Fuck, Marry, Kill?

@defcon @programmerhumor #devsec #devops #progtamming #coding #typescrup #rust #rustlang #golang @TypeScript @rust @golang

So I'm working my way though a #Google tutorial about how to access Google services (specifically #GoogleMaps in this case) from a web application. Their advice, without so much as a warning or an asterisk, is to put the API keys directly into the application source code.

In what may be something of a David vs Goliath scale counter-argument, my advice is

F^&*ING DON'T

#dev #DevLife #DevSec #DevSecOps #Facepalm

Who in the InfoSec space has experience specifically with security-developer centric education content (ex: teaching people pwntools or how to write metasploit modules)? This includes writing books, online courses, screenchasts, trainings. What is the market/demand/interest like? How much initial investment is necessary? How long does it take for people to discover your content? Is it a "if you build it, they will come" kind of thing? How much free content vs. paid content?
#infosec #devsec #education #trainings

Já conferiu meu blog?
Trago artigos sobre desenvolvimento web e backend, arquitetura de software, cyber segurança, DevSec e outros assuntos!

#Blog #Tecnologia #DevSec #Desenvolvimento #FullStack #InfoSec #CyberSecurity

https://blog.lfrigodesouza.net/?utm_medium=social_media&utm_source=twitter

Já conferiu meu blog?
Trago artigos sobre desenvolvimento web e backend, arquitetura de software, cyber segurança, DevSec e outros assuntos!

#Blog #Tecnologia #DevSec #Desenvolvimento #FullStack #InfoSec #CyberSecurity

https://blog.lfrigodesouza.net/?utm_medium=social_media&utm_source=twitter

I'm not an InfoSec expert, but I do take privacy and security very seriously. I'm curious about what my peers in the field are using for their personal daily drivers as far as software. For me, it's Skiff and Bitwarden, but I haven't landed on a favorite VPN service yet. I'm still shopping around and open to recommendations. What are your favorite secure (and opensource) productivity tools? https://app.skiff.com/signup?mail&referral=robmoore #infosec #secops #devsec #security #privacy #FOSS #productivity

Piątek, piąteczek. Jak dużo ostatnio prymitywnych flood'ów i naruszeń. Pamiętajmy o prawidłowej klasyfikacji zagrożeń, odpowiednim raportowaniu, dokumentowaniu, analizie i zgłaszaniu incydentów wedle sporządzonych wcześniej procedur!

https://blog.qrator.net/en/q3-2022-ddos-attacks-and-bgp-incidents_158/

https://incydent.cert.pl/#!/lang=pl

#cybersecurity #security #flood #netscout #arbor #ddos #antyddos #devsec