Completed
Avoid old tutorials on encryption scott/e9319254c8ecbad4f227
Class Central Classrooms beta
YouTube videos curated by Class Central.
Classroom Contents
Security Theatre
Automatically move to the next video in the Classroom when playback concludes
- 1 Intro
- 2 Security Theatre @thomas_shone
- 3 Denial
- 4 Internet of Things
- 5 SAMSUNG
- 6 Most popular software It's not what you think
- 7 OpenX Backdoored for almost a year
- 8 Versioning Projects with bad versioning also have some of the worst security issues
- 9 Automatic Patching If your software comes with automatic upgrading, people will use it
- 10 Plugins and Templates If an update needs manual changes for plugins or template, no one updates
- 11 The hardest part of security is not writing secure code
- 12 without vulnerability Vulnerability research and security updates
- 13 I trust that the network is configured properly and secure Good system administrators
- 14 I trust you are who you say you are TLS Certificate Peer Verification or Authentication
- 15 I trust your computer is not compromised ????
- 16 I trust that the user won't be the weak link Training and procedures
- 17 Weakening Compromising encryption or hashing is about reducing time to crack
- 18 Implementation A bad implementation helps reduce the time to crack
- 19 2 Factor Authentication composer require pragmarx/google2fa
- 20 Avoid old tutorials on encryption scott/e9319254c8ecbad4f227
- 21 One way encoding Comparisons / Integrity Checks
- 22 Timing Attacks Brute forcing cryptographic functions via time taken to execute
- 23 is critical in encryption Used for key generation and nonces
- 24 Weak password reset processes Can you Google the answer? How do you handle customer support reset?
- 25 Patching Strategy If a dependency prevents updating, resolve it now
- 26 Don't become comfortable Comfort breeds contempt
- 27 Training Strategy Have a process for dealing with account locks and resets
- 28 Compromise Strategy Have a plan before you need it
- 29 Information
- 30 Decouple roles Databases, servers, domains, roles, ...
- 31 Get behind PSR-9 & 10
- 32 Group Performance