Security First - Adam Baldwin

700 views

Published on

JSConfEU 2013

Published in: Technology, News & Politics
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
700
On SlideShare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
7
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Security First - Adam Baldwin

  1. 1. Security First
  2. 2. Thanks First
  3. 3. Hi, I’m Adam
  4. 4. Hi, I’m Adam @adam_baldwin @liftsecurity @nodesecurity
  5. 5. Hi, I’m Adam @evilpacket
  6. 6. andbang.com
  7. 7. andbang.com
  8. 8. Node Security Project nodesecurity.io
  9. 9. Security First
  10. 10. We’re Fucked
  11. 11. Nothing is 100% Secure.
  12. 12. Defender Attacker
  13. 13. Defender Attacker
  14. 14. AttackerDefender
  15. 15. Software is Hard
  16. 16. Software is full of opinions
  17. 17. Mobile First
  18. 18. Mobile First Content First
  19. 19. Mobile First Content First Offline First
  20. 20. Mobile First Content First Offline First SECURITY
  21. 21. Software is full of constraints
  22. 22. Security is one of those
  23. 23. Who’s responsible for security?
  24. 24. Who’s responsible for security? You are.
  25. 25. Why?
  26. 26. NSA Spent $25 million on ‘software vulnerabilities’ in 2013
  27. 27. Stay off the menu.
  28. 28. Litigation is coming.
  29. 29. Litigation is coming.
  30. 30. Enough Doom & Gloom already!
  31. 31. Enough Doom & Gloom already!
  32. 32. Something has to change
  33. 33. Let’s build a Security First culture
  34. 34. Why do we avoid security?
  35. 35. - Ignorance - Procrastination - Not Exciting work - Not Rewarded
  36. 36. Education Understand Vulnerabilities
  37. 37. The simple stuff still works.
  38. 38. Validation / Sanitization Cryptohttp://www.matasano.com/articles/crypto-challenges/ http://owasp.org
  39. 39. npm install all the things™
  40. 40. npm install coffeescript
  41. 41. so..ahhh. what else?
  42. 42. Process It’s not immutable
  43. 43. Community Bridge all the worlds http://blog.andyet.com/2013/09/11/shame-and-security
  44. 44. security.md
  45. 45. Homework. - Learn about 1 vuln - Audit some code - Teach a Friend
  46. 46. confwork? Talk to each other about security...
  47. 47. </PRESENTATION> @adam_baldwin | @LiftSecurity

×