Completed
You can't lose what you don't have
Class Central Classrooms beta
YouTube videos curated by Class Central.
Classroom Contents
Think Like a Hacker
Automatically move to the next video in the Classroom when playback concludes
- 1 Intro
- 2 Black hat: hacker doing evil White hat: hacker doing good Grey hat: hacker hacking
- 3 Why do they do it?
- 4 Financial gain Reputation Corporate reasons
- 5 What makes you a target?
- 6 Popularity Politics & perspective People Pot-luck
- 7 What can you do to start reducing risk?
- 8 No magic solution
- 9 Embed security considerations into the whole project workflow
- 10 It is every developers responsibility
- 11 The people problem
- 12 Limit who has access to what
- 13 Where is your data stored?
- 14 Who are the third parties you trust with
- 15 You can't lose what you don't have
- 16 HTTPS all the things
- 17 Check your repos for secrets
- 18 Check your public sites for secrets
- 19 Curiosity "what if..."
- 20 Don't trust user input
- 21 I'd like to be removed from the mailing list please
- 22 Use prepared statements
- 23 Don't trust data
- 24 Broken access control
- 25 Don't trust users input
- 26 Broken authentication
- 27 Don't re-use passwords
- 28 Don't allow your users to re-use passwords
- 29 pwned passwords API
- 30 Use Multi Factor Authentication
- 31 What packages do you trust in your application?
- 32 Keep them up-to-date
- 33 You have more surface area than you might think
- 34 Mistakes will happen
- 35 Evaluate who you trust with data Security at all stages of the project Principle of least privilege Encrypt data in transit and at rest Check for public secrets Don't trust users & input Hash passwor…
- 36 Always be curious