During this episode we will go over common security breaches where the weakest service/software were exploited, why all components of a system should get their share of security evaluation, and why secure software design and coding are important for developers on all stacks.
Guests
Notes
0:01 – Intro and welcoming.
0:07 – Exciting security news: Log4j zero-day exploit meltdown.
0:13 – Java Naming and Directory Interface (JNDI).
0:16 – A brief introduction of security from your perspective?
0:22 – What are the software/system aspects that are more critically in need for security?
0:32 – The weakest links for system security: Physical security.
0:42 – The weakest links for system security: Network security.
0:49 – The weakest links for system security: Employees.
0:59 – Stuxnet, where employees contribute to getting malware to the org.
1:02 – Social engineering attack: FB & Google fraud attack.
1:04 – Small satellite apps: FBI website hack, ~100k email sent from a legit fbi.org email address.
1:35 – Secure coding principles for developers
1:45 – Securing small systems (usually considered irrelevant systems)
1:54 – How to secure frontend?
2:00 – How to make sure employees/developers machines are secure?
2:09 – How to manage secrets
2:28 – Wrap up and Goodbye