Increasingly frequent deployments make it impossible for security teams to manually review all of the code before it is released. Jules Denardou and Justin Massey wrote a Terraform-deployed application to solve this problem by tightly integrating into the developer workflow. The plugin-based application has three core components, each represented by at least one Lambda function: […]
By Brian Contos, CISO of Verodin: “The idea for my presentation “Left of Boom” was based on conversations I was having with some of my co-workers at Verodin. Many people on our team are former military and some served in Iraq and Afghanistan where they engaged in anti-IED (Improvised Explosive Device) missions. During these conversations […]
“I’d like to offer an introduction into Network System Monitoring using different open tools available in Linux.”, says Paula. “The talk is a technical approach to identify the best sniffing points in a network and how to orchestrate a full analysis of the content to secure the network, as well as showing ideas of collaborative […]
In information security pessimism rules. Unfortunately. Extreme Programming might breed extreme problems, too. The short-lived app software cycle is a prime example. If your main goal is to hit the app store as soon and as often as possible, then critical bugs will show up faster than you can spell XCodeGhost. The development infrastructure has […]
I watched „Bolt“ with my daughter yesterday. She’s still young and needed some time to distinguish fiction from reality, just like Bolt himself. If you regularly use (security) tools, then you might get a bit jealous about all these super-science skills and gadgets. This is especially true when it comes to the toys of James […]
Scapy is the „Swiss Army tool“ among security software. Scapy is a powerful interactive packet manipulation program. It is used for scanning, probing, testing software implementations, tracing network packets, network discovery, injecting frames, and other tasks. So it’s a security power tool useful for a lot of tasks in security research. Wouldn’t it be nice […]