Upgrade to Pro — share decks privately, control downloads, hide ads and more …

既存のWebアプリをセキュアにするためにやったこと / Student-LT-WebSec

Avatar for Tomoyuki KOYAMA Tomoyuki KOYAMA
May 05, 2018
Technology
0
190

既存のWebアプリをセキュアにするためにやったこと / Student-LT-WebSec

学生LT#11, @DMM

Avatar for Tomoyuki KOYAMA

Tomoyuki KOYAMA

May 05, 2018
Tweet

More Decks by Tomoyuki KOYAMA

See All by Tomoyuki KOYAMA
Query Prediction for Log Search for Distributed Tracing with External Monitoring Alerts
Avatar for Tomoyuki KOYAMA tomoyk
0
9
Root Cause Analysis for Middleware Issues by Kubernetes Resource Events / KST-2026
Avatar for Tomoyuki KOYAMA tomoyk
0
17
Reading HTTP Client Hints
Avatar for Tomoyuki KOYAMA tomoyk
0
120
Log message with JSON item count for root cause analysis in microservices
Avatar for Tomoyuki KOYAMA tomoyk
1
240
Distributed Log Search Based on Time Series Access and Service Relations
Avatar for Tomoyuki KOYAMA tomoyk
0
370
Webアプリを動かすまでのインフラ構築 / infra-build-for-web-app
Avatar for Tomoyuki KOYAMA tomoyk
0
450
コンピュータが大好きな私が大学院進学した理由 / Why I chose graduate school
Avatar for Tomoyuki KOYAMA tomoyk
1
1k
この先生きのこるための学び方 / how-to-learn-tech
Avatar for Tomoyuki KOYAMA tomoyk
1
420
佐川急便のフィッシングサイトを調べてみた / Analysis of sagawa fishing site
Avatar for Tomoyuki KOYAMA tomoyk
1
200

Other Decks in Technology

See All in Technology
Three-Legged OAuth in AgentCore Gateway
Avatar for iganin hironobuiga
2
160
技術キャッチアップ効率化を実現する記事推薦システムの構築
Avatar for Yudai Hayashi yudai00
2
120
サイボウズ 開発本部採用ピッチ / Cybozu Engineer Recruit
Avatar for Cybozu cybozuinsideout
PRO
10
74k
NW構成図の自動描画は何が難しいのか?/netdevnight3
Avatar for m.hagiwara corestate55
1
110
衛星画像即時マッピングサービスの実現に向けて
Avatar for Yuji Kobayashi lehupa
1
300
全自動で回せ!Claude Codeマーケットプレイス運用術
Avatar for ugo yukyu30
3
110
AWSが推進する AI駆動開発ライフサイクル入門 〜 AI駆動開発時代に必要な人材とは 〜 / introduction_to_aidlc_and_skills
Avatar for Atsushi Fukui fatsushi
7
4.4k
自律型コーディングエージェントでどこまで出来るかやってみる~ Claude Code vs GitHub Copilot(Agent mode) ~ / How Far Can Autonomous Coding Agents Go? ~Claude Code vs GitHub Copilot (Agent Mode)~
Avatar for Junya Miyake jnymyk
0
190
量子クラウドシステムと運用
Avatar for OQTOPUS oqtopus
0
200
React 19時代のコンポーネント設計ベストプラクティス
Avatar for uhyo uhyo
17
6.7k
Kubernetes環境周りの責任範囲をいい機会なので考える / Taking the Opportunity to Clarify Kubernetes Responsibilities
Avatar for kohbis kohbis
1
110
EMから現場に戻って見えた2026年の開発者視点
Avatar for aki sudoakiy
1
350

Featured

See All Featured
Heart Work Chapter 1 - Part 1
Avatar for Lake Fama lfama
PRO
5
35k
エンジニアに許された特別な時間の終わり
Avatar for watany watany
106
230k
Money Talks: Using Revenue to Get Sh*t Done
Avatar for Nikki Halliwell nikkihalliwell
0
170
Code Reviewing Like a Champion
Avatar for maltzj maltzj
527
40k
Git: the NoSQL Database
Avatar for Brandon Keepers bkeepers
PRO
432
66k
SEOcharity - Dark patterns in SEO and UX: How to avoid them and build a more ethical web
Avatar for Sara Fernández Carmona sarafernandez
0
130
The SEO identity crisis: Don't let AI make you average
Avatar for Varn varn
0
400
Jamie Indigo - Trashchat’s Guide to Black Boxes: Technical SEO Tactics for LLMs
Avatar for Tech SEO Connect techseoconnect
PRO
0
75
New Earth Scene 8
Avatar for Sydney Stone popppiees
1
1.6k
Avoiding the “Bad Training, Faster” Trap in the Age of AI
Avatar for Mike Taylor tmiket
0
90
The Psychology of Web Performance [Beyond Tellerrand 2023]
Avatar for Tammy Everts tammyeverts
49
3.3k
The Mindset for Success: Future Career Progression
Avatar for Greg Gifford greggifford
PRO
0
250

Transcript

  1. طଘͷ8FCΞϓϦΛ
 ηΩϡΞʹ͢ΔͨΊʹ
 ΍ͬͨ͜ͱ  5PNPZVLJ,0:"." ֶੜ-5

  2. ࣗݾ঺հ w /BNFίϠϚτϞϢΩ w (SBEFཧ޻ܥେֶ# w 5XJUUFS!UNZL@LZN w #MPHIUUQTCMPHLPZBNBNF w

    5BHT/FUXPSL8FC4FSWFS4FDVSJUZ

  3. ҳൠͷޡՈఉ ϠϑΦΫͰதݹͷωοτϫʔΫػثΛߪೖ

  4. ۙگ w ٕज़ॻయʹߦͬͨ w ొ࿥ηΩεϖΛड͚ͨ w ๭IBDLʹམͪͨ w ֶੜ-5ʹؒʹ߹ͬͨɹˡ/&8

  5. 8FCηΩϡϦςΟ
 ͷجૅ

  6. 944 w ΫϩεɾαΠτɾεΫϦϓςΟϯά w )5.-಺ʹεΫϦϓτ͕ૠೖ͞ΕΔ͜ͱͰɺ೚ ҙͷॲཧ͕࣮ߦ͞ΕΔ w $8&*NQSPQFS/FVUSBMJ[BUJPOPG*OQVU %VSJOH8FC1BHF(FOFSBUJPO $SPTTTJUF

    4DSJQUJOH   

  7. 944 EPDUZQFIUNM NFUBDIBSTFUVUG UJUMF9444BNQMFUJUMF I QIQFDIP@(&5<NPEF> I EPDUZQFIUNM NFUBDIBSTFUVUG UJUMF9444BNQMFUJUMF

    IIFMMPI ม਺@(&5<bNPEF`>ʹIFMMP͕ઃఆ͞Ε͍ͯΔͱʜ 4BGF

  8. 944 EPDUZQFIUNM NFUBDIBSTFUVUG UJUMF9444BNQMFUJUMF I QIQFDIP@(&5<NPEF> I EPDUZQFIUNM NFUBDIBSTFUVUG UJUMF9444BNQMFUJUMF

    ITDSJQUBMFSU TDSJQUI ม਺@(&5<bNPEF`>ʹTDSJQUBMFSU TDSJQU͕
 ઃఆ͞Ε͍ͯΔͱʜ VO4BGF

  9. 'SBNF8PSLʹཔΔͱʜ w 'SBNF8PSL͕ࣗಈͰΤεέʔϓͯ͘͠ΕΔ w ηΩϡϦςΟΛҙࣝͤͣʹ։ൃՄ w 3VCZPO3BJMT 'MBTL $BLF1)1 FUDʜ

  10. طଘͷ8FCΞϓϦΛ
 ηΩϡΞʹ͢ΔͨΊʹ
 ΍ͬͨ͜ͱ

  11. ܦҢ w ͱ͋Δ8FCΞϓϦ ൿ఻ͷιʔε Λಈ͔͢ґཔΛ ड͚Δ w ѻ͏σʔλ͸ݸਓ৘ใ w ηΩϡϦςΟΛݟ௚ͯ͠Έͨ

  12. ΍ͬͨ͜ͱ

  13. 44-Խ w )551ˠ)5514 w 44-ূ໌ॻΛ-FU`T&ODSZQUͰऔಘ w ैདྷ͸ݸਓ৘ใΛฏจͰ΍ΓऔΓ

  14. ͓͠·͍

  15. ΍ͬͨ͜ͱ w ॳڃ w 44-Խ w தڃ w ্ڃ

  16. ΍ͬͨ͜ͱதڃ w $PPLJF΁IUUQPOMZଐੑ TFDVSFଐੑΛ෇༩ w Ϩεϙϯεϔομ΁ҎԼΛ෇༩ w 99441SPUFDUJPONPEFCMPDL w 9'SBNF0QUJPOT4".&03*(*/

    w 9$POUFOU5ZQF0QUJPOTOPTOJ⒎

  17. $PPLJF΁IUUQPOMZଐੑ  TFDVSFଐੑΛ෇༩

  18. 99441SPUFDUJPO NPEFCMPDL w 8FCϒϥ΢βͷ944ϑΟϧλʔΛڧ੍0/ w 944Λݕ஌͢ΔͱϒϩοΫ͢Δ IUUQFYBNQMFDPNTFBSDI TDSJQUBMFSU TDSJQU

  19. 9'SBNF0QUJPOT
 9$POUFOU5ZQF0QUJPOT w 9'SBNF0QUJPOT4".&03*(*/ w ΫϦοΫɾδϟοΩϯάରࡦ
 JGSBNFͰͷผαΠτ͔ΒຒΊࠐΈΛېࢭ  w 9$POUFOU5ZQF0QUJPOTOPTOJ⒎

    w FͷΞΠίϯͳϒϥ΢βͰͷ944Λ๷ࢭ

  20. ΍ͬͨ͜ͱ্ڃ w ηογϣϯɾλΠϜΞ΢τ w Ϩεϙϯεϔομ΁ҎԼΛ෇༩ w $BDIF$POUSPMQSJWBUF OPTUPSF w 4USJDU5SBOTQPSU4FDVSJUZNBY

    BHFJODMVEF4VCEPNBJOT

  21. ηογϣϯɾλΠϜΞ΢τ $PPLJFͷ&YQJSFଐੑͰ༗ޮظݶΛઃఆ

  22. $BDIF$POUSPM
 QSJWBUF OPTUPSF w ϚΠϖʔδ ݸਓ৘ใ ͳͲΛ1SPYZ$%/ͰΩϟο γϡͰอ࣋͠ͳ͍ w ࢀߟʮϝϧΧϦɹݸਓ৘ใྲྀग़ʯ

  23. 4USJDU5SBOTQPSU4FDVSJUZNBY BHFJODMVEF4VCEPNBJOT w )454 )5514USJDU5SBOTQPSU4FDVSJUZ  w IUUQˠIUUQT΁ஔ͖׵͑ͯϦΫΤετΛૹ৴ w <T><EBZ>

  24. ·ͱΊ w 8FCΞϓϦΛެ։͢Δͱ͖͸44-Խ͠Α͏ w $PPLJF΍Ϩεϙϯεɾϔομʹ஫ҙ͠Α͏ w ແঈεΩϟφͷ08"41;"1͸Φεεϝ

  25. ݁Ռ

  26. ΍Γ͕͍(&5 ใु;&30

  27. ࡉ͔͍͜ͱ͸࠙਌ձͰ ั·͑ͯฉ͍ͯω 5IBOLT