Pre-launch. CastingBridges is in pre-launch. Architecture and brand frame are locked; institutional partnerships are forming; counsel review of the platform agreements is in progress. The platform is shown here in its v0 state for stakeholder review only.
CastingBridges Bridging the skills gap … one podcast at a time.

Cybersecurity · Silver Bullet Security Podcast · Executive Review · February 2016

119 — Jacob West, IEEE CSD, Bugs,…

From Silver Bullet Security Podcast · hosted by Gary McGraw

Duration
0:28
CPE Credit
0.5 hrs
Originally Reviewed
February 29, 2016

Audio for this episode is not yet linked on CastingBridges. Listen on the show's site →

Summary

As the Chief Architect for Security Products at NetSuite, Jacob West leads research and development for technology to identify and mitigate security threats. West has over a decade of experience developing, delivering, and monetizing innovative security solutions. Prior to his role at NetSuite, he served as the CTO for Enterprise Security Products (ESP) at HP where he founded and…

Learning Points (Q&A)

  1. The IEEE Center for Secure Design (CSD) was founded to expand the focus in security from finding/fixing bugs to finding/fixing design flaws. What two statements below accurately define bugs & flaws? (Select all that apply)

    • a) bugs are mistakes in code that allow attacks (i.e. XSS)
    • b) bugs are synonymous with flaws
    • c) flaws are design decisions that weaken security (i.e. simple password requirement)
    • d) flaws are when two or more bugs are found

    Select all that apply.

  2. Who needs to be aware of secure design principles?

    • a) architects
    • b) developers
    • c) project managers
    • d) All of the above

  3. Select the three main groups that make up the IEEE CSD. (Select all that apply)

    • a) commercial sector
    • b) IT certification vendors
    • c) academia
    • d) government

    Select all that apply.

  4. In addition to functional testing, it’s important to perform ____________ testing during design review.

    Fill in the blank.

  5. The vast majority of design decisions having security implications are related to non-security functionality about how the system moves data around and services it’s users.

    True or False.

Interactive Q&A is shipping on a pilot episode first; the other 9 episodes display Learning Points read-only at v0. Full interactive rollout activates with v0.1.

Provider Status

This Executive Review is published under the v0 fair-use editorial posture, identical to the posture the February 2016 Cybersecurity Podcasts Today: Executive Series issue shipped under. The show's Provider has not yet been onboarded into CastingBridges' Provider compensation flow. When CastingBridges' first institutional partnership activates, this Executive Review will be re-issued under signed Provider consent with structured Provider compensation per the CastingBridges allocation model.

Learn more about the Provider compensation model →