A year ago I founded a conference, and this weekend was the fourth iteration of it, adaconf3 (the first was adaconf0).
I am really happy about the awesome lineup, and I also did a lightning talk, beta testing a small part of an upcoming talk called Why Penetration Testing Sucks – Finding a more efficient road to Security Maturity.
For a frequent reader of this blog my observations and remedies should be no surprise, and I was really happy with the audience laughing in the right place. Like on this slide:
I’m also really happy with the insightful questions I got. I find that in conversations and Q&A’s I often get to distil my thoughts and connect new dots.
These are the key take-aways, my Security Maturity Checklist, version 0.9.
What am I missing on this checklist? Do you not agree with me? The title of the talk might be provocative, but I truly want to open up a constructive discussion, to make security work a little more efficient, and a lot nicer for everyone involved.