This week, we interview Shay Chen. He currently runs several large-scale researches, published annually:
1) The WAVSEP vulnerability scanner comparison test-bed and annual benchmark, covering 64 web application vulnerability scanners engines, and currently in its fifth year.
2) The RvR attack-vector classification project (tecapi.com), which aims to compare features of diverse types of infosec products.
3) The upcoming WAFEP test-bed for web application firewalls, already used in upcoming corresponding comparisons.
This week, we interview Rick Farina who is a well known wireless hacker and member of the DEF CON Wireless Village team and the Wireless Capture the Flag team.
He talks wireless security and shows off the new Pwn Pad.
In stories this week, we talk about how to properly handle a security breach (LastPass), and how HackerOne connects hackers with companies. You can view the full list of stories and links in our wiki below:
This week Gavin Millard from Tenable Network Security joins us to shine a light on Shadow IT, talk about how to get things done in security, and several more topics related to information security. Gavin is also the husband of Mehreen, who you all may know from the popular Security Weekly meme "wake up Mehreen".
Gavin is a trained, ethical hacker who works with medium and large enterprises to address their cybersecurity challenges. With a deep understanding of how attackers plot a breach, he helps bring these companies to a trusted state of IT infrastructure. He previously worked as the Europe, Middle East and Africa (EMEA) technical director for Tripwire. He has also spoken frequently on data integrity, hacking and other key security topics. Current Position: As Technical Director, EMEA, Gavin is involved with the major clients in the EMEA region, helping to manage and reduce their attack surface.