Wednesday, August 22, 2018

Self-Reliance Redo

I spoke this past Sunday in the Methuen Ward on self-reliance. I used the text of the last talk I gave on self-reliance, only I stripped it down to bullet points so I would not read it. That meant I did not have to talk so fast, but it also means I rambled a bit at times and probably used filler words. Oh well. One poor individual had actually been in Billerica when I gave the talk the first time. He only recognized the first Indiana Jones story and not the rest of the talk. I guess that's good that I use a memorable introduction, right?


You can find the notes I used below, or look at the Google Doc.

Sunday, May 20, 2018

The Restoration

I spoke in the Lynnfield Ward today. I received the assigned topic of "the Restoration" and collected a number of eclectic thoughts to put together my talk. For some reason I got really nervous giving this talk. I think the topic ended up coming together in a good way, but my delivery didn't work too well. It happens. I'm copying my notes below.


Friday, May 18, 2018

SLDC, SOC 2, and Other Four Letter Words


I have a new post on the Threat Stack blog based on my presentation last week at SOURCE Boston!

Talk description:
Except for any authors of trojans that may have stumbled in accidentally, we all want to write secure applications. In spite of our sincere desires, vulnerable code gets shipped. Why? What do we do to fix it? What can we do to prevent it from happening? The answers exist in the realm of the software development life cycle, or SDLC. Various compliance vehicles (such as SOC2) exist to help us formulate an effective SDLC, but any security expert knows that checking a box does not typically yield the desired results. This talk describes the SDLC used by the agent team at Threat Stack, while also bringing in outside experiences to supplement. It also goes over pitfalls observed and lessons learned. You might not use the same tools or produce the same product, but the talk focuses on principles to make the resulting product more secure.

Check out my other recent Threat Stack posts!

Monday, February 26, 2018

Heading to SOURCE Mesa/Phoenix

This week I'm heading to SOURCE Mesa/Phoenix. While there I will present my talk: SDLC, SOC2, and other four letter words. I'll post the slides for the talk later, but you can read the abstract now:
Except for any authors of trojans that may have stumbled in accidentally, we all want to write secure applications. In spite of our sincere desires, vulnerable code gets shipped. Why? What do we do to fix it? What can we do to prevent it from happening? The answers exist in the realm of the software development life cycle, or SDLC. Various compliance vehicles (such as SOC2) exist to help us formulate an effective SDLC, but any security expert knows that checking a box does not typically yield the desired results. This talk describes the SDLC used by the agent team at Threat Stack, while also bringing in outside experiences to supplement. It also goes over pitfalls observed and lessons learned. You might not use the same tools or produce the same product, but the talk focuses on principles to make the resulting product more secure.
I'm slotted to present on day two, March 1st, at 1:10 pm. So right after lunch. Rob Cheyne interviewed me ahead of the conference to preview my talk, and you can find that on YouTube:


Sorry about the audio. I definitely have some lessons learned there for myself about getting the right equipment and prepping for the discussion a bit better.

I'll be there for both days of the main conference. I look forward to meeting new folks and learning new things!

Sunday, February 18, 2018

Overcoming trials of faith

I spoke today in the Revere 2nd Ward. I had President Uchtdorf's talk from a few years ago, Come, Join with Us, as a text with which to start. I think that talk had a lot of great messages inside it, but I struggled over the last few weeks to make it my own. Eventually I decided to leverage the story of Corianton to try and teach some principles.

The previous speaker spoke on lessons from Liberty Jail, and it was not until I heard her talk that things really came together in mind for my own talk. She drew from a number of sources, but probably most directly from Elder Holland's CES Fireside Lessons from Liberty Jail. I found it interesting that she quoted Alma 41:10 from right in the middle of the counsel to Corianton I was about to use as the main mechanism for my talk.

In the end I only had about ten minutes to give my talk, maybe less. As usual, I had over-prepared material for even a full amount of time. So I cut my talk in half and tried to sew it all together on the fly. It didn't go horribly, but I definitely rambled a bit here and there.

Full disclosure: so far I haven't been recycling talks. 

In addition to seeing the text below, you can look at the Google Doc.