Free Webinar with Presenters from Duo Security and CSRgroup

How Defense In Depth Helps Protect You From Unexpected Vulnerabilities Like Heartbleed

On-Demand Webinar

While the recent Heartbleed vulnerability in OpenSSL may have felt to many like a once-in-a-lifetime internet-scale calamity, it really was just the latest in a long string of failures in SSL/TLS infrastructure: in recent years, there has been a surprisingly long list of high-profile weaknesses discovered in protocols and implementations.

We should expect this. The problem is not that SSL/TLS and its various implementations are inherently bad: humans make mistakes and all software has bugs; any security protocol or system could easily fall victim to a similar fate (perhaps even more easily - SSL/TLS is, at least, widely used and widely studied).

Instead, these failures illustrate the value of a long-held security principle known as "Defense in Depth", which holds that we must build security at every layer of our systems, such that they can remain secure even if one layer breaks.

Join us for a webcast discussing some of the specific techniques that we - and other industry-leading cloud providers - use to lessen the impact of SSL/TLS failures, and some broader ways in which the principle of Defense in Depth can be applied across your organization.



Presenter Biographies:

Adam

Duo Security LogoAdam Goodman
Principal Security Architect at Duo Security

Adam Goodman is the Principal Security Architect at Duo Security, an Ann Arbor, Michigan-based startup focused on two-factor authentication and mobile security. He has spent over 8 years building - and breaking - secure systems, working on everything from low-level binary network protocols to web services and mobile APIs. Prior to his work at Duo, he was a founding engineer at Zattoo, Europe's leading live-streaming Internet TV operator, where he led the development of secure P2P distribution and digital rights management protocols. Adam's security research has gained attention from news sources across the security community, including Threatpost, Dark Reading, The Register, and many others.


Jake Williams
Chief Scientist at CSRgroup Computer Security Consultants

Jake Williams is the chief scientist at CSRgroup computer security consultants and has more than a decade of experience in secure network design, penetration testing, incident response, forensics and malware reverse engineering. Before joining CSRgroup, he worked with various government agencies in information security roles. Jake is a two-time victor at the annual DC3 Digital Forensics Challenge and a SANS course author and certified instructor.