A few weeks ago, a company called SolarWinds was discovered to have had some bad actors in placing things in their technology (code) for a while. How did it happen? What does it mean to others? We don't know all the answers yet but we do know that it means we will have to make some changes to things like those universally hated security questionnaires, and how we manage our own source code to ensure better security.Along with a discussion about how cow stomachs relate to information security, and Brian's invoking of The Art of War, there's something for everyone in this epsiode.Propeller head warning - this one's a bit more security "inside baseball" than other episodes as we dig into the recent SolarWinds technology attack and some of the ways that the technology and security practitioners can address issues that have been identified. It's still a "for everyone" episode, but we do go a little more in depth that we usually do in some parts. Let us know what you think!Please take a moment and subscribe to the podcast in your preferred podcast application, and while you are there give soime feedback, either via a rating, or a comment, or both! We want to hear your feedback and ideas, so you can also email us at [email protected] or on Twitter at https://twitter.com/securitydebateSupport The Great Security DebateLinks:Identifying UNC2452-Related Techniques for ATT&CK | by Matt Malone | MITRE ATT&CK® | Dec, 2020 | MediumThe Art of War: Tzu, Sun, Giles, Lionel: 9781604598933: Amazon.com: Books

Ver todos los episodios