Posted 26th of October, 2022

Daniel Cuthbert - OWASP ASVS, Hacking Hardware and Black Hat Talks

Daniel Cuthbert - OWASP ASVS, Hacking Hardware and Black Hat Talks

I have known Dan for over twenty years. We first met when he created the OWASP Application Security Verification Standard, now generally considered the defacto way to test web applications. In this episode we discuss hardware hacking and how to submit a talk to Black Hat with the greatest chance of it getting accepted. 

We first chat about the genesis of the ASVS project, what it is, the problem it solves and its evolution over the last twenty years, along with some great anecdotes from when he worked in a telco in the late 90's. ASVS has come a long since the first version and there is an active community around its development and a large user base including governments.

We then talk about hardware hacking, why a global bank invests so much in hardware research and the dangers that the Chinese Communist Party pose to privacy in modern society. While talking about hardware hacking we digress and talk about carjacking and how he once bricked his wifes car. 

Towards the end we talk about the secrets of a good Black Hat submission, what to avoid and Dan shares his best conference talk of the year, the Space-X Starlink research presented at Brucon.

He failed miserably at the fun questions at the end about British prime ministers. I would just like to remind you he grew up in South Africa so I am going to declare him an honorary Brit.