Sign up to save your podcasts
Or
Share Web Development, Security Scanner, Private Keys, and more
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Web Development, Security Scanner, Private Keys, and more
1. Post-Spectre Web Development
The web is changing, and we must adapt our threat model and our mitigations across the board to prepare for future attacks.
2. The security scanner that cried wolf
Keep your eyes focused on the results of your container scanners and use additional tools besides trivy to scan for vulnerabilities in your workloads.
3. Understanding Private Keys
While we don’t recommend that you dig into the depths of crypto, a software engineer should understand how crypto works at a high-level.
4. ShellCheck - A shell script static analysis tool
Use static analysis tools against all the things, shell scripts included!
5. Alyssa Miller -- Bringing security to DevOps and the CI/CD pipeline
DevOps is here to stay – let’s embrace DevOps + security is standard operating procedure.
View all episodes
By Security Journey1. Post-Spectre Web Development
The web is changing, and we must adapt our threat model and our mitigations across the board to prepare for future attacks.
2. The security scanner that cried wolf
Keep your eyes focused on the results of your container scanners and use additional tools besides trivy to scan for vulnerabilities in your workloads.
3. Understanding Private Keys
While we don’t recommend that you dig into the depths of crypto, a software engineer should understand how crypto works at a high-level.
4. ShellCheck - A shell script static analysis tool
Use static analysis tools against all the things, shell scripts included!
5. Alyssa Miller -- Bringing security to DevOps and the CI/CD pipeline
DevOps is here to stay – let’s embrace DevOps + security is standard operating procedure.