42Jim Manico
“Learn to code. No matter what else you do in security, it will augment your career and capabilities.”
Twitter: @manicode • Website: manicode.com
Jim Manico is the founder of Manicode Security, where he trains software developers on secure coding and security engineering. He is also the founder of Infrared Security and Brakeman Security and is an investor/advisor for Signal Sciences and BitDiscovery. Jim is a Java Champion and a member of the JavaOne Rock Star speaker community. He is the author of Iron-Clad Java: Building Secure Web Applications from McGraw-Hill and Oracle Press. Jim also volunteers for the OWASP foundation, where he helps build application security standards and other documentation. For more information, see http://www.linkedin.com/in/jmanico.
If there is one myth that you could debunk in cybersecurity, what would it be?
That input validation is enough to stop injection. Programmers need to master other techniques like query parameterization and proper escaping to stop the various forms of injection.
What is one of the biggest bang-for-the-buck actions that an organization can take to improve its cybersecurity posture?
Force a policy of 16-or-more-character passwords as the new minimum.
How is it that cybersecurity spending is increasing but breaches are still happening?
Hackers gonna hack.
Do you need a college degree or certification to ...