By Dan Cornell
I recently did an abbreviated version of Josh Sokol and I's presentation "The Magic of Symbiotic Security: Creating an Ecosystem of Security Systems" for the folks at Concise Courses in their Hacker Hotshot series (I suppose you could say it was a "concise" version…)
A recording of the presentation is online:
You can also visit their site for a transcript of the Q&A session at the end.
And the (full) slide deck is online:
I think the "Symbiotic" discussion is an important one for security (and other) teams to be having. Rather that buying products and deploying them in silos, organizations need to look to maximize the value they get from their investments by getting these systems talking to one another to better address the organization's particular concerns. Some of the things we've been doing for folks with ThreadFix are great examples (virtual patching for WAFs, packaging vulnerabilities into software defects), but there are many other opportunities out there.
dan _at_ denimgroup.com