Tony Bradley in BlogPodcasts

Ammar Alim Shares Insight on ‘Adversary Aware’ Applications

TechSpective Podcast Episode 104

Organizations invest signficant money and resources in cybersecurity in a constant, 24/7 battle to protect applications and data from cyber adversaries. It’s a bit of a cat-and-mouse game that has gone on for decades. Threat actors devise innovative exploits and attack techniques, and new security tools and strategies are introduced to defend against them, so threat actors come up with unique new attacks. Rinse and repeat. But, what if we had applications that could defend themselves–adversary aware applications?

Ammar Alim, Manager of DevSecOps Solutions at Adobe, is my guest on this episode of the TechSpective Podcast to talk about how they are creating adversary aware applications at Adobe. Ammar shares that he does some soccer coaching as well, and tells his players that either they are chasing the game, or the game is chasing them. “This is very applicable here in cybersecurity, where if you’re waiting for an attacker–for a zero day–and then try to respond to that zero day you are reactive. There is a vulnerability, and then we’re going to have all hands on deck, and we’re going to do some patching.”

The approach Ammar and Adobe are taking to change the game in their favor is to develop applications that are capable of recognizing threats and malicious activity and take action to defend themselves.

Check out the full episode for our discussion of application security and the virtues of adversary aware applications. We also chat about the challenges of the traditional approach to vulnerability and patch management, and why focusing on patching all vulnerabilities is Quixotic, at best.

The podcast itself is audio-only, but the video of our conversation is also available on YouTube if you prefer:

Please ask questions and share your thoughts on the topic in the comments below. Also, please subscribe to the TechSpective Podcast through your favorite podcast platform and share the podcast with your peers and friends.

If you enjoy the podcast, I would also be grateful if you could take 2 minutes to rate and review the podcast on iTunes or wherever you listen.

About
Latest Posts

Tony Bradley

I have a passion for technology and gadgets--with a focus on Microsoft and security--and a desire to help others understand how technology can affect or improve their lives. I also love spending time with my wife, 7 kids, 4 dogs, 7 cats, a pot-bellied pig, and sulcata tortoise, and I like to think I enjoy reading and golf even though I never find time for either. You can contact me directly at tony@xpective.net. For more from me, you can follow me on Twitter, Facebook, Instagram and LinkedIn.

Latest posts by Tony Bradley (see all)

Introduction to Living Off the Land (LotL) Attacks - May 8, 2024
Cloud Security is Broken: SentinelOne Aims to Fix It - May 8, 2024
The Escalating Threat of Exposed Credentials - May 4, 2024

Next Read: Is Process Intelligence the Crystal Ball We Need for Business Optimization? »

adversary aware applicationsAppSec

Tony Bradley: I have a passion for technology and gadgets--with a focus on Microsoft and security--and a desire to help others understand how technology can affect or improve their lives. I also love spending time with my wife, 7 kids, 4 dogs, 7 cats, a pot-bellied pig, and sulcata tortoise, and I like to think I enjoy reading and golf even though I never find time for either. You can contact me directly at tony@xpective.net. For more from me, you can follow me on Twitter, Facebook, Instagram and LinkedIn.

IBM Releases Amazing New Small Power Edge Server to Extend AI Workloads to the Edge
The choice between power servers and x86 servers comes down to price vs. security and…
Demystifying Catastrophic Modeling for Cyber
Catastrophe models and their uses remain the subjects of civilized discourse in most parts of…
Introduction to Living Off the Land (LotL) Attacks
Living off the Land (LotL) attacks represent a sophisticated cyber threat strategy where attackers use…