Go Time: Golang, Software Engineering

Security for Gophers

Listen Later

Mat, Filippo, Johan, and Roberto discuss security in Go. Does Go make it easy to secure your code? What common mistakes are Gophers making? What is fuzzing? How can attackers abuse your code if you use the default http mux?

Join the discussion

Changelog++ members support our work, get closer to the metal, and make the ads disappear. Join today!

Sponsors:

  • KubeCon + CloudNativeCon – The Cloud Native Computing Foundation’s flagship Kubernetes community conference which gathers adopters and technologists from leading open source and cloud native communities. Learn more and register — get 10% off with the code KCNACHANGELOG19 Feel free to use the Convince Your Boss letter in part or in full so you can your team can attend.
  • TeamCity by JetBrains – Build and release your software faster with TeamCity — a self-hosted continuous integration and delivery server developed by JetBrains. TeamCity is super-smart at running incremental builds, reusing artifacts, and building only what needs to be built, which can save over 30% of the daily build time. Learn more at teamcity.com/gotime.
  • LinodeOur cloud server of choice. Deploy a fast, efficient, native SSD cloud server for only $5/month. Get 4 months free using the code changelog2019. Start your server - head to linode.com/changelog.
  • FastlyOur bandwidth partner. Fastly powers fast, secure, and scalable digital experiences. Move beyond your content delivery network to their powerful edge cloud platform. Learn more at fastly.com.

    • Featuring:

    • Filippo Valsorda – Website, GitHub, Mastodon, X
    • Johan Brandhorst – Website, GitHub, X
    • Roberto Clapis – GitHub, X
    • Mat Ryer – Website, GitHub, LinkedIn, X

    Show Notes:

    • Go Playground example #1 - this demonstrates the sql safety pattern that Roberto mentions in the episode.
    • Go Playground example #2 - this demonstrates the stringer pattern mentioned by Roberto to avoid printing passwords out in logs.
    • go-fuzz package - a package for generating random inputs for your code.
    • So you want to expose Go on the Internet - although this needs updating, it was written by Filippo to help others tackle the challenge of securely exposing Go services to the internet.

      • Something missing or broken? PRs welcome!

      ...more
      View all episodesView all episodes
      Download on the App Store
      Go Time: Golang, Software EngineeringBy Changelog Media
      • 4.6
      • 4.6
      • 4.6
      • 4.6
      • 4.6

      4.6

      128 ratings

      More shows like Go Time: Golang, Software Engineering

      View all
      The Changelog: Software Development, Open Source by Changelog Media

      The Changelog: Software Development, Open Source

      289 Listeners

      Accidental Tech Podcast by Marco Arment, Casey Liss, John Siracusa

      Accidental Tech Podcast

      2,139 Listeners

      Syntax - Tasty Web Development Treats by Wes Bos & Scott Tolinski - Full Stack JavaScript Web Developers

      Syntax - Tasty Web Development Treats

      987 Listeners

      Kubernetes Podcast from Google by Abdel Sghiouar, Kaslin Fields

      Kubernetes Podcast from Google

      181 Listeners

      Huberman Lab by Scicomm Media

      Huberman Lab

      29,178 Listeners

      go podcast() by Dominic St-Pierre

      go podcast()

      6 Listeners

      Fallthrough by Fallthrough Media

      Fallthrough

      13 Listeners