GeeksBlaBla
#98 - The weakest link: why all software needs security?
#98 - The weakest link: why all software needs security?
0:00
2:28:53
À propos de cet épisode
<p>During this episode we will go over common security breaches where the weakest service/software were exploited, why all components of a system should get their share of security evaluation, and why secure software design and coding are important for developers on all stacks.</p>
<h2 id="guests">Guests</h2>
<ul>
<li><p><a href="https://twitter.com/hagharass">Hammadi Agharass</a></p></li>
<li><p><a href="https://www.linkedin.com/in/mssassi">Souhail Mssassi</a></p></li>
</ul>
<h2 id="notes">Notes</h2>
<p>0:01 - Intro and welcoming.</p>
<p>0:07 - Exciting security news: Log4j zero-day exploit meltdown.</p>
<p>0:13 - Java Naming and Directory Interface (JNDI).</p>
<p>0:16 - A brief introduction of security from your perspective?</p>
<p>0:22 - What are the software/system aspects that are more critically in need for security?</p>
<p>0:32 - The weakest links for system security: Physical security.</p>
<p>0:42 - The weakest links for system security: Network security.</p>
<p>0:49 - The weakest links for system security: Employees.</p>
<p>0:59 - Stuxnet, where employees contribute to getting malware to the org.</p>
<p>1:02 - Social engineering attack: FB & Google fraud attack.</p>
<p>1:04 - Small satellite apps: FBI website hack, ~100k email sent from a legit fbi.org email address.</p>
<p>1:35 - Secure coding principles for developers</p>
<p>1:45 - Securing small systems (usually considered irrelevant systems)</p>
<p>1:54 - How to secure frontend?</p>
<p>2:00 - How to make sure employees/developers machines are secure?</p>
<p>2:09 - How to manage secrets</p>
<p>2:28 - Wrap up and Goodbye</p>
<h2 id="links">Links</h2>
<h2 id="preparedandpresentedby">Prepared and Presented by</h2>
<ul>
<li><a href="https://www.facebook.com/mohamed.ezzarghili">Mohamed Ez-zarghili</a></li>
</ul>
<h2 id="guests">Guests</h2>
<ul>
<li><p><a href="https://twitter.com/hagharass">Hammadi Agharass</a></p></li>
<li><p><a href="https://www.linkedin.com/in/mssassi">Souhail Mssassi</a></p></li>
</ul>
<h2 id="notes">Notes</h2>
<p>0:01 - Intro and welcoming.</p>
<p>0:07 - Exciting security news: Log4j zero-day exploit meltdown.</p>
<p>0:13 - Java Naming and Directory Interface (JNDI).</p>
<p>0:16 - A brief introduction of security from your perspective?</p>
<p>0:22 - What are the software/system aspects that are more critically in need for security?</p>
<p>0:32 - The weakest links for system security: Physical security.</p>
<p>0:42 - The weakest links for system security: Network security.</p>
<p>0:49 - The weakest links for system security: Employees.</p>
<p>0:59 - Stuxnet, where employees contribute to getting malware to the org.</p>
<p>1:02 - Social engineering attack: FB & Google fraud attack.</p>
<p>1:04 - Small satellite apps: FBI website hack, ~100k email sent from a legit fbi.org email address.</p>
<p>1:35 - Secure coding principles for developers</p>
<p>1:45 - Securing small systems (usually considered irrelevant systems)</p>
<p>1:54 - How to secure frontend?</p>
<p>2:00 - How to make sure employees/developers machines are secure?</p>
<p>2:09 - How to manage secrets</p>
<p>2:28 - Wrap up and Goodbye</p>
<h2 id="links">Links</h2>
<h2 id="preparedandpresentedby">Prepared and Presented by</h2>
<ul>
<li><a href="https://www.facebook.com/mohamed.ezzarghili">Mohamed Ez-zarghili</a></li>
</ul>
Discussion 0
Connectez-vous pour participer à la discussion