From disclosure to machine learning to IoT, here are the security trends to watch in the months ahead.
The O’Reilly Security Podcast: Sniffing out fraudulent sleeper cells, incubation in money transfer fraud, and adopting a more proactive stance.
The O’Reilly Security Podcast: DRM in unexpected places, artistic and research hindrances, and ill-anticipated consequences.
An interview with Scout Brody, Executive Director at Simply Secure.
The O’Reilly Security Podcast: Designing for security and privacy, noteworthy tools, and the real-world consequences of design.
Five questions for Andrea Limbago: Insights on how social science can improve an organization’s security strategy.
An interview with Susan Sons from the Center for Applied Cybersecurity Research at Indiana University.
The O’Reilly Security Podcast: Randomness, our dependence on entropy for security and privacy, and rating entropy sources for more effective encryption.
The O’Reilly Hardware Podcast: Safeguarding against new privacy risks.
Benjamin Buchanan explains why successful network intrusion attribution requires a range of skills—management, time, leadership, stress testing, and more.
Watch highlights covering security, defense, tools, and more. From the O'Reilly Security Conference in Amsterdam 2016.
Marie Moe shares her experience with being the host of a vulnerable medical implant, and why she started a hacking project to investigate the security of her own critical infrastructure.
Phil Stanhope discusses the DDoS attack on Dyn, how attack approaches are evolving, and what you can do about it.
Matthew Carroll highlights the current design model for machine learning and deep learning and discusses new methods that make privacy an embedded feature.
Katie Moussouris offers insight into starting and running bug bounties.
Dan Kaminsky explains why a strong focus on ease of use—for developers, operators, and users—is our only hope for migrating toward a more secure Internet.
The O’Reilly Security Podcast: Thinking like an epidemiologist, using data and patterns, and escaping reactive tendencies.
Thoughts from O'Reilly Security Conference committee chairs Courtney Nash and Allison Miller on the New York event's spotlight on defenders, focus on supporting the defender community, and taking the event to Amsterdam.
Five questions for Alex Pinto: Data-science techniques for incorporating indicators of compromise into your threat intelligence strategy.
Cory Doctorow says the Electronic Frontier Foundation is fighting for a future where our devices can be configured to do our bidding and where security researchers are always free to tell us what they’ve learned.
Shining a light on this year’s defensive security heroes.
Michael Walker explores the results of DARPA’s Cyber Grand Challenge (CGC), a contest to develop first-generation autonomous cyber defense systems.
Watch highlights covering security, defense, tools, and more. From the O'Reilly Security Conference in New York 2016.
Rebecca Bace explains what we need to do to consolidate our efforts in cybersecurity so that we can instigate a new generation of techniques and applications.
Heather Adkins explores various events in security history to show how we need to alter our course to change the future.
Playing through the pain: The impact of secrets and dark knowledge on security and intelligence professionals
Richard Thieme says the cost of security work and professional intelligence goes beyond dollars. It's measured in family life, relationships, and mental and physical well-being.
Dan Kaminsky on the progress made at O’Reilly Security’s first hackathon to make web security easier.
Five questions for Desiree Matel-Anderson: Insights on FIT’s three-step methodology for maneuvering through cybersecurity emergencies.
Join Dan Kaminsky at the O’Reilly Security Hackathon to help make web security easier and more effective.
As the dust settles on last week's DDoS attack, it’s time to ask—and act on—the question of “Now what?”
Five questions for Chiara Rustici: Insights on the global impact of the new General Data Protection Regulation, and how to get started with implementation.
Tips for writing a successful proposal for the O'Reilly Security Conference.
The O’Reilly Security Podcast: Building cathedrals, empowering the watchers, and breaking out of the security monoculture.
Five questions for Fernando Montenegro: Insights on how to apply economic theory to solve security challenges and improve an organization’s overall security posture.
5 questions for Binu Ramakrishnan: Insights on the threats of centralized multi-tenant CI/CD environments, common protection methods, and tips for improved security.
5 Questions for Timothy Gallo and Allan Liska: Insights on common ransomware delivery methods and how to find balance between minimizing attack risks and maximizing productivity.
Insider information on the O'Reilly Security Conference proposal process, including acceptance and rejection stats.
The O’Reilly Security Podcast: Coarse-grained security, embracing the ephemeral, and empathy for everyone.
Five questions for Laura Mather: Insights on how groupthink and heterogeneous teams impact decision-making.
Applying security insights gained from scientific evaluation.
Five questions for John Bullard and Benji Taylor: Insights on the challenges faced and the tools used to achieve PCI compliance.
The O’Reilly Security Podcast: Where bits and bytes meet flesh, misaligned incentives, and hacking the security industry itself.
Five questions for Ken Lee and Kai Zhong: Insights on building Etsy's alerting framework and best practices for monitoring and alerting.
Questions to help you weigh the true value of “scientifically proven” security solutions.
The O’Reilly Security Podcast: Modern server hardening, institutional inertia, and new approaches to desktop security.
Five questions for Lance Hayden: Insights on High Reliability Organizations (HRO) and resilient approaches to dealing with failure.
Confronting the World Wide Web Consortium on the new digital rights management specification.
The O’Reilly Security Podcast: The origins of LangSec, rigidity vs. robustness, and using game theory to make security better for everyone.
Building security into your configuration management environment and continuous delivery workflow.
The O’Reilly Security Podcast: The chilling effects of DRM, nascent pro-security industries, and the narrative power of machines.
Learn about the surprising origin of the dark net, and find out how you can patrol this not-so-secret domain to detect and thwart intruders.
The O’Reilly Security Podcast: Vulnerabilities in assembled software and the need for immediate developer feedback.
The O’Reilly Security podcast: DevOps, risk reduction, and vulnerabilities in open source.
Containing risk through continuous delivery.
The O’Reilly Security Podcast: Systems, design, and emergent social structures.
Safeguard your iOS apps against common security loopholes.
The O’Reilly Security Podcast: Statistical literacy, machine learning, and data visualization.
Brian Sletten explains why today's encryption technology has government authorities' attention, and is a hot topic for technology companies and the general public alike.
The O’Reilly Security Podcast: Language as a uniter (or divider), the illusion of control, and how security is made of people.
The O’Reilly Security Podcast: Risk as an emergent property of complex systems, the downsides of security by obscurity, and the new O’Reilly Security Conference.