9/13: UNITED Day 2

by Gene Kim on

#UNITEDsummit

  • @sambowne: RT @unitedsummit: Security professionals are second least effective in doing the
  • ir job -
  • right after
  • the weathermen. @ReL1K
  • Haha. RT @sambowne: "Security professionals are 2nd least effective in doing their job - right after the weathermen." @ReL1K
  • @jiuweigui: RT @unitedsummit: "You can find ISP wiretaps across the internet by searching for the string 'CALEA'." @hdmoore at
  • RT @jiuweigui: @hdmoore: "You can find ISP wiretaps across the internet by searching for the string 'CALEA'."
  • @hrbrmstr: RT @MetricsHulk: RT @sambowne We haven't seen Java in a non-exploitable state in 4 yrs @hdmoore #UNITEDSummit // METRICSHULK SMASH VULNE ...
  • Unreal. RT @sambowne We haven't seen Java in a non-exploitable state in 4 yrs @hdmoore #UNITEDSummit

  • Thx!! RT @TheOtherMichael: Great article w/@RealGeneKim/@gspaff/@kevinbehr, the authors of "When IT Fails" http://t.co/PIgq1Or4

Josh/Gene talk

  • Signs: cynacism, burnout, self-effacy: scored off the charts
  • it's actually not personal enough, just talk, instead of talking about how you talk
  • Josh comments: Here's why I care

    • What I'm slaying
    • It's why I'm slaying
    • SQL injection: don't state the fact, it's why you care
    • Insulin pump: why do you care?
    • software as vulnerability: misplaced: not part of problem
    • @chris_kirsch: RT @unitedsummit: Security professionals rated higher than SWAT teams for stress levels-that needs to change. Josh Corman
    • RT @chris_kirsch/@unitedsummit: Infosec rated higher than SWAT teams for stress levels-that needs to change. Josh Corman
    • don't talk aobut stress: that's what Part 1 is for
    • Don't talk about Rugged doc: tell what's in it
  • @hrbrmstr: #UNITEDSummit @realgenekim: "Along with user stories, creat ab-user stories." (for security) #agile

  • RT @hrbrmstr: #UNITEDSummit @realgenekim: "Along with user stories, creat ab-user stories." (for security) #agile

  • @rapid7: RT @smalm: "instead of user stories, we need abuser stories. attacks are a gift." @realgenekim bliss-killing w/ @joshcorman. #unitedsummit

  • RT @smalm: "instead of user stories, we need abuser stories. attacks are a gift." @realgenekim bliss-killing w/ @joshcorman. #unitedsummit

  • @hrbrmstr: #UNITEDSummit @realgenekim: "We can end SQL Injection in our lifetime!"

  • Yes! Let's make it so! RT @hrbrmstr: #UNITEDSummit @realgenekim: "We can end SQL Injection in our lifetime!" #UNITEDsummit @joshcorman

  • @chort0: "Repetition is prerequisite to mastery" @RealGeneKim <- So true. @joshcorman

  • RT @chort0: "Repetition is prerequisite to mastery" @RealGeneKim > So true. @joshcorman

  • @hrbrmstr: #UNITEDSummit @joshcorman shout out to "gauntlet" : the "Security Chaos Monkey" http://t.co/6jFjBXbo by @wickett

  • RT @hrbrmstr: #UNITEDSummit @joshcorman shout out to "gauntlet" : the "Security Chaos Monkey" http://t.co/6jFjBXbo by @wickett

  • @spacerog: RT @attritionorg @rapid7 @joshcorman at #unitedsummit: Software=vulnerability, connected=exposed <- sounds like RSA keynote <- L0pht in '98

  • @rapid7: @RealGeneKim takes @hdmoore's usual spot as fastest talker ;) He did say it'd be ludicrous speed, much like the devops model #unitedsummit

  • Hahaha. WHAT?! OMG. I'm truly not worthy! RT @rapid7: @RealGeneKim takes @hdmoore's usual spot as fastest talker

  • @hdmoore: Awesome hearing @RealGeneKim and @JoshCorman run through DevOps / Rugged at ludicrous speed

  • Sensei, rest assured, it was mutual! RT @hdmoore: Awesome hearing @RealGeneKim/@JoshCorman do Rugged DevOps at ludicrous speed

  • @BC0V3RT: @joshcorman and @realgenekim just gave a DevOps talk that EVERY #agiledevelopment company should experience!

  • Rugged DevOps slides from @joshcorman/@realgenekim talk is at http://www.slideshare.net/mobile/realgenekim/united2012-rugged-devops-rocks; to instantly get slides & resources, go to http://www.instantcustomer.com/go/73720