Bil Corry @bilcorry

CISO at @sardineai. Treasurer of @OWASP Board of Directors. (he/him) qatta' mIghtaHghach.

 Phoenix, AZ
linkedin.com/in/bilcorry/
Joined July 2009
  • Tweets 8,305
  • Following 139
  • Followers 776
Filter
Exclude
Time range
-
Near
Load newest
Replying to @irene_tanya
That advice isn’t entirely correct, but I like the message of understanding the technology, it’s limitations, and conscious choices about both.
1
1
Replying to @rotate26chars @securitybrew @LASCONATX @shehackspurple @marcusjcarey @Chip512 @wendynather
Totally agree! I tell those I mentor that being effective in #infosec is 50% technical and 50% influence.
2
Replying to @NormanShamas @tweetinjules @Arm @simonsegars
I’m curious to know more about the marginalization issues. For me, harm reduction speaks to reducing risk of harm for decisions made by individuals. Safety by Design instead focuses on reducing harm at product design. Eg putting tape over a laptop camera vs physical off switch.
1
Replying to @bilcorry @NormanShamas
Maybe we can get @tweetinjules to talk about the framework at the to-be-named Safety by Design conference. And perhaps @Arm + @simonsegars would be willing to sponsor, as a leader in the IoT space.
1
4
Replying to @NormanShamas
Australia is working on a Safety by Design framework, due out this summer. esafety.gov.au/about-the-off…
1
5
Replying to @NormanShamas
I’m very interested! Would love to see a conference focused on Safety by Design.
1
2
Replying to @epenzeymoog @NormanShamas @Patreon
You should check out the awesome work of Australia’s eSafety Commissioner (@tweetinjules), including tech facilitated abuse, image-based abuse, safety by design, smart devices, etc. esafety.gov.au
2
1
Replying to @iMeluny
I always strike the publicity clause from contracts to reduce spear phishing purporting to be from the vendor.
1
1
Here's one strategy being used to thwart an auditor - trick them into drinking tainted water! (source: npr.org/sections/health-shot…)
Replying to @k8em0
Once upon a time, I owned the bug bounty program at @PayPal. There was never a "savings" in terms of head count nor cost. Bug bounties require effort, even if you outsource to one of the BB platforms, and should never be a substitute for internal assessments.
3
Replying to @mdennedy
Reminds me of Congress and definitely a problem to solve. theatlantic.com/politics/arc…
1
3
Many thanks to the folks at @BSidesNH! Had a great time today!
1
4
Replying to @BSidesNH
Or use the campus map. snhu.edu/~/media/files/pdfs/…
1
1
Approaches to making CAPTCHA more accessible. w3c.github.io/apa/captcha/
Replying to @swagitda_ @MalwareJake
Ross Ulbricht would suggest adding the capability to lock when the laptop is unplugged, your face moves away from the camera, you shout “feds!”, or a USB device is inserted without unlocking the USB ports first.
Replying to @manicode
Haha, looking good my friend!
1
Replying to @manicode
Which one is you?
1
Replying to @IAmScottCarlson
You can thank the UK with their adoption of the ePrivacy directive back in 2011. zdnet.com/article/uk-cookie-…
Replying to @mkonda
I was expecting a rickroll. Happy Bday!
1
A reminder to review app access periodically.
1
Load more