BSides Detroit 13 Episode 10

Steve Aiello joins the BSides podcast to chat about his talk, Building Securable Infrastructures. A return to first principles, Steve looks into how designing security from the beginning and considering security holistically leads to lower costs and stronger security postures. It may not be sexy but it works. And as Wolfgang Goerlich says, “Working is the new sexy.”

Abstract. This session asks the question: “How do I design my environment to be securable?” Until computing systems are designed and built with security and in mind we will be trapped in a cycle of post implementation Band-Aid style fixes. Without designing infrastructures from the ground up with security in mind and real attempt to defend against directed attacks will be largely unsuccessful.

  • How do we evaluate products in a systematic manor to eliminate vulnerabilities we invite into our environments?
  • Where is money more wisely spent: on developing quality security policies and guidelines? Or on buying, configuring, and maintaining security products?
  • What are critical questions that we should be asking our vendors when we are evaluating new products for our environments?

For more information about BSides Detroit 13, please see: