Upgrade to Pro — share decks privately, control downloads, hide ads and more …

既存のWebアプリをセキュアにするためにやったこと / Student-LT-WebSec

Avatar for Tomoyuki KOYAMA Tomoyuki KOYAMA
May 05, 2018
Technology
200
0

既存のWebアプリをセキュアにするためにやったこと / Student-LT-WebSec

学生LT#11, @DMM

Avatar for Tomoyuki KOYAMA

Tomoyuki KOYAMA

May 05, 2018

More Decks by Tomoyuki KOYAMA

See All by Tomoyuki KOYAMA
イベントとリソース定義から作成した依存グラフを用いた連鎖障害の調査時間の短縮 / DPS-206
Avatar for Tomoyuki KOYAMA tomoyk
0
19
Query Prediction for Log Search for Distributed Tracing with External Monitoring Alerts
Avatar for Tomoyuki KOYAMA tomoyk
0
33
Root Cause Analysis for Middleware Issues by Kubernetes Resource Events / KST-2026
Avatar for Tomoyuki KOYAMA tomoyk
0
62
Reading HTTP Client Hints
Avatar for Tomoyuki KOYAMA tomoyk
0
140
Log message with JSON item count for root cause analysis in microservices
Avatar for Tomoyuki KOYAMA tomoyk
1
260
Distributed Log Search Based on Time Series Access and Service Relations
Avatar for Tomoyuki KOYAMA tomoyk
0
390
Webアプリを動かすまでのインフラ構築 / infra-build-for-web-app
Avatar for Tomoyuki KOYAMA tomoyk
0
470
コンピュータが大好きな私が大学院進学した理由 / Why I chose graduate school
Avatar for Tomoyuki KOYAMA tomoyk
1
1.1k
検索性能に配慮した複製による分散ログ管理 / DPS-185
Avatar for Tomoyuki KOYAMA tomoyk
0
23

Other Decks in Technology

See All in Technology
AI 時代の Platform Engineering
Avatar for Recruit recruitengineers
PRO
1
230
Oracle Base Database Service 技術詳細
Avatar for oracle4engineer oracle4engineer
PRO
15
100k
Oracle Cloud Infrastructure presents managed, serverless MCP Servers for Oracle AI Database
Avatar for thatjeffsmith thatjeffsmith
1
570
RedmineをAIで効率的に使う検証
Avatar for Takayuki Yoshioka yoshiokacb
0
150
AIのために、AIを使った、Effect-TSからの脱却 〜テストを活用した安全なリファクタリングの進め方〜
Avatar for 株式会社ビットキー / Bitkey Inc. bitkey
PRO
0
120
セキュリティ対策、何からはじめる? CloudNative環境の脅威モデリングと リスク評価実践入門 #cloudnativekaigi
Avatar for varu3 varu3
5
1k
Oracle AI Database@Azure:サービス概要のご紹介
Avatar for oracle4engineer oracle4engineer
PRO
6
1.7k
エムスリーテクノロジーズ株式会社 エンジニア向け紹介資料 / M3 Technologies Company Deck
Avatar for M3 Engineering m3_engineering
0
190
JTCでRedmine利用者2700人を実現した手法 第二部
Avatar for Silvers.Rayleigh nobuonakamura
0
140
React Compiler導入から21ヶ月、いま始めるならこうやる
Avatar for Tatsuya Asami astatsuya
2
270
既存プロダクトQAから新規プロダクトQAへ
Avatar for hashi ryotakahashi
0
160
AI時代に、 データアナリストがデータエンジニアに異動して
Avatar for jackojacko_ jackojacko_
0
1k

Featured

See All Featured
Leo the Paperboy
Avatar for Maya Tellez mayatellez
7
1.8k
Bootstrapping a Software Product
Avatar for Garrett Dimon garrettdimon
PRO
307
120k
Site-Speed That Sticks
Avatar for Harry Roberts csswizardry
13
1.2k
Why Our Code Smells
Avatar for Brandon Keepers bkeepers
PRO
340
58k
Conquering PDFs: document understanding beyond plain text
Avatar for Ines Montani inesmontani
PRO
4
2.7k
Visualizing Your Data: Incorporating Mongo into Loggly Infrastructure
Avatar for mongodb mongodb
49
9.9k
Unsuck your backbone
Avatar for Amy Palamountain ammeep
672
58k
Rebuilding a faster, lazier Slack
Avatar for samanthasiow samanthasiow
85
9.5k
Creating an realtime collaboration tool: Agile Flush - .NET Oxford
Avatar for Marc Duiker marcduiker
35
2.4k
The MySQL Ecosystem @ GitHub 2015
Avatar for Sam Lambert samlambert
251
13k
Leveraging LLMs for student feedback in introductory data science courses - posit::conf(2025)
Avatar for Mine Cetinkaya-Rundel minecr
1
250
Building a Modern Day 
E-commerce SEO Strategy
Avatar for Aleyda Solis aleyda
45
9k

Transcript

  1. طଘͷ8FCΞϓϦΛ
 ηΩϡΞʹ͢ΔͨΊʹ
 ΍ͬͨ͜ͱ  5PNPZVLJ,0:"." ֶੜ-5

  2. ࣗݾ঺հ w /BNFίϠϚτϞϢΩ w (SBEFཧ޻ܥେֶ# w 5XJUUFS!UNZL@LZN w #MPHIUUQTCMPHLPZBNBNF w

    5BHT/FUXPSL8FC4FSWFS4FDVSJUZ

  3. ҳൠͷޡՈఉ ϠϑΦΫͰதݹͷωοτϫʔΫػثΛߪೖ

  4. ۙگ w ٕज़ॻయʹߦͬͨ w ొ࿥ηΩεϖΛड͚ͨ w ๭IBDLʹམͪͨ w ֶੜ-5ʹؒʹ߹ͬͨɹˡ/&8

  5. 8FCηΩϡϦςΟ
 ͷجૅ

  6. 944 w ΫϩεɾαΠτɾεΫϦϓςΟϯά w )5.-಺ʹεΫϦϓτ͕ૠೖ͞ΕΔ͜ͱͰɺ೚ ҙͷॲཧ͕࣮ߦ͞ΕΔ w $8&*NQSPQFS/FVUSBMJ[BUJPOPG*OQVU %VSJOH8FC1BHF(FOFSBUJPO $SPTTTJUF

    4DSJQUJOH   

  7. 944 EPDUZQFIUNM NFUBDIBSTFUVUG UJUMF9444BNQMFUJUMF I QIQFDIP@(&5<NPEF> I EPDUZQFIUNM NFUBDIBSTFUVUG UJUMF9444BNQMFUJUMF

    IIFMMPI ม਺@(&5<bNPEF`>ʹIFMMP͕ઃఆ͞Ε͍ͯΔͱʜ 4BGF

  8. 944 EPDUZQFIUNM NFUBDIBSTFUVUG UJUMF9444BNQMFUJUMF I QIQFDIP@(&5<NPEF> I EPDUZQFIUNM NFUBDIBSTFUVUG UJUMF9444BNQMFUJUMF

    ITDSJQUBMFSU TDSJQUI ม਺@(&5<bNPEF`>ʹTDSJQUBMFSU TDSJQU͕
 ઃఆ͞Ε͍ͯΔͱʜ VO4BGF

  9. 'SBNF8PSLʹཔΔͱʜ w 'SBNF8PSL͕ࣗಈͰΤεέʔϓͯ͘͠ΕΔ w ηΩϡϦςΟΛҙࣝͤͣʹ։ൃՄ w 3VCZPO3BJMT 'MBTL $BLF1)1 FUDʜ

  10. طଘͷ8FCΞϓϦΛ
 ηΩϡΞʹ͢ΔͨΊʹ
 ΍ͬͨ͜ͱ

  11. ܦҢ w ͱ͋Δ8FCΞϓϦ ൿ఻ͷιʔε Λಈ͔͢ґཔΛ ड͚Δ w ѻ͏σʔλ͸ݸਓ৘ใ w ηΩϡϦςΟΛݟ௚ͯ͠Έͨ

  12. ΍ͬͨ͜ͱ

  13. 44-Խ w )551ˠ)5514 w 44-ূ໌ॻΛ-FU`T&ODSZQUͰऔಘ w ैདྷ͸ݸਓ৘ใΛฏจͰ΍ΓऔΓ

  14. ͓͠·͍

  15. ΍ͬͨ͜ͱ w ॳڃ w 44-Խ w தڃ w ্ڃ

  16. ΍ͬͨ͜ͱதڃ w $PPLJF΁IUUQPOMZଐੑ TFDVSFଐੑΛ෇༩ w Ϩεϙϯεϔομ΁ҎԼΛ෇༩ w 99441SPUFDUJPONPEFCMPDL w 9'SBNF0QUJPOT4".&03*(*/

    w 9$POUFOU5ZQF0QUJPOTOPTOJ⒎

  17. $PPLJF΁IUUQPOMZଐੑ  TFDVSFଐੑΛ෇༩

  18. 99441SPUFDUJPO NPEFCMPDL w 8FCϒϥ΢βͷ944ϑΟϧλʔΛڧ੍0/ w 944Λݕ஌͢ΔͱϒϩοΫ͢Δ IUUQFYBNQMFDPNTFBSDI TDSJQUBMFSU TDSJQU

  19. 9'SBNF0QUJPOT
 9$POUFOU5ZQF0QUJPOT w 9'SBNF0QUJPOT4".&03*(*/ w ΫϦοΫɾδϟοΩϯάରࡦ
 JGSBNFͰͷผαΠτ͔ΒຒΊࠐΈΛېࢭ  w 9$POUFOU5ZQF0QUJPOTOPTOJ⒎

    w FͷΞΠίϯͳϒϥ΢βͰͷ944Λ๷ࢭ

  20. ΍ͬͨ͜ͱ্ڃ w ηογϣϯɾλΠϜΞ΢τ w Ϩεϙϯεϔομ΁ҎԼΛ෇༩ w $BDIF$POUSPMQSJWBUF OPTUPSF w 4USJDU5SBOTQPSU4FDVSJUZNBY

    BHFJODMVEF4VCEPNBJOT

  21. ηογϣϯɾλΠϜΞ΢τ $PPLJFͷ&YQJSFଐੑͰ༗ޮظݶΛઃఆ

  22. $BDIF$POUSPM
 QSJWBUF OPTUPSF w ϚΠϖʔδ ݸਓ৘ใ ͳͲΛ1SPYZ$%/ͰΩϟο γϡͰอ࣋͠ͳ͍ w ࢀߟʮϝϧΧϦɹݸਓ৘ใྲྀग़ʯ

  23. 4USJDU5SBOTQPSU4FDVSJUZNBY BHFJODMVEF4VCEPNBJOT w )454 )5514USJDU5SBOTQPSU4FDVSJUZ  w IUUQˠIUUQT΁ஔ͖׵͑ͯϦΫΤετΛૹ৴ w <T><EBZ>

  24. ·ͱΊ w 8FCΞϓϦΛެ։͢Δͱ͖͸44-Խ͠Α͏ w $PPLJF΍Ϩεϙϯεɾϔομʹ஫ҙ͠Α͏ w ແঈεΩϟφͷ08"41;"1͸Φεεϝ

  25. ݁Ռ

  26. ΍Γ͕͍(&5 ใु;&30

  27. ࡉ͔͍͜ͱ͸࠙਌ձͰ ั·͑ͯฉ͍ͯω 5IBOLT