@AWS:サービス概要のご紹介
Avatar for oracle4engineer oracle4engineer
PRO
4
3k
【2026年版】 ベクトル検索とEmbedding最前線
Avatar for Tomoko Uchida mocobeta
16
4.5k
FPC(フレキシブル)基板にZephyr実装してみた。
Avatar for misoji engineer iotengineer22
0
120
iOS アプリの「これって不具合ですか?」を AI に調べてもらう
Avatar for Yuki Miida miichan
0
100
AWS Security Agent といっしょに脅威モデリングをやってみよう
Avatar for amarelo_n24 amarelo_n24
1
180
コミュニティの有益性 ~JAWS Days 2026 での体験を通して~ / The Benefits of a Community ~Through My Experience at JAWS Days 2026~
Avatar for shiro seike seike460
PRO
0
180
Claude Codeをどのように キャッチアップしているか
Avatar for Oikon oikon48
13
8.6k
2026TECHFRESH畢業分享會 - Lightning Talk - E起 See See : 電商推薦讀心術? 數據說了算
Avatar for LINE Developers Taiwan line_developers_tw
PRO
0
1.3k
脱SaaS!FDEを支えるプロビジョニングと分離設計
Avatar for Kenichi SUZUKI knih
0
240
「勝手に広まる」人気 AI エージェントを爆速で作ろう!(AWS Summit Japan 2026講演資料)
Avatar for みのるん minorun365
PRO
9
2k
攻撃者視点で考えるDetection Engineering
Avatar for Ruslan Sayfiev cryptopeg
3
2k
Chainlitで作るお手軽チャットUI
Avatar for tomo ynt0485
0
280

Featured

See All Featured
The Success of Rails: Ensuring Growth for the Next 100 Years
Avatar for Eileen M. Uchitelle eileencodes
47
8.2k
We Are The Robots
Avatar for Honza Javorek honzajavorek
0
250
How Fast Is Fast Enough? [PerfNow 2025]
Avatar for Tammy Everts tammyeverts
3
610
How to make the Groovebox
Avatar for あそなす asonas
2
2.2k
Art, The Web, and Tiny UX
Avatar for Lynn Fisher lynnandtonic
304
22k
ReactJS: Keep Simple. Everything can be a component!
Avatar for Pedro Nauck pedronauck
666
130k
YesSQL, Process and Tooling at Scale
Avatar for Rocio Delgado rocio
174
15k
Lightning Talk: Beautiful Slides for Beginners
Avatar for Ines Montani inesmontani
PRO
2
580
No one is an island. Learnings from fostering a developers community.
Avatar for Antonio thoeni
21
3.8k
Have SEOs Ruined the Internet? - User Awareness of SEO in 2025
Avatar for Akash Hashmi akashhashmi
0
370
DBのスキルで生き残る技術 - AI時代におけるテーブル設計の勘所
Avatar for soudai sone soudai
PRO
66
55k
Connecting the Dots Between Site Speed, User Experience & Your Business [WebExpo 2025]
Avatar for Tammy Everts tammyeverts
11
950

Transcript

  1. Being Sneaky About Security and Regulations - OR - "Misdirection:

    The Rise and Fall and Rise of Regulatory Compliance" Brett Hardin and Mike Dahn

  2. Who the Hell Are you Two? Mike Dahn @MikD Payment

    Security Guy Brett Hardin @MiscSecurity Application Fixer Author: •  Hacking: The Next Generation •  SpotTheVuln.com •  MiscSecurity.com
  3. None

  4. How Do Regulatory Rules Get Made and The Goals of

    Compliance

  5. Stop Hitting Yourself

  6. None
  7. None
  8. None

  9. Immunization

  10. None
  11. None

  12. Transition.

  13. Black Swans & Data Breaches

  14. None

  15. Real Costs The Placebo Effect of Fear VS.

  16. None
  17. None

  18. Don't make Compliance the End Goal

  19. Transition.

  20. None

  21. Do not focus on the finger or you will miss

    all that heavenly glory [of Regulatory Compliance] Lee (Bruce Lee) Enter the Dragon
  22. None
  23. None
  24. None
  25. None

  26. CISSP

  27. None

  28. Compliance != Security

  29. Out of the Box

  30. THE END