Write Secure* Apps - (*more-secure)
Slides and links from 2018 Experts Series talk on Application Security at Lighthouse Labs - Vancouver, Canada
Links from video…
Common types of attack:
SANS top-25 software security errors
3 categories
Software Error Category: Insecure Interaction Between Components
(6 errors)Software Error Category: Risky Resource Management
(8 errors)
Software Error Category: Porous Defenses
(11 errors)
Fun Hints From The Trenches
Beware of angry insiders: Paine Webber | Don’t over-trust your infra vendor | Update your knowledge | Don’t be sloppy | Some errors are irrecoverable | Cloud Vendor lock-in is still lock-in
References
SANS software errors | SANS Posters | Mozilla Rapid Risk Assessment | OWASP HTML5 security cheat sheet | Rapid 7 Security Fundamentals | SANS infosec reading room | Cyberedge Group 2018 Cyberthreat Report
More about Morgane
Morgane Oger
Lead Consultant
RO IT Systems
170-422 Richards Street
Vancouver, BC V6B 2Z4
@MorganeOgerBC