Risky Business #396 -- Chris Wysopal on scanning for backdoors
On this week's show we've got two feature interviews!
We're talking to Chris Wysopal from Veracode about using static analysis techniques to find back doors in software. With Juniper, AMX, Fortinet and Cisco all experiencing either maliciously planted or accidental backdoors, this is a hot topic. Chris joins us to talk about how you go about finding this stuff and whether or not vendors are taking this issue seriously enough.
We also check in with Martijn Grooten, editor of Virus Bulletin. We're having a quick chat to him about how the AV industry is reacting to Tavis Ormandy's latest research into the security of its products. He's been reporting bugs in all sorts of AV products lately and apparently the disclosures are having an impact.
This week's sponsor interview is a special one -- it's with Haroon Meer of Thinkst Applied Research. Thinkst has released some free tools that generate and track honey tokens. Old ideas made easy and workable... he'll be along to explain his new tech. Personally think this stuff is great.. just great... and of course he'll plug his even more awesome commercial stuff, Canary Tools.
Adam Boileau, as always, drops in for a chat about the week's news headlines.
Links to everything are in this week's show notes.
Paul Marsh, Space Rogue and Metlstorm join the show...5 hours 55 min ago
Plenty of mayhem this week...6 hours 10 min ago
Putting your life in TBB's hands is maybe not so wise...1 week 4 hours ago
Not a crazy amount of news this week, but some cool stuff nonetheless...1 week 4 hours ago
PLUS: Cylance CEO Stuart McClure on the OPM hack...2 weeks 5 hours ago