Skip to content

Don't feed the hippos (shut up and listen)

Photo of OWASP Indonesia
Hosted By
OWASP I. and Saman F.
Don't feed the hippos (shut up and listen)

Details

Topic :

Don't feed the hippos (shut up and listen)

This is about how to engage with developers as AppSec specialists / about inter-team communications. The presentation is based on a TEDex talk of Ernesto Sirolli where he talks about his experiences as aid-work volunteer in the 70s and what he learned from it.

Where he commented on a failure as "at least we fed the hippos".

Abstract:

The security community is trying to solve insecurity caused by bugs and flaws in software for many years now, but with what success?
We almost never look at successes and failures experiences in other areas, but we could really learn from them. This talk is inspired by Ernesto Sirolli’s TED talk “Want to help someone? Shut up and listen!” about failures in aid programs around the world. Listening to Ernesto Sirolli, you cannot miss the similarity with the security community trying to tell developers how to write secure code. This talk points out common failures of the security community when communicating with developers, trying to solve their problems without understanding what their problems really are.
Using the hippo-analogy for resource wasted and security failures. During the talks, those ‘(in-)secure hippos’ are identified, advice on how to avoid them are provided, by anecdotes and best practices from the perience of the past 15 years in the security field of information / application security.

Speaker:

Martin Knobloch, Global AppSec Strategist at Micro Focus, is a long-time information security leader with more than 15 years of experience in the field. With a background in software development and architecture, his focus is on software security. Martin is actively involved in OWASP where he is a frequent contributor to various projects and initiatives, as well as a member of the Board of Directors. During his career, Martin has been a recognized teacher, guest lecturer at various universities and invited speaker and trainer at local and international software development, testing and security conferences throughout the world.

join with us :
Join Zoom Meeting
https://zoom.us/j/93227935281?pwd=THlxcWJJOEo5QnViRW1jSmpHNEgvZz09

Meeting ID: 932 2793 5281
Passcode: owaspjkt21

or live stream on YouTube
https://m.youtube.com/watch?v=wRKQRTJYggI

Events in
Photo of OWASP Jakarta Chapter group
OWASP Jakarta Chapter
See more events
Online event
This event has passed
Photo of OWASP Jakarta Chapter group
OWASP Jakarta Chapter
public group