Security Workers Fired After Defcon Talk
Two Salesforce security team members were let go following their presentation of a new testing platform.
An article review.
Before you join that panel discussion of disgruntled bankers, consider this story that comes to us by way of Joe Cychosz: a pair of Salesforce security team members were let go shortly after their presentation at the Defcon security conference.
The presentation in question concerned a new exploit framework the presenters had designed for penetration testing, and reportedly had the blessing of Salesforce management until shortly before the talk was scheduled–a text message was allegedly sent to the duo warning them not to participate, but the former employees say they were not received until after the presentation.
While the exact reasoning behind management’s change of heart wasn’t known at the time the article was written it appears to be related to the public release of the application’s code and may have been done due to liability concerns. This incident highlights one of the bigger issues in the security research field, namely the responsible disclosure of exploit information and testing tools. While the security community often attempts to practice complete openness this can be at odds with the companies funding their work, and the correct balance between the two remains hotly contested.
Original article by Zack Whittaker writing for ZDNet.
In this short video, Mike, our “Envoy from the SIEM”, walks us through how data flows
Dan’s reflection on the past 20 years. A Dan’s New Leaf post about predictions. If yo
Welcome Webinar Attendees! You can download a zip folder with all three of the delive
Another awareness poster for YOUR customers (and users). Now that we have our own em