Latest Articles

[img_assist|nid=2971|title=|desc=|link=none|align=left|width=100|height=100]To entice security researchers to look for holes in the Chrome browser,
Google has announced it will pay $500 for dangerous security flaws found in the code. But
several experts say that’s not enough money to motivate skilled
vulnerability researchers. Read the full story [CNet]

Read more...

Researchers at Penn State University have developed an algorithm that defends against the spread of local
scanning worms that search for hosts in “local” spaces within networks
or sub-networks. This strategy allows them access to hosts that are
clustered, which means once they infect one host, the rest can be can
be infected quickly. Read the full article. [Dark Reading]

Read more...

Categories: Slideshow

Chris was one of the first
security researchers I met, in 2000, when he and the rest of the L0pht
had just become part of @stake. I’ve probably interviewed him more
often than anyone else on this list and he’s helped me with dozens of
stories over the years. He always had five minutes to explain why I had
screwed something up (often), what a good story angle might be or why
an attack, vulnerability or trend was important (or not).

Read more...

Categories: Slideshow

Window occupies an entirely unique
place in the security community. Sure, being a woman in the security
community is rare enough. But she also commands a lot of respect in
this ultra-competitive world, having helped develop Microsoft’s threat
modeling process, worked as a security architect at @stake and as the
top security exec at Mozilla. I’ve seen some of the smartest and most
well-respected researchers in the world ask her opinion on their talks
and papers at conferences.

Read more...

Categories: Slideshow

I first met Adam well
before he joined Microsoft and have interviewed and corresponded with
him dozens of times over the years, and I’ve learned something new from
every one of those conversations. Given that the goal of most
interviews is to learn new information, you’d think that would be sort
of common. It’s not. In a lot of interviews, both the writer and the
subject know exactly what will be discussed and much of what will be
said. But Adam, like a lot of the other people on this list, doesn’t
let things go that way.

Read more...

Categories: Slideshow

There’s a certain
subset of people who will stop reading this list as soon as they see
Schneier’s name. That’s fine, I get it. Schneier is among the more
controversial figures in the security industry and has more than his
share of both fans and detractors. But this list is people who are
interesting to interview, and Schneier is right up there.

Read more...

Categories: Slideshow

Like Geer, Gary has a unique
view of the security world, one that is informed by his background in
cognitive science and philosophy. He just doesn’t come at questions or
problems the way that most people do, and that makes for interesting
conversations. Gary’s among the top experts on software security, but
he’s just as happy to steer the conversation to philosophy,
barn-building or music, and then bring it all back to security and tie
it up in a package. That is non-trivial.

Read more...

Categories: Slideshow

Where to start with Hoff? Best
known for his evangelism and criticism on virtualization and cloud
security topics, Hoff is among the more entertaining and educationcal
speakers on the security circuit. And, more importantly as it pertains
to this list, he can fill up a notebook. Hoff has ideas and opinions to
spare, and unlike a lot of vendor security folks, he says exactly what
he thinks. He also isn’t much interested in letting people get away
with opinions that have no thought or reasoning behind them.

Read more...

Categories: Slideshow

Anyone who has ever had a single
conversation with Dan, or even seen him speak, will understand
immediately why he’s on this list. Dan’s as smart as they come (he has
a Ph.D. in biostatistics!) and his widely varied background gives him a
truly unique perspective on security issues. His talks and answers to
questions rarely even mention technology, and his advocacy of better
application of the scientific method to the practice of security has
helped spawn an entire movement inside the industry.

Read more...

Categories: Slideshow

I’m always
fascinated by people who are prodigies in their field, and I think Dino
probably falls into that category. He’s been in the top tier of
offensive security researchers for several years, having worked at both
@stake and Matasano, is known as one of the top Apple hackers in the
game, has two books to his credit so far and is really just getting
started. Dino is one of the few researchers who focuses mainly on the
Mac and he’s known to be measured in both his praise and criticism of
Apple security and has the chops to back his statements up.

Read more...