Securing Non-Election Election Systems, Modernizing AppSec Education – Brian Glas – ASW #247
While much has been written and argued about the security of election systems - the things that do the actual ballot counting - there's other systems that have to be in place and secured before the vote can occur - voter registration databases, ballot delivery systems, etc. Might it be possible to use modern appsec concepts OWASP SAMM to secure them in a more efficient, targeted, cost-effective manner? Brian Glas joins us to talk about this and his ongoing work around providing students with a modern application security education.
Segment Resources:
Guest
Brian has over 20 years of experience in various roles in IT and over a decade and a half of that in application development and security. His day job is serving as an Assistant Professor and Department Chair at Union University. He helped build FedEx’s AppSec team, worked on the Trustworthy Computing team at Microsoft, consulted on software security for years, and served as a project lead and active contributor for SAMM v1.1-2.0+ and OWASP Top 10 2017 and 2021. Brian is a contributor to the RABET-V Pilot Program for election related technology. He holds several Cybersecurity and IT certifications and is currently working on his Doctor of Computer Science in Cybersecurity and Information Assurance.