Introducing a Security Program to Large Scale Legacy Products
A discussion of the real-world work and challenges to introduce and maintain a comprehensive security program to a large and complex set of legacy storage products. This includes developing a security architecture, vulnerability response, pushing for necessary security enhancements and application security. In this session, you will hear about which efforts worked well and which didn’t.
Speakers
Millard Taylor ( @tad_taylor )
Security Architect, Self
Millard (Tad) Taylor has been working in various aspects of computer security for over 30 years. Starting at NSA, he helped to develop the Rainbow series and guided research into security and formal methods. Then came a stint as a Consultant and Researcher into security while at RTI and Computational Logic, Inc. Afterwards, he became a Security Tester and Developer for Trusted DG/UX and “the security person” for a string of products at Data General/EMC, finally becoming the Security Architect for the Celerra, VNX and VNXe product lines. While at EMC, he also consulted to other product groups, helped to develop corporate-wide standards and guidelines, and continually pointed out that the RSA division doesn’t have sole responsibility for security of all of EMC’s products.
Detailed Presentation:
Comments