Working on finding CVEs in some firmware I dumped, and I found this gem in the source code.
#LOL #CyberSecurity #SecureCode

@xyhhx I have used Secure code warrior before https://www.securecodewarrior.com/ which shows fake code reviews with vulnerable code and you have to find it and fix it.

I know a lot of people (myself included) that have found it useful to learn via this method!

Hope it helps! #securecode #securecodewarrior

Just came across this again https://github.com/kelseyhightower/nocode @kelseyhightower is a genius for making this 😂 I chuckle every time I see it #securecode

This is excellent news! GitHub is now providing secrets scanning for free for everyone! #WootWoot #GitHub #SecretScanning #SecureCode https://thehackernews.com/2022/12/github-announces-free-secret-scanning.html

Writing #securecode for your own project/product is like driving on the highway; you can be the best driver on the planet to try and avoid an accident, but it's all the other assholes you have to worry about!

G'day! I'm Jakob and I'm an Application Security guy from Australia.

I spend most of my work life thinking about software security, be it #Pentesting, #SecureCode, #CloudArchitecture, or helping orgs establish #AppSec programs. I also teach secure software development at the University of South Australia.

Outside of work, I'm a runner, cyclist, woodworker, gamer and an average cook. Above all else, I like to learn and share what I'm learning!

#introduction

G'day! I'm Jakob and I'm an Application Security guy from Australia.

I spend most of my work life thinking about software security, be it #Pentesting, #SecureCode, #CloudArchitecture, or helping orgs establish #AppSec programs. I also teach secure software development at the University of South Australia.

Outside of work, I'm a runner, cyclist, woodworker, and an average cook. Above all else, I like to learn and share what I'm learning!

#introduction

RT SonarSource
SAST analysis done right
SonarSource raises injection vulnerabilities and other bugs and security flaws in your PRs so you can merge with confidence.
#GitHubUniverseSponsor #GitHubUniverse #securecode #Security #CyberSecurity
https://sonarcloud.io/github

:sys_twitter: https://twitter.com/SonarSource/status/1337445793721057280

RT SonarSource
SonarSource's fast, accurate analysis empowers developers to own Code Security.
Continuous feedback and clear remediation advice help you fix vulnerabilities and learn security best practices.
#GitHubUniverseSponsor #GitHubUniverse #securecode #Security
https://githubuniverse.com/sponsors/sonarsource/

:sys_twitter: https://twitter.com/SonarSource/status/1336746835675930625