Trading Least Privilege for Security Theater – Cris Neckar – ESW #201
The appearance of safety and actual security often do not align as closely as we would like to think. As enterprise security products get "smarter", the access that they require to your most sensitive data grows. What are some of the risks associated with common classes of security products?
Announcements
It's official! Security Weekly, in partnership with CyberRisk Alliance, is excited to present Security Weekly Unlocked on December 10, 2020. The inaugural edition of Security Weekly Unlocked also celebrates Security Weekly's 15th Anniversary. Visit securityweekly.com/unlocked to submit your presentation & register for free!
Guest
Cris is the Chief Information Security Officer of Spring Labs, providing a decentralized and transformative infrastructure for secure data exchange. Prior to joining Spring Labs, Cris co-founded Divergent Security, a top-tier offensive security assessment firm that has assessed many of the world’s most sensitive enterprise environments. With over 15 years of leadership experience in red teaming, penetration testing, security research, software development, incident response and recovery, and cyber security education and training. Cris has been directly involved in the identification and investigation of several high profile data breaches. CVEs to Cris’ name include critical, remotely exploitable vulnerabilities in the Windows kernel, Internet Explorer, Chrome, Cryptocurrency Exchange Platforms, and WebEx. Cris was one of the original members of Google’s Chrome Security Team.