Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Security survival skills (for the adventurous d...

Sponsored · Ship Features Fearlessly Turn features on and off without deploys. Used by thousands of Ruby developers.
Avatar for Laura Bell Laura Bell
April 24, 2015
Technology
120
0

Security survival skills (for the adventurous developer)

Avatar for Laura Bell

Laura Bell

April 24, 2015

More Decks by Laura Bell

See All by Laura Bell
DIY security for the amateur superhero
Avatar for Laura Bell ladynerd
0
290
Hackcon 11 - Protecting our people
Avatar for Laura Bell ladynerd
0
250
Security in a container based world
Avatar for Laura Bell ladynerd
0
160
Securing Microservice Architectures
Avatar for Laura Bell ladynerd
2
370
Better Connected
Avatar for Laura Bell ladynerd
0
82
Continuous Security
Avatar for Laura Bell ladynerd
3
1.2k
Automated Human Vulnerability Scanning with AVA
Avatar for Laura Bell ladynerd
3
2.7k
Blindsided by security
Avatar for Laura Bell ladynerd
0
140
Practical tools for privacy audit
Avatar for Laura Bell ladynerd
0
220

Other Decks in Technology

See All in Technology
カオナビに Suspenseを導入するまで / The Road to Suspense at kaonavi
Avatar for 株式会社カオナビ kaonavi
1
420
GitHub Copilot CLI と VS Code Agent Mode の使い分け
Avatar for tomokusaba tomokusaba
0
140
アクセシビリティはすべての人のもの
Avatar for tomokusaba tomokusaba
0
270
Digital Independence: Why, When and How
Avatar for Wannes Rams wannesrams
0
290
もっとコンテンツをよく構造化して理解したいので、LLM 時代こそ Taxonomy の設計品質に目を向けたい〜!
Avatar for MasatoMasaMasa morinota
0
190
【技術書典20】OpenFOAM(自宅で深める流体解析)流れと熱移動(2)
Avatar for kamakiri1225 kamakiri1225
0
370
FessのAI検索モード:検索システムとLLMへの取り組み
Avatar for Shinsuke Sugaya marevol
0
280
CyberAgent YJC Connect
Avatar for shimayuu shimaf4979
1
160
Scovilleモバイルエンジニア募集中.pdf
Avatar for Julien Rudin julienrudin
0
150
「SaaSの次の時代」に重要性を増すステークホルダーマネジメントの要諦 ~解像度を圧倒的に高めPdMの価値を最大化させる方法~
Avatar for KAKEHASHI kakehashi
PRO
3
3.8k
Oracle Base Database Service 技術詳細
Avatar for oracle4engineer oracle4engineer
PRO
15
100k
音声言語モデル手法に関する発表の紹介
Avatar for Kazuki Inamura kzinmr
0
160

Featured

See All Featured
So, you think you're a good person
Avatar for Per Axbom axbom
PRO
2
2k
The agentic SEO stack - context over prompts
Avatar for schlessera schlessera
0
770
Let's Do A Bunch of Simple Stuff to Make Websites Faster
Avatar for Chris Coyier chriscoyier
508
140k
Site-Speed That Sticks
Avatar for Harry Roberts csswizardry
13
1.2k
How to make the Groovebox
Avatar for あそなす asonas
2
2.2k
個人開発の失敗を避けるイケてる考え方 / tips for indie hackers
Avatar for panda_program panda_program
122
21k
From π to Pie charts
Avatar for Rasagy Sharma rasagy
0
180
Leadership Guide Workshop - DevTernity 2021
Avatar for David Neal reverentgeek
1
280
Efficient Content Optimization with Google Search Console & Apps Script
Avatar for Katarina Dahlin katarinadahlin
PRO
1
530
Speed Design
Avatar for Sergey Chernyshev sergeychernyshev
33
1.6k
Bash Introduction
Avatar for André Augusto Costa Santos 62gerente
615
210k
Hiding What from Whom? A Critical Review of the History of Programming languages for Music
Avatar for Tomoya Matsuura tomoyanonymous
2
790

Transcript

  1. Security skills for the adventurous developer Laura Bell F O

    U N D E R & L E A D C O N S U LTA N T S A F E S TAC K @ l a d y _ n e rd l a u r a @ s a fe s t a c k . i o

  2. the world is a terrible place

  3. the internet is a festering pool of toxic waste

  4. None

  5. somebody probably wants to do bad things to your computer

  6. the security situation is beyond hope

  7. None

  8. we can build amazing things

  9. None
  10. None
  11. None

  12. doing this securely is hard

  13. QQ

  14. good adventures are supposed to be challenging

  15. so stop waiting for someone to hand you these skills

    on a plate

  16. this is your adventure

  17. let’s get started

  18. prepare for the (inevitable) sequel protect your treasure build amazing

    machines always have an escape route watch your back take the road well travelled prepare yourself plan your route (but keep it flexible)

  19. prepare yourself

  20. security starts with education

  21. security is a team sport

  22. plan your route (but keep it flexible)

  23. design before implementation

  24. examine all the options

  25. security requires compromises

  26. take the road well travelled

  27. follow in someone else’s footsteps

  28. know where to look for direction

  29. expose yourself to scrutiny

  30. build amazing machines

  31. build amazing machines

  32. security needs a robot army

  33. immutable architectures help security

  34. watch your back

  35. know everything there is to know

  36. use clever tools to build clever things

  37. Watch for expensive distractions

  38. more alarms and no surprises

  39. security is the long game

  40. watch for spies

  41. always have an escape route

  42. have a backup (plan)

  43. be prepared to action it

  44. store your backups securely

  45. protect your treasure

  46. know the value of what you have around you

  47. vs. vs. value is relative

  48. secure data starts with secure storage

  49. so about those passwords?

  50. secure systems need gatekeepers

  51. prepare for the (inevitable) sequel

  52. celebrate your successes

  53. learn from your mistakes

  54. prepare for the next adventure

  55. the world is a terrible place

  56. secure your own adventure

  57. questions? Laura Bell F O U N D E R

    & L E A D C O N S U LTA N T S A F E S TAC K @ l a d y _ n e rd l a u r a @ s a fe s t a c k . i o