I Need an Exit

Unfortunately, no one can be told that we take security seriously.

You have to see it for yourself.

You take the blue pill – the story ends, you change your password,

And have credit monitoring for the rest of your life.

You take the red pill – and have your eyes opened,

Mostly because you’ll be looking for that Yubikey you always misplace,

And I show you how deep the appsec goes.

Remember…all I’m offering is the truth. Nothing more.

Dan Guido talked about why Trail of Bits engages in its particular style of consulting. Dan and crew are well known for impactful security research, tools, and projects. They’re not interested in poking at random software for vulns, they want to eliminate entire classes of vulns. He also talked about fuzzing for efficient vuln discovery and what happened when one of the team re-animated a 30-year old fuzzer to run it against modern code.

The Matrix was released March 31, 1999.

It’s a story about humans and machines, which makes it easy to see the metaphor for appsec. But it’s also about identity and self-determination – themes that even the machines deal with in Resurrections.

And, of course, it’s about style. Style in clothing, in hair, and in self-expression. This is the more important metaphor for appsec – collaboration and community building that welcomes self-expression, including gender, and embraces the diversity of groups.

This wraps up another year of the podcast. Thank you listeners!

Check out this episode's show notes for links to the articles we covered. And please take a moment to subscribe.