Network Security Podcast

Snort was one of the first security tools I ever used.  When I was working in a small computer lab years ago, I set up a Snort sensor just to see what was there.  And there was a lot in that particular environment.  I’ve used it many times since then and I found out at RSA that the first Sourcefire implementation I performed is still in place, basically unchanged since I left.  This is why I always take the opportunity to talk to Marty Roesch at Sourcefire if I can at RSAC.  This time I got a chance to talk to him about the omnipresent APT (he prefer’s using the term APA, coined by @nselby and others), the security existential crisis, the work Sourcefire is doing with Immunet, the Cloud and Sourcefire’s virtual appliances.  All that noise you hear in the background is the Securosis Recovery Breakfast. 

NSP-RSAC2010-Sourcefire.mp3

I’ve been a member of the International Information Systems Security Certification Consortium [(ISC)2] for nearly a decade; I passed my CISSP test in November of 2002 and don’t have to worry much about CPE’s until at least 2011.  So when I was offered an opportunity to talk to Hord Tipton, Executive Director of the (ISC)2, I didn’t hesitate to take them up on the offer.  We started off easy, talking about what’s new at the (ISC)2, and the Safe & Secure Online Program.  Then we moved on to the harder questions, like “What have you done for me lately?” and “What are you doing about people who shouldn’t be CISSP’s in the first place?”  The (ISC)2 is never going to make all of us who are certified happy, and that they are taking some steps to address concerns about unqualified practitioners, but it’d be nice if they were a little more public about it.  Oh, and you’ll hear at the end that the (ISC)2 definitely accepts listening to podcasts for CPE’s.  I forgot to ask about producing them.

NSP-RSAC2010-ISC2.mp3