Cybers. InfoSec. Cloud Security. Currently VP of Enterprise Security at EA. Former Azure Security Director and head of MSRC for about a decade.
Aug 9, 2018 • 7 tweets • 2 min read
I thought I’d know all the stuff in this talk and just went to see @Lipner. But nope...Dr Lipner is still dropping new knowledge. #bhusa@SAFECode
If you’re not big enough to “do everything” this talk is for you. My key points:
1. Have a vuln response process, use it to learn, and fix more than just what’s reported. 2. Devs are accountable for writing secure code—don’t “test it in.” 3. Do RCAs