00:00 – Welcome! 00:11 – Writing code for CTFs (secure and intentionally insecure) 00:43 – Agenda 00:57 – Example: vulnerable nodejs application 02:12 – Example: php 03:25 – Example: python 04:54 – Example: C 06:25 – Example: php password strcmp 09:06 – Example: python yaml configuration 10:19 – Why secure…
…Introduction to Industrial Control Systems Secure Software Development DD-WRL-003 (OPM 621) Foundational Application Security Training Secure Systems Development Enterprise Architecture Cybersecurity Architecture Infrastructure Support DD-WRL-004, DD-WRL-002, DD-WRL-001, PD-WRL-004 (OPM 631 651 652 521) Active Directory Security and Hardening Software Security Assessment (OPM 622) Hacking Active Directory Systems Administration Defensive Cybersecurity…
…And it was amazing. As part of that incident, we should have secured that area first for that type of thing to not happen, but we maybe should have told them to stay away, which we did from that point on. But the point is, we didn’t secure the area,…
…are very insecure. The, the smart people that I’ve come, up and have met in my life, when you ask them a question about why I don’t understand your logic, they go, that’s a great question. And, you mentioned how we can feel a little insecure about asking that question…
…consistently talk about, is it, is the secure system that you’re designing performant and is it also resilient and that that comes into the S3 conversation as well when we talk about multi region data replication or potentially what happens when you have like an issue with an availability zone…
…falling all over itself. And it was like corrupting data all the time. So it’s terrible. And just another example of a piece of secure piece of software in general. that’s Complicated, unintuitive, little to no documentation of how to work it or set it up and just given to…
…well, how did we defend against this type of attack? And so, some advice I have on the defense. There are obviously two different areas where we need to defend. We need to secure the humans, and we do that through the security awareness training, and we need to secure…
…ago, and I like this slide just because it makes me smile. we have Hackerman, and we also have this horrible scene with these two people trying to secure their networks by typing on the, same keyboard at the same time. Once again, I’m sure there’s a joke there, I’m…
…value of practical experience and the opportunity to learn from mistakes in a secure environment. The importance of scripting and programming in security careers is underscored, with Python and Bash being recommended as essential skills. Full Video https://youtu.be/Uv-AfK7PkxU?si=Rcd_SPqnHYcA25V- Transcript John I’m sorry. I sound like a smoker. Everybody, as we…
…There is a secure delete command called shred. Shred overwrites the file content with random data before removing the file. Shred u means overwrite and then unlink the file. It’s like the secure delete version of rm. and if people use shred to delete their files, eh, it makes my…
