Black Friday 2024: 25+ Ways to Save on Online Learning

Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Think Like a Hacker

GOTO Conferences via YouTube

Start learning Write review

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Grab it
Explore the mindset of a hacker in this insightful conference talk from GOTO Berlin 2019. Delve into the world of cybersecurity as Matt Brunt, a Dungeon Master, Code Tinkerer, and Cybersecurity Pro, shares valuable insights on protecting your systems by understanding attack strategies. Learn about different types of hackers, their motivations, and what makes organizations attractive targets. Discover practical steps to reduce security risks, including embedding security considerations throughout project workflows, limiting access, proper data storage practices, and implementing HTTPS. Gain knowledge on avoiding common pitfalls like trusting user input, reusing passwords, and neglecting package updates. Understand the importance of curiosity in identifying vulnerabilities and the principle of least privilege. Cover essential topics such as encryption, password hashing, and the OWASP Top Ten. Leave with a comprehensive understanding of how to think like a hacker to better secure your systems and data.

Syllabus

Intro
Black hat: hacker doing evil White hat: hacker doing good Grey hat: hacker hacking
Why do they do it?
Financial gain Reputation Corporate reasons
What makes you a target?
Popularity Politics & perspective People Pot-luck
What can you do to start reducing risk?
No magic solution
Embed security considerations into the whole project workflow
It is every developers responsibility
The people problem
Limit who has access to what
Where is your data stored?
Who are the third parties you trust with
You can't lose what you don't have
HTTPS all the things
Check your repos for secrets
Check your public sites for secrets
Curiosity "what if..."
Don't trust user input
I'd like to be removed from the mailing list please
Use prepared statements
Don't trust data
Broken access control
Don't trust users input
Broken authentication
Don't re-use passwords
Don't allow your users to re-use passwords
pwned passwords API
Use Multi Factor Authentication
What packages do you trust in your application?
Keep them up-to-date
You have more surface area than you might think
Mistakes will happen
Evaluate who you trust with data Security at all stages of the project Principle of least privilege Encrypt data in transit and at rest Check for public secrets Don't trust users & input Hash passwords properly Ensure your components aren't vulnerable OWASP Top Ten
Always be curious

Taught by

GOTO Conferences

Reviews

Start your review of Think Like a Hacker

Start learning

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free
Someone learning on their laptop while sitting on the floor.