报告预览

Security Does Not Need To Be Fun_ Ignoring OWASP To Have A Terrible Time - Dwayne McDaniel - CNCF 2023.pptx

编号：140615

PPTX 72页 36.43MB 下载积分：VIP专享

下载报告请您先登录！

Security Does Not Need To Be Fun_ Ignoring OWASP To Have A Terrible Time - Dwayne McDaniel - CNCF 2023.pptx

1、mcdwaynemcdwayneSecurity Does Not Need To Be Fun:Ignoring OWASP To Have A Terrible TimemcdwaynemcdwayneHi,Im DwayneDwayne McDaniel I live in Chicago Ive been a Developer Advocate since 2016 On Twitter mcdwayne Happy to chat about anything,hit me up Besides tech,I love improv,karaoke and going to roc

2、k and roll shows!mcdwayneAbout GitGuardianGitGuardian is the code security platform for the DevOps generation.With automated secrets detection and remediation,our platform enables Dev,Sec,and Ops to advance together towards the Secure Software Development Lifecycle.mcdwaynemcdwayneWhat Does Good Sec

3、urity Look Like?mcdwaynemcdwaynemcdwaynemcdwaynemcdwaynemcdwaynemcdwaynemcdwaynemcdwaynemcdwayneAll Technology Has Human CostsmcdwaynemcdwayneWhat Does Bad Security Look Like?mcdwaynemcdwayne“All happy families are alike;each unhappy family is unhappy in its own way.”Leo Tolstoy,Anna Kareninamcdwayn

4、emcdwayneA Few Unhappy Families CompaniesApache Log4Shell CVE-2021-44228Reported:24 November 2021-Had existed since 2013Log4J allowed requests to arbitrary LDAP and JNDI servers,which in turn could execute any code,including opening interactive shells.Impacted over 44%of corporate networks worldwide

5、.Top Companies With Products Affected Include:Adobe,Cisco,AWS,Broadcom,IBM,Okta,VMwaremcdwaynemcdwayneA Few Unhappy Families CompaniesUber Reported:15 Sept,2022Teenager from the Lapsus$hacking group phished login info from a super adminImmediately discovered access credentials hardcoded in PowerShel

6、l scripts that allowed pwnageReported first in the New York TimesmcdwaynemcdwayneCircleCIReported:4 January 2023An unauthorized third party leveraged malware deployed to a CircleCI engineers laptop in order to steal a valid,2FA-backed SSO session.Attackers ultimately gained access to many customers

友情提示

1、下载报告失败解决办法
2、PDF文件下载后，可能会被浏览器默认打开，此种情况可以点击浏览器菜单，保存网页到桌面，就可以正常下载了。
3、本站不支持迅雷下载，请使用电脑自带的IE浏览器，或者360浏览器、谷歌浏览器下载即可。
4、本站报告下载后的文档和图纸-无水印,预览文档经过压缩，下载后原文更清晰。

本文（Security Does Not Need To Be Fun_ Ignoring OWASP To Have A Terrible Time - Dwayne McDaniel - CNCF 2023.pptx）为本站（2200）主动上传，三个皮匠报告文库仅提供信息存储空间，仅对用户上传内容的表现方式做保护处理，对上载内容本身不做任何修改或编辑。若此文所含内容侵犯了您的版权或隐私，请立即通知三个皮匠报告文库（点击联系客服），我们立即给予删除！

温馨提示：如果因为网速或其他原因下载失败请重新下载，重复下载不扣分。