Last 50 'Interviews' Tagged Posts

Flash Worm - SANS Analysis

Sans has write up about a recent flash worm. "A few days ago a lot of media wrote about a Flash worm. I managed to get hold of samples and analyzed it (thanks to Peter Kruse of CSIS for the samples). First of all, while the exploit code contains Flash, it is...

PayPal Software Security Podcast

Gary McGraw posted the following to the secure coding mailing list today. "Episode 6 of the Reality Check security podcast features our own Andy Steingruebl chatting with me about Paypal's software security initiative. This was a fun episode for me, because though I have known Andy for a while I had little...

OWASP interviews Gary McGraw

Gary posted the following to the SC-L list today. "hi sc-l, OWASP just posted an interview with me as part of their budding podcast series. It's nice to have the tables turned after doing all the Silver Bullet (and Reality Check) interviews! It's also nice to be able to answer some of...

Interview: Robert Seacord on the CERT C Secure Coding Standard

"Robert C. Seacord and David Chisnall discuss the CERT C Secure Coding standard, developing C standards, and the future of the language and its offshoots. I recently had the opportunity to interview Robert Seacord, author of the recently-published The CERT C Secure Coding Standard. Robert has been deeply involved with C and...

CGISecurity Interview: Jeremiah Grossman provides more details on clickjacking attack

UPDATE: There is a discussion on The Web Security Mailing List discussing possible solutions. Little information has been provided on ClickJacking so I decided to go digging a little bit and talk to the source to find out some additional information. Here's my interview with Jeremiah Grossman on Friday October 3rd. How...

Cloudsecurity.org Interviews Guido van Rossum: Google App Engine, Python and Security

"In this interview, cloudsecurity.org talks to Guido van Rossum about Python, Google App Engine and security. Guido is the creator of the Python programming language and more recently, Google App Engine team member. His involvement with the App Engine project was pretty late - the code "was almost ready for release" when...

Securityfocus interview with Mozilla security team

"Mozilla released its latest browser, Firefox 3.0, this week. SecurityFocus contributor Federico Biancuzzi tracked down two key members of Mozilla's security team, Window Snyder and Johnathan Nightingale, to learn more about the security features included in this major release. They discussed the protection against phishing and the new malware protection, the new...

Meet the hacker Fyodor, creator of Nmap

There is a short interview at techtarget with the creator of nmap 'fyodor'. Interview Link: http://searchsecurity.techtarget.com.au/topics/article.asp?DocID=1288741

Interview with MPack Developer @ Securityfocus

Securityfocus has interviewed one of the developers of the MPack kit. "In June 2006, three Russian programmers started testing a collection of PHP scripts and exploit code to automate the compromise of computers that visit malicious Web sites. "A year later, the MPack kit has become an increasingly popular tool, allowing data...

Interview with Rain Forest Puppy

An interview with Rain.Forest.Puppy has just been released. RPF is one of the original people speaking about appsec vulnerabilities. If you're into appsec well worth the read. Interview Link: http://www.ush.it/2007/05/01/interview-with-rain-forest-puppy/

Reflections on people within the application security industry

Anurag Agarwal has been writing up reflections on people within the application security industry. In case you're wondering who is involved from the product, services, and research levels check out his site. Reflection on Robert Auger (me) Reflection on Amit Klein Reflection on Jeremiah Grossman Reflection on Sheeraj Shah Reflection on Ivan...

PHP Security From The Inside: An interview with Stefan Esser

"Stefan Esser is the founder of both the Hardened-PHP Project and the PHP Security Response Team (which he recently left). Federico Biancuzzi discussed with him how the PHP Security Response Team works, why he resigned from it, what features he plans to add to his own hardening patch, the interaction between Apache...

CGISecurity Interview with Sullo the Author of Nikto

Nikto is a very popular open source web application security scanner. I emailed the author 'Chris Sullo' asking him about some of his plans, views, and other tool related questions. How long has Nikto been in development and how many people are actively working on it? Although I've had patches and updates...

CGISecurity Interview: Interviewing Ivan Ristic the Author of ModSecurity

After the announcement that ModSecurity was purchased by Breach Security I decided to email Ivan and ask him a few questions that many of us are wondering regarding the future of modsecurity. How will the sale of ModSecurity to breach affect existing users? "There are going to be many positive changes resulting...