Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Engineering Better Security at Facebook

nullcon via YouTube

Overview

Explore a comprehensive conference talk from nullcon Goa 2017 on engineering better security practices at Facebook. Delve into real-world security issues, vulnerability prevention, and detection techniques. Learn how Facebook empowers engineers to write more secure code through innovative tooling. Discover insights on the software development lifecycle, PHP, Hack, asynchronous functions, cross-site scripting, code abuse prevention, and code review processes. Examine linting techniques, Harold Rules, and production security measures. Investigate TLS, Certificate Transparency, and its practical applications. Gain valuable knowledge on scaling security efforts, managing false positives, and implementing effective security programs in large-scale environments. Benefit from the expertise of Karen Sittig, a Software Engineer at Facebook with a strong background in applied machine learning for security applications.

Syllabus

Introduction
About Karen
Software Development Lifecycle
PHP
Hack
Asynchronous function
Asynchronous call
Crosssite scripting
XHT
HTML
Example
Code Abuse
Code Reviews
linting
subscribe
Harold Rules
stuffing in production
Buzzers
Spring Deserialization
Head
TLS
Certificate Transparency
Certificate Transparency Example
Recap
Writing your code
Code review
Certificate transparency program
How do you scale
Rate of false positives
How far do we go
Herald Rules

Taught by

nullcon

Reviews

Start your review of Engineering Better Security at Facebook

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.