SlideShare uma empresa Scribd logo

Developing Software with Security in Mind

Transferir como PPT, PDF
S
sblom
TecnologiaNegócios
1 de 24
Developing Software with Security in Mind Scott Blomquist CTO, Vidoop
Format ,[object Object],[object Object],[object Object],[object Object],[object Object]
Rule #1 ,[object Object]
How my security education began ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Rule #2 ,[object Object],[object Object]
Security trends ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Rule #3 ,[object Object],[object Object],[object Object]
Passions get the best attention ,[object Object],[object Object],[object Object],[object Object]
Rule #4 ,[object Object],[object Object],[object Object],[object Object]
Security researchers: symbiotic parasites ,[object Object],[object Object],[object Object],[object Object],[object Object]
Rule #5 ,[object Object],[object Object],[object Object],[object Object],[object Object]
Software is never defect-free ,[object Object],[object Object]
Rule #6 ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Emergency response plans ,[object Object],[object Object],[object Object],[object Object],[object Object]
Rue #7 ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Secrity vs. Usability ,[object Object],[object Object]
Rule #8 ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
A case study: OpenID ,[object Object],[object Object],[object Object],[object Object]
Rule #9 ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Open conversation ,[object Object],[object Object],[object Object],[object Object],[object Object]
Rule #10 ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
No rule #10 ,[object Object],[object Object]
Additional Resources ,[object Object],[object Object],[object Object]
Questions? ,[object Object]

Recomendados

451 and Endgame - Zero breach Tolerance: Earliest protection across the attac...
451 and Endgame - Zero breach Tolerance: Earliest protection across the attac...451 and Endgame - Zero breach Tolerance: Earliest protection across the attac...
451 and Endgame - Zero breach Tolerance: Earliest protection across the attac...Adrian Sanabria
 
Anton Chuvakin on What is NOT Working in Security 2004
Anton Chuvakin on What is NOT Working in Security 2004Anton Chuvakin on What is NOT Working in Security 2004
Anton Chuvakin on What is NOT Working in Security 2004Anton Chuvakin
 
Sigma Open Tech Week: Bitter Truth About Software Security
Sigma Open Tech Week: Bitter Truth About Software SecuritySigma Open Tech Week: Bitter Truth About Software Security
Sigma Open Tech Week: Bitter Truth About Software SecurityVlad Styran
 
Practical network defense at scale Or: Protecting the “Eierlegende Wollmichsa...
Practical network defense at scale Or: Protecting the “Eierlegende Wollmichsa...Practical network defense at scale Or: Protecting the “Eierlegende Wollmichsa...
Practical network defense at scale Or: Protecting the “Eierlegende Wollmichsa...CODE BLUE
 
Database Security Risks You Might Not Have Considered, but Need To
Database Security Risks You Might Not Have Considered, but Need To Database Security Risks You Might Not Have Considered, but Need To
Database Security Risks You Might Not Have Considered, but Need To IDERA Software
 
Stranded on Infosec Island: Defending the Enterprise with Nothing but Windows...
Stranded on Infosec Island: Defending the Enterprise with Nothing but Windows...Stranded on Infosec Island: Defending the Enterprise with Nothing but Windows...
Stranded on Infosec Island: Defending the Enterprise with Nothing but Windows...Adrian Sanabria
 
A Journey Into Pen-tester land: Myths or Facts!
A Journey Into Pen-tester land: Myths or Facts!A Journey Into Pen-tester land: Myths or Facts!
A Journey Into Pen-tester land: Myths or Facts!Ammar WK
 
Enabling effective hunt teaming and incident response
Enabling effective hunt teaming and incident responseEnabling effective hunt teaming and incident response
Enabling effective hunt teaming and incident responsejeffmcjunkin
 

Recomendados

451 and Endgame - Zero breach Tolerance: Earliest protection across the attac...
451 and Endgame - Zero breach Tolerance: Earliest protection across the attac...451 and Endgame - Zero breach Tolerance: Earliest protection across the attac...
451 and Endgame - Zero breach Tolerance: Earliest protection across the attac...Adrian Sanabria
 
Anton Chuvakin on What is NOT Working in Security 2004
Anton Chuvakin on What is NOT Working in Security 2004Anton Chuvakin on What is NOT Working in Security 2004
Anton Chuvakin on What is NOT Working in Security 2004Anton Chuvakin
 
Sigma Open Tech Week: Bitter Truth About Software Security
Sigma Open Tech Week: Bitter Truth About Software SecuritySigma Open Tech Week: Bitter Truth About Software Security
Sigma Open Tech Week: Bitter Truth About Software SecurityVlad Styran
 
Practical network defense at scale Or: Protecting the “Eierlegende Wollmichsa...
Practical network defense at scale Or: Protecting the “Eierlegende Wollmichsa...Practical network defense at scale Or: Protecting the “Eierlegende Wollmichsa...
Practical network defense at scale Or: Protecting the “Eierlegende Wollmichsa...CODE BLUE
 
Database Security Risks You Might Not Have Considered, but Need To
Database Security Risks You Might Not Have Considered, but Need To Database Security Risks You Might Not Have Considered, but Need To
Database Security Risks You Might Not Have Considered, but Need To IDERA Software
 
Stranded on Infosec Island: Defending the Enterprise with Nothing but Windows...
Stranded on Infosec Island: Defending the Enterprise with Nothing but Windows...Stranded on Infosec Island: Defending the Enterprise with Nothing but Windows...
Stranded on Infosec Island: Defending the Enterprise with Nothing but Windows...Adrian Sanabria
 
A Journey Into Pen-tester land: Myths or Facts!
A Journey Into Pen-tester land: Myths or Facts!A Journey Into Pen-tester land: Myths or Facts!
A Journey Into Pen-tester land: Myths or Facts!Ammar WK
 
Enabling effective hunt teaming and incident response
Enabling effective hunt teaming and incident responseEnabling effective hunt teaming and incident response
Enabling effective hunt teaming and incident responsejeffmcjunkin
 
Pen-testing is Dead?
Pen-testing is Dead?Pen-testing is Dead?
Pen-testing is Dead?Ammar WK
 
KISSPatent open source presentation
KISSPatent open source presentationKISSPatent open source presentation
KISSPatent open source presentationKISSPatent
 
The Cyber Threat Intelligence Matrix: Taking the attacker eviction red pill
The Cyber Threat Intelligence Matrix: Taking the attacker eviction red pillThe Cyber Threat Intelligence Matrix: Taking the attacker eviction red pill
The Cyber Threat Intelligence Matrix: Taking the attacker eviction red pillFrode Hommedal
 
Human is an amateur; the monkey is an expert. How to stop trying to secure yo...
Human is an amateur; the monkey is an expert. How to stop trying to secure yo...Human is an amateur; the monkey is an expert. How to stop trying to secure yo...
Human is an amateur; the monkey is an expert. How to stop trying to secure yo...Vlad Styran
 
2020 FRSecure CISSP Mentor Program - Class 9
2020 FRSecure CISSP Mentor Program - Class 92020 FRSecure CISSP Mentor Program - Class 9
2020 FRSecure CISSP Mentor Program - Class 9FRSecure
 
2018 CISSP Mentor Program Session 3
2018 CISSP Mentor Program Session 32018 CISSP Mentor Program Session 3
2018 CISSP Mentor Program Session 3FRSecure
 
Ed McCabe - Putting the Intelligence back in Threat Intelligence
Ed McCabe - Putting the Intelligence back in Threat IntelligenceEd McCabe - Putting the Intelligence back in Threat Intelligence
Ed McCabe - Putting the Intelligence back in Threat Intelligencecentralohioissa
 
PHP-IDS
PHP-IDSPHP-IDS
PHP-IDSsilenceIT Inc.
 
Jim Wojno: Incident Response - No Pain, No Gain!
Jim Wojno: Incident Response - No Pain, No Gain!Jim Wojno: Incident Response - No Pain, No Gain!
Jim Wojno: Incident Response - No Pain, No Gain!centralohioissa
 
2019 FRSecure CISSP Mentor Program: Class Three
2019 FRSecure CISSP Mentor Program: Class Three 2019 FRSecure CISSP Mentor Program: Class Three
2019 FRSecure CISSP Mentor Program: Class Three FRSecure
 
2020 FRSecure CISSP Mentor Program - Class 10
2020 FRSecure CISSP Mentor Program - Class 102020 FRSecure CISSP Mentor Program - Class 10
2020 FRSecure CISSP Mentor Program - Class 10FRSecure
 
DEF CON 23 - Wesley McGrew - i hunt penetration testers
DEF CON 23 - Wesley McGrew - i hunt penetration testersDEF CON 23 - Wesley McGrew - i hunt penetration testers
DEF CON 23 - Wesley McGrew - i hunt penetration testersFelipe Prado
 
Open stack security emea launch
Open stack security emea launchOpen stack security emea launch
Open stack security emea launchJoshua McKenty
 
Cf.Objective.2009
Cf.Objective.2009Cf.Objective.2009
Cf.Objective.2009Bill Shelton
 
10 Reasons Why You Fix Bugs As Soon As You Find Them
10 Reasons Why You Fix Bugs As Soon As You Find Them10 Reasons Why You Fix Bugs As Soon As You Find Them
10 Reasons Why You Fix Bugs As Soon As You Find ThemRosie Sherry
 
Security and privacy for journalists
Security and privacy for journalistsSecurity and privacy for journalists
Security and privacy for journalistsJillian York
 
Physical Penetration Testing (RootedCON 2015)
Physical Penetration Testing (RootedCON 2015)Physical Penetration Testing (RootedCON 2015)
Physical Penetration Testing (RootedCON 2015)Eduardo Arriols Nuñez
 
How to be come a hacker slide for 2600 laos
How to be come a hacker slide for 2600 laosHow to be come a hacker slide for 2600 laos
How to be come a hacker slide for 2600 laosOuthai SAIOUDOM
 
2020 FRSecure CISSP Mentor Program - Class 11
2020 FRSecure CISSP Mentor Program - Class 112020 FRSecure CISSP Mentor Program - Class 11
2020 FRSecure CISSP Mentor Program - Class 11FRSecure
 
Module5 desktop-laptop-security-b
Module5 desktop-laptop-security-bModule5 desktop-laptop-security-b
Module5 desktop-laptop-security-bBbAOC
 
Chapter 5Overview of SecurityTechnologiesWe can’t h
Chapter 5Overview of SecurityTechnologiesWe can’t hChapter 5Overview of SecurityTechnologiesWe can’t h
Chapter 5Overview of SecurityTechnologiesWe can’t hWilheminaRossi174
 
Intro to INFOSEC
Intro to INFOSECIntro to INFOSEC
Intro to INFOSECSean Whalen
 

Mais conteúdo relacionado

Mais procurados

Pen-testing is Dead?
Pen-testing is Dead?Pen-testing is Dead?
Pen-testing is Dead?Ammar WK
 
KISSPatent open source presentation
KISSPatent open source presentationKISSPatent open source presentation
KISSPatent open source presentationKISSPatent
 
The Cyber Threat Intelligence Matrix: Taking the attacker eviction red pill
The Cyber Threat Intelligence Matrix: Taking the attacker eviction red pillThe Cyber Threat Intelligence Matrix: Taking the attacker eviction red pill
The Cyber Threat Intelligence Matrix: Taking the attacker eviction red pillFrode Hommedal
 
Human is an amateur; the monkey is an expert. How to stop trying to secure yo...
Human is an amateur; the monkey is an expert. How to stop trying to secure yo...Human is an amateur; the monkey is an expert. How to stop trying to secure yo...
Human is an amateur; the monkey is an expert. How to stop trying to secure yo...Vlad Styran
 
2020 FRSecure CISSP Mentor Program - Class 9
2020 FRSecure CISSP Mentor Program - Class 92020 FRSecure CISSP Mentor Program - Class 9
2020 FRSecure CISSP Mentor Program - Class 9FRSecure
 
2018 CISSP Mentor Program Session 3
2018 CISSP Mentor Program Session 32018 CISSP Mentor Program Session 3
2018 CISSP Mentor Program Session 3FRSecure
 
Ed McCabe - Putting the Intelligence back in Threat Intelligence
Ed McCabe - Putting the Intelligence back in Threat IntelligenceEd McCabe - Putting the Intelligence back in Threat Intelligence
Ed McCabe - Putting the Intelligence back in Threat Intelligencecentralohioissa
 
Jim Wojno: Incident Response - No Pain, No Gain!
Jim Wojno: Incident Response - No Pain, No Gain!Jim Wojno: Incident Response - No Pain, No Gain!
Jim Wojno: Incident Response - No Pain, No Gain!centralohioissa
 
2019 FRSecure CISSP Mentor Program: Class Three
2019 FRSecure CISSP Mentor Program: Class Three 2019 FRSecure CISSP Mentor Program: Class Three
2019 FRSecure CISSP Mentor Program: Class Three FRSecure
 
2020 FRSecure CISSP Mentor Program - Class 10
2020 FRSecure CISSP Mentor Program - Class 102020 FRSecure CISSP Mentor Program - Class 10
2020 FRSecure CISSP Mentor Program - Class 10FRSecure
 
DEF CON 23 - Wesley McGrew - i hunt penetration testers
DEF CON 23 - Wesley McGrew - i hunt penetration testersDEF CON 23 - Wesley McGrew - i hunt penetration testers
DEF CON 23 - Wesley McGrew - i hunt penetration testersFelipe Prado
 
Open stack security emea launch
Open stack security emea launchOpen stack security emea launch
Open stack security emea launchJoshua McKenty
 
10 Reasons Why You Fix Bugs As Soon As You Find Them
10 Reasons Why You Fix Bugs As Soon As You Find Them10 Reasons Why You Fix Bugs As Soon As You Find Them
10 Reasons Why You Fix Bugs As Soon As You Find ThemRosie Sherry
 
Security and privacy for journalists
Security and privacy for journalistsSecurity and privacy for journalists
Security and privacy for journalistsJillian York
 
Physical Penetration Testing (RootedCON 2015)
Physical Penetration Testing (RootedCON 2015)Physical Penetration Testing (RootedCON 2015)
Physical Penetration Testing (RootedCON 2015)Eduardo Arriols Nuñez
 
How to be come a hacker slide for 2600 laos
How to be come a hacker slide for 2600 laosHow to be come a hacker slide for 2600 laos
How to be come a hacker slide for 2600 laosOuthai SAIOUDOM
 
2020 FRSecure CISSP Mentor Program - Class 11
2020 FRSecure CISSP Mentor Program - Class 112020 FRSecure CISSP Mentor Program - Class 11
2020 FRSecure CISSP Mentor Program - Class 11FRSecure
 
Module5 desktop-laptop-security-b
Module5 desktop-laptop-security-bModule5 desktop-laptop-security-b
Module5 desktop-laptop-security-bBbAOC
 

Mais procurados (20)

Pen-testing is Dead?
Pen-testing is Dead?Pen-testing is Dead?
Pen-testing is Dead?
 
KISSPatent open source presentation
KISSPatent open source presentationKISSPatent open source presentation
KISSPatent open source presentation
 
The Cyber Threat Intelligence Matrix: Taking the attacker eviction red pill
The Cyber Threat Intelligence Matrix: Taking the attacker eviction red pillThe Cyber Threat Intelligence Matrix: Taking the attacker eviction red pill
The Cyber Threat Intelligence Matrix: Taking the attacker eviction red pill
 
Human is an amateur; the monkey is an expert. How to stop trying to secure yo...
Human is an amateur; the monkey is an expert. How to stop trying to secure yo...Human is an amateur; the monkey is an expert. How to stop trying to secure yo...
Human is an amateur; the monkey is an expert. How to stop trying to secure yo...
 
2020 FRSecure CISSP Mentor Program - Class 9
2020 FRSecure CISSP Mentor Program - Class 92020 FRSecure CISSP Mentor Program - Class 9
2020 FRSecure CISSP Mentor Program - Class 9
 
2018 CISSP Mentor Program Session 3
2018 CISSP Mentor Program Session 32018 CISSP Mentor Program Session 3
2018 CISSP Mentor Program Session 3
 
Ed McCabe - Putting the Intelligence back in Threat Intelligence
Ed McCabe - Putting the Intelligence back in Threat IntelligenceEd McCabe - Putting the Intelligence back in Threat Intelligence
Ed McCabe - Putting the Intelligence back in Threat Intelligence
 
PHP-IDS
PHP-IDSPHP-IDS
PHP-IDS
 
Jim Wojno: Incident Response - No Pain, No Gain!
Jim Wojno: Incident Response - No Pain, No Gain!Jim Wojno: Incident Response - No Pain, No Gain!
Jim Wojno: Incident Response - No Pain, No Gain!
 
2019 FRSecure CISSP Mentor Program: Class Three
2019 FRSecure CISSP Mentor Program: Class Three 2019 FRSecure CISSP Mentor Program: Class Three
2019 FRSecure CISSP Mentor Program: Class Three
 
2020 FRSecure CISSP Mentor Program - Class 10
2020 FRSecure CISSP Mentor Program - Class 102020 FRSecure CISSP Mentor Program - Class 10
2020 FRSecure CISSP Mentor Program - Class 10
 
DEF CON 23 - Wesley McGrew - i hunt penetration testers
DEF CON 23 - Wesley McGrew - i hunt penetration testersDEF CON 23 - Wesley McGrew - i hunt penetration testers
DEF CON 23 - Wesley McGrew - i hunt penetration testers
 
Open stack security emea launch
Open stack security emea launchOpen stack security emea launch
Open stack security emea launch
 
Cf.Objective.2009
Cf.Objective.2009Cf.Objective.2009
Cf.Objective.2009
 
10 Reasons Why You Fix Bugs As Soon As You Find Them
10 Reasons Why You Fix Bugs As Soon As You Find Them10 Reasons Why You Fix Bugs As Soon As You Find Them
10 Reasons Why You Fix Bugs As Soon As You Find Them
 
Security and privacy for journalists
Security and privacy for journalistsSecurity and privacy for journalists
Security and privacy for journalists
 
Physical Penetration Testing (RootedCON 2015)
Physical Penetration Testing (RootedCON 2015)Physical Penetration Testing (RootedCON 2015)
Physical Penetration Testing (RootedCON 2015)
 
How to be come a hacker slide for 2600 laos
How to be come a hacker slide for 2600 laosHow to be come a hacker slide for 2600 laos
How to be come a hacker slide for 2600 laos
 
2020 FRSecure CISSP Mentor Program - Class 11
2020 FRSecure CISSP Mentor Program - Class 112020 FRSecure CISSP Mentor Program - Class 11
2020 FRSecure CISSP Mentor Program - Class 11
 
Module5 desktop-laptop-security-b
Module5 desktop-laptop-security-bModule5 desktop-laptop-security-b
Module5 desktop-laptop-security-b
 

Semelhante a Developing Software with Security in Mind

Chapter 5Overview of SecurityTechnologiesWe can’t h
Chapter 5Overview of SecurityTechnologiesWe can’t hChapter 5Overview of SecurityTechnologiesWe can’t h
Chapter 5Overview of SecurityTechnologiesWe can’t hWilheminaRossi174
 
Intro to INFOSEC
Intro to INFOSECIntro to INFOSEC
Intro to INFOSECSean Whalen
 
So... you want to be a security consultant
So... you want to be a security consultant So... you want to be a security consultant
So... you want to be a security consultant abnmi
 
Stackfield Cloud Security 101
Stackfield Cloud Security 101Stackfield Cloud Security 101
Stackfield Cloud Security 101Stackfield
 
Introduction to Cybersecurity | IIT(BHU)CyberSec
Introduction to Cybersecurity | IIT(BHU)CyberSecIntroduction to Cybersecurity | IIT(BHU)CyberSec
Introduction to Cybersecurity | IIT(BHU)CyberSecYashSomalkar
 
Security vulnerabilities for grown ups - GOTOcon 2012
Security vulnerabilities for grown ups - GOTOcon 2012Security vulnerabilities for grown ups - GOTOcon 2012
Security vulnerabilities for grown ups - GOTOcon 2012Vitaly Osipov
 
Nick Drage & Fraser Scott - Epic battle devops vs security
Nick Drage & Fraser Scott - Epic battle devops vs securityNick Drage & Fraser Scott - Epic battle devops vs security
Nick Drage & Fraser Scott - Epic battle devops vs securityDevSecCon
 
5 Ways to Protect your Mobile Security
5 Ways to Protect your Mobile Security5 Ways to Protect your Mobile Security
5 Ways to Protect your Mobile SecurityLookout
 
Survey Presentation About Application Security
Survey Presentation About Application SecuritySurvey Presentation About Application Security
Survey Presentation About Application SecurityNicholas Davis
 
Гірка правда про безпеку програмного забезпечення, Володимир Стиран
Гірка правда про безпеку програмного забезпечення, Володимир СтиранГірка правда про безпеку програмного забезпечення, Володимир Стиран
Гірка правда про безпеку програмного забезпечення, Володимир СтиранSigma Software
 
Vulnerability Analyst interview Questions.pdf
Vulnerability Analyst interview Questions.pdfVulnerability Analyst interview Questions.pdf
Vulnerability Analyst interview Questions.pdfinfosec train
 
Elastix network security guide
Elastix network security guideElastix network security guide
Elastix network security guideCristian Calderon
 
PROJECT DRAFTINTRODUCTIONINTRODUCE COMPANY – WHAT IS THE COM.docx
PROJECT DRAFTINTRODUCTIONINTRODUCE COMPANY – WHAT IS THE COM.docxPROJECT DRAFTINTRODUCTIONINTRODUCE COMPANY – WHAT IS THE COM.docx
PROJECT DRAFTINTRODUCTIONINTRODUCE COMPANY – WHAT IS THE COM.docxwoodruffeloisa
 
Slides to the online event "Creating an effective cybersecurity strategy" by ...
Slides to the online event "Creating an effective cybersecurity strategy" by ...Slides to the online event "Creating an effective cybersecurity strategy" by ...
Slides to the online event "Creating an effective cybersecurity strategy" by ...Berezha Security Group
 
Cybersecurity Awareness E-Book - WeSecureApp
Cybersecurity Awareness E-Book - WeSecureAppCybersecurity Awareness E-Book - WeSecureApp
Cybersecurity Awareness E-Book - WeSecureAppWeSecureApp
 
Intro to-ssdl--lone-star-php-2013
Intro to-ssdl--lone-star-php-2013Intro to-ssdl--lone-star-php-2013
Intro to-ssdl--lone-star-php-2013nanderoo
 
Are you ready for the next attack? Reviewing the SP Security Checklist
Are you ready for the next attack? Reviewing the SP Security ChecklistAre you ready for the next attack? Reviewing the SP Security Checklist
Are you ready for the next attack? Reviewing the SP Security ChecklistMyNOG
 
Data Privacy for Activists
Data Privacy for ActivistsData Privacy for Activists
Data Privacy for ActivistsGreg Stromire
 
New text document
New text documentNew text document
New text documentsleucwnq
 

Semelhante a Developing Software with Security in Mind (20)

Chapter 5Overview of SecurityTechnologiesWe can’t h
Chapter 5Overview of SecurityTechnologiesWe can’t hChapter 5Overview of SecurityTechnologiesWe can’t h
Chapter 5Overview of SecurityTechnologiesWe can’t h
 
Intro to INFOSEC
Intro to INFOSECIntro to INFOSEC
Intro to INFOSEC
 
So... you want to be a security consultant
So... you want to be a security consultant So... you want to be a security consultant
So... you want to be a security consultant
 
Stackfield Cloud Security 101
Stackfield Cloud Security 101Stackfield Cloud Security 101
Stackfield Cloud Security 101
 
Bulletproof IT Security
Bulletproof IT SecurityBulletproof IT Security
Bulletproof IT Security
 
Introduction to Cybersecurity | IIT(BHU)CyberSec
Introduction to Cybersecurity | IIT(BHU)CyberSecIntroduction to Cybersecurity | IIT(BHU)CyberSec
Introduction to Cybersecurity | IIT(BHU)CyberSec
 
Security vulnerabilities for grown ups - GOTOcon 2012
Security vulnerabilities for grown ups - GOTOcon 2012Security vulnerabilities for grown ups - GOTOcon 2012
Security vulnerabilities for grown ups - GOTOcon 2012
 
Nick Drage & Fraser Scott - Epic battle devops vs security
Nick Drage & Fraser Scott - Epic battle devops vs securityNick Drage & Fraser Scott - Epic battle devops vs security
Nick Drage & Fraser Scott - Epic battle devops vs security
 
5 Ways to Protect your Mobile Security
5 Ways to Protect your Mobile Security5 Ways to Protect your Mobile Security
5 Ways to Protect your Mobile Security
 
Survey Presentation About Application Security
Survey Presentation About Application SecuritySurvey Presentation About Application Security
Survey Presentation About Application Security
 
Гірка правда про безпеку програмного забезпечення, Володимир Стиран
Гірка правда про безпеку програмного забезпечення, Володимир СтиранГірка правда про безпеку програмного забезпечення, Володимир Стиран
Гірка правда про безпеку програмного забезпечення, Володимир Стиран
 
Vulnerability Analyst interview Questions.pdf
Vulnerability Analyst interview Questions.pdfVulnerability Analyst interview Questions.pdf
Vulnerability Analyst interview Questions.pdf
 
Elastix network security guide
Elastix network security guideElastix network security guide
Elastix network security guide
 
PROJECT DRAFTINTRODUCTIONINTRODUCE COMPANY – WHAT IS THE COM.docx
PROJECT DRAFTINTRODUCTIONINTRODUCE COMPANY – WHAT IS THE COM.docxPROJECT DRAFTINTRODUCTIONINTRODUCE COMPANY – WHAT IS THE COM.docx
PROJECT DRAFTINTRODUCTIONINTRODUCE COMPANY – WHAT IS THE COM.docx
 
Slides to the online event "Creating an effective cybersecurity strategy" by ...
Slides to the online event "Creating an effective cybersecurity strategy" by ...Slides to the online event "Creating an effective cybersecurity strategy" by ...
Slides to the online event "Creating an effective cybersecurity strategy" by ...
 
Cybersecurity Awareness E-Book - WeSecureApp
Cybersecurity Awareness E-Book - WeSecureAppCybersecurity Awareness E-Book - WeSecureApp
Cybersecurity Awareness E-Book - WeSecureApp
 
Intro to-ssdl--lone-star-php-2013
Intro to-ssdl--lone-star-php-2013Intro to-ssdl--lone-star-php-2013
Intro to-ssdl--lone-star-php-2013
 
Are you ready for the next attack? Reviewing the SP Security Checklist
Are you ready for the next attack? Reviewing the SP Security ChecklistAre you ready for the next attack? Reviewing the SP Security Checklist
Are you ready for the next attack? Reviewing the SP Security Checklist
 
Data Privacy for Activists
Data Privacy for ActivistsData Privacy for Activists
Data Privacy for Activists
 
New text document
New text documentNew text document
New text document
 

Último

Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Zilliz
 
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelMcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelDeepika Singh
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusZilliz
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfOrbitshub
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityWSO2
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...apidays
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Orbitshub
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWERMadyBayot
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingEdi Saputra
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxRemote DBA Services
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistandanishmna97
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businesspanagenda
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...apidays
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxRustici Software
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native ApplicationsWSO2
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Angeliki Cooney
 

Último (20)

Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)
 
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelMcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering Developers
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital Adaptability
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptx
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
 

Developing Software with Security in Mind

  • 1. Developing Software with Security in Mind Scott Blomquist CTO, Vidoop
  • 2.
  • 3.
  • 4.
  • 5.
  • 6.
  • 7.
  • 8.
  • 9.
  • 10.
  • 11.
  • 12.
  • 13.
  • 14.
  • 15.
  • 16.
  • 17.
  • 18.
  • 19.
  • 20.
  • 21.
  • 22.
  • 23.
  • 24.