December 12, 2021

The weakest link: why all software needs security?

During this episode we will go over common security breaches where the weakest service/software were exploited, why all components of a system should get their share of security evaluation, and why secure software design and coding are important for developers on all stacks.

Guests

Notes

0:00:00 - Intro and welcoming.

0:07:00 - Exciting security news: Log4j zero-day exploit meltdown.

0:13:00 - Java Naming and Directory Interface (JNDI).

0:16:00 - A brief introduction of security from your perspective?

0:22:00 - What are the software/system aspects that are more critically in need for security?

0:32:00 - The weakest links for system security: Physical security.

0:42:00 - The weakest links for system security: Network security.

0:49:00 - The weakest links for system security: Employees.

0:59:00 - Stuxnet, where employees contribute to getting malware to the org.

1:02:00 - Social engineering attack: FB & Google fraud attack.

1:04:00 - Small satellite apps: FBI website hack, ~100k email sent from a legit fbi.org email address.

1:35:00 - Secure coding principles for developers

1:45:00 - Securing small systems (usually considered irrelevant systems)

1:54:00 - How to secure frontend?

2:00:00 - How to make sure employees/developers machines are secure?

2:09:00 - How to manage secrets

2:28:00 - Wrap up and Goodbye

Links

Prepared and Presented by