Google, Jeremiah, Equifax discussed on Down the Security Rabbithole Podcast

Automatic TRANSCRIPT

But not much else. That's what that's what got clicks. What you've got you on stage but that is not what solves the problems that we're really facing Jeremiah. And our sneaker doing they they seem to guys like if anybody insecurity should get the problems we have. Those two guys would be would be in that group for me. And what have they done? They've gone in started at an asset discovery discarded company correct. Yeah no that. That's the ad that that thing is. Podcast I mean the fact that Ed management discovery is coming back. As a hot thing is is about customer sewn and I was like okay. I'm not ready to blame fence for everything and I've never been on the offensive side. I've done very little pen testing many years ago so but still i. So I'm kind of kind of blue team defender Guy here. But it's hard for me to blame. Blamed offense offensive. Be being hot because I think that this hotness can steal a could have been channelled into something different that how defense as cool as well but it wasn't really done so I don't think it's the stunt hackers fault. I think it's kind of a community. Just less industry fault that this energy was kind of fizzled. As opposed to channel sound were useful. Am I rambling here? Possibly I am but but I think you're you know you've got a point because much like You know much like the news. What's the old line if it bleeds? It leads right. So we'd like we'd like a you know. The news likes a good car wreck with lots of car and lots of people injured. Why because people tune into that Why do we have you know? Why do we have traffic jams when the accident is not even on the roads off aside because people like to crane their necks and see what happens like this is why the stuff became super popular? And we put a top. We many conferences around it. Many conferences around it and some of his point right right by at least one in the world every day right which is kind of kind of insane but but to really start to solve the problems that that security has at its base you know and whatever whatever use case you want us whether it's the recent as recent as Equifax as far back as target or way back before that right. What kind of problems? They actually facing these. Were not something that you could throw. Technology at and saw these were human interface problems right. There was an even more to the point. Like the you know the the issue that many companies and I worked on a network that had a million and a half nodes right so this was not a small network. How do you get to how to even if you have one? Patch to deploy across a million and a half nodes right save. There's only only ten thousand of those like it it it simply these numbers don't work in the way we think about like at them at that scale and then to a different point but related right. How do you even measure some of the things that how do you get to the things that you don't even know about 'cause after time we're like okay job we've patched also all ten servers mail about an somebody else out there in the back black out there going? You forgot to fourteen. You don't know about. Yeah Yep and since not going to help us with that Yeah symbol. Tell you that you've done it but We'll go beyond you tell you what you've done it makes your makes you are. Dss assessor happy. They as the bad guys. Siping all your data away unless unless if you're negligent it may actually make you kinda sad than the assessor will. It depends because sometimes deals that you actually haven't done a good job and you are in fact negligence. So sometimes that's that's the result. Well I duNno I sort of worry about some of these companies. That have these massive sims where. They're logging everything but not really doing a good job of detection because what in fact I think they are doing when the lawyers find out about that basically. You're logging evidence against yourself right. There they won in fact sure evidence of negligence in the case of that. Which are you know? Sometimes they're more hilarious than others. But yes you're right ultimately You your pain to eventually pay more all right well. This has been a riot. Where nearly fifteen minutes I told just want to go quick. We can do like three of these and not run out of topics man all right. So what's what's next for you or You'RE GONNA YOU'RE GONNA stick around for Awhile while and tried to assure because it's There are many more dark and dark but like deep It technical capabilities that can drag out of our internal environment of course And then making them in the product of course google original home of Of Kinda Zero Trust approach to network and then if you other things that we have can become products and I think that become that may be part of a mission to make it Helpless See the light of the world that would be That would be great. Just don't do it the way Amazon. Stealing it by Like I think Google kind of made this famous. You know where you kind of put to sing in Beta throws him code together throat in the world. Good luck people. Start to use it and gets nuked. But I I think. I think the company's maturing I'm like an evaluation process so get to it. You got some work to do but for sure. There's that okay perfect. Thank you for inviting me and looking for all right. Thanks folks for listening. That was Anton Advocate News. Join US in. We babbled on about seminar. I Dunno some adjacent stuff. I guess it's been a blast. I hope you took a lot of notes or at least laughed long. 'cause I know I was on mute laughing half the time and it's been it's been enjoyable. Thanks for you. Thank you folks. We'll talk to you another time and another place on yet. Another Dallas queudrue rabbit hole. Podcasts until then JOE is we've bathed out on another down the security rabbit hole episode. We'd like to encourage you to chat with our hosts and guests using the twitter. Hashtag D. T. S..

Coming up next