Over a million developers have joined DZone.
{{announcement.body}}
{{announcement.title}}

Networks Fail Because They’re Not Built for Security [Video]

DZone's Guide to

Networks Fail Because They’re Not Built for Security [Video]

Check out this video from the Security B-Sides conference about why traditional security tools are failing.

· Performance Zone
Free Resource

Download our Introduction to API Performance Testing and learn why testing your API is just as important as testing your website, and how to start today.

“[Traditional security tools are] failing because they don’t start with the basic assumption that the end users and the networks that they’re connected to are already compromised,” Ira Victor (@ira_victor), host of CyberJungle Radio, in our conversation at the Security B-Sides conference in Las Vegas.

Victor said network owners should build their information security based on the understanding that there are just two kinds of networks, the ones where the owner knows they’re compromised and how badly, and the owner who doesn’t.

One of the core issues, said Victor, is poor credentialing systems.

“It really doesn’t matter how long and complex the passwords are because in many cases the entire infrastructure for the credentialing is so easy to compromise,” he said.

Security is often a network add-on, not a core component.

“A tractor has the same horsepower as my sports car. My sports car can’t plow a field very well. We’re asking systems to be secure that were never designed for security, they were designed to be open,” said Victor. “We have to start with that fundamental base level and then re-architect what we’re doing so that it is designed from the ground up to be secure rather than added on as layers of security.” 

Find scaling and performance issues before your customers do with our Introduction to High-Capacity Load Testing guide.

Topics:
security ,tools ,users ,fail ,networks

Published at DZone with permission of Shaane Syed, DZone MVB. See the original article here.

Opinions expressed by DZone contributors are their own.

THE DZONE NEWSLETTER

Dev Resources & Solutions Straight to Your Inbox

Thanks for subscribing!

Awesome! Check your inbox to verify your email so you can start receiving the latest in tech news and resources.

X

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}