Brook Schoenfield — Security is a messy problem

Brook Schoenfield is a Master Security Architect @IOActive and author of Securing Systems, as well as an industry leader in security architecture and threat modeling, and a friend. "We have a static analysis tool. Why do we need a program?" This is what Brook overheard at one point in his past, from a company CTO, and it sums up the program issue. The CTO was trying to drive a technical strategy for an entire company, and security was just one piece of that. A mandate or a tool would have mad...