Upgrade to Pro — share decks privately, control downloads, hide ads and more …

BSidesSanFrancisco2011 - Misdirection: The Rise...

Avatar for Brett Hardin Brett Hardin
February 14, 2011
Technology
240
1

BSidesSanFrancisco2011 - Misdirection: The Rise and Fall and Rise of Regulatory Compliance

Avatar for Brett Hardin

Brett Hardin

February 14, 2011

More Decks by Brett Hardin

See All by Brett Hardin
Penetration Testing is Stupid - BsidesSF 2013
Avatar for Brett Hardin bretthardin
2
2.3k
Building Your House on Sand
Avatar for Brett Hardin bretthardin
2
1.5k
Bad Version of Builders vs. Breakers
Avatar for Brett Hardin bretthardin
1
86
Builders vs. Breakers - AppSec 2012
Avatar for Brett Hardin bretthardin
2
1.5k
Security the Wrong Way
Avatar for Brett Hardin bretthardin
2
260
Security? Who Cares! - Privacy is Dead
Avatar for Brett Hardin bretthardin
1
210
OWASP - Top 10
Avatar for Brett Hardin bretthardin
0
1.1k

Other Decks in Technology

See All in Technology
Platform engineering for developers, architects & the rest of us (AI agents)
Avatar for danielbryantuk danielbryantuk
0
150
Databricks 月刊サービスアップデート 2026年05月号
Avatar for ちょし tyosi1212
0
120
電子辞書Brainをネットに繋げてみた(自力編)
Avatar for らすぴー raspython3
0
320
APIテストとは?
Avatar for 草薙昭彦 nagix
0
160
権限管理設計を完全に理解した
Avatar for r-sugi rsugi
2
240
Claude Codeですべての日常業務を爆速化しよう!
Avatar for みのるん minorun365
PRO
16
16k
食べログのサーキットブレーカー導入を振り返って
Avatar for atpons atpons
1
150
Terraformモジュールは、なぜ「魔境」化するのか
Avatar for hayama hayama17
1
120
Javaコミュニティをもっと楽しむための9箇条
Avatar for Sugiyama Takaaki takasyou
0
640
JEP 522 Deep Dive - G1 GC同期コスト削減によるスループット向上を徹底検証&解説
Avatar for Daishi Tabata tabatad
1
390
最低限これだけ押さえれ大丈夫_Claude Enterprise/Team企業展開ガバナンス入門
Avatar for t-kikuchi tkikuchi
1
550
Dynamic Workersについて
Avatar for Yusuke Wada yusukebe
2
470

Featured

See All Featured
CSS Pre-Processors: Stylus, Less & Sass
Avatar for Bermon Painter bermonpainter
360
30k
A Tale of Four Properties
Avatar for Chris Coyier chriscoyier
163
24k
Six Lessons from altMBA
Avatar for Skipper Chong Warson skipperchong
29
4.3k
Fashionably flexible responsive web design (full day workshop)
Avatar for Andy Clarke malarkey
408
66k
Visualizing Your Data: Incorporating Mongo into Loggly Infrastructure
Avatar for mongodb mongodb
49
10k
Sam Torres - BigQuery for SEOs
Avatar for Tech SEO Connect techseoconnect
PRO
0
280
Dominate Local Search Results - an insider guide to GBP, reviews, and Local SEO
Avatar for Greg Gifford greggifford
PRO
0
180
Paper Plane (Part 1)
Avatar for Katie Cordina Lindsey katiecoart
PRO
0
8.1k
Understanding Cognitive Biases in Performance Measurement
Avatar for Philip Tellis bluesmoon
32
2.9k
Why Your Marketing Sucks and What You Can Do About It - Sophie Logan
Avatar for Sophie Logan marketingsoph
0
160
DBのスキルで生き残る技術 - AI時代におけるテーブル設計の勘所
Avatar for soudai sone soudai
PRO
65
55k
Ethics towards AI in product and experience design
Avatar for Skipper Chong Warson skipperchong
2
290

Transcript

  1. Being Sneaky About Security and Regulations - OR - "Misdirection:

    The Rise and Fall and Rise of Regulatory Compliance" Brett Hardin and Mike Dahn

  2. Who the Hell Are you Two? Mike Dahn @MikD Payment

    Security Guy Brett Hardin @MiscSecurity Application Fixer Author: •  Hacking: The Next Generation •  SpotTheVuln.com •  MiscSecurity.com
  3. None

  4. How Do Regulatory Rules Get Made and The Goals of

    Compliance

  5. Stop Hitting Yourself

  6. None
  7. None
  8. None

  9. Immunization

  10. None
  11. None

  12. Transition.

  13. Black Swans & Data Breaches

  14. None

  15. Real Costs The Placebo Effect of Fear VS.

  16. None
  17. None

  18. Don't make Compliance the End Goal

  19. Transition.

  20. None

  21. Do not focus on the finger or you will miss

    all that heavenly glory [of Regulatory Compliance] Lee (Bruce Lee) Enter the Dragon
  22. None
  23. None
  24. None
  25. None

  26. CISSP

  27. None

  28. Compliance != Security

  29. Out of the Box

  30. THE END