Dates
Conferences
Tags
Sort by:
Most recent
Conference: OWASP 20th Anniversary Event
Authors: Veronica Schmitt
2021-09-24
tldr - powered by Generative AI
The speaker discusses the importance of implementing five simple philosophies for application logging to improve cybersecurity and DevOps practices.
- The five philosophies were inspired by Gene Kim's book and include keeping logs simple, tagged, clean, focused, and customer-oriented.
- Logs should be easy to read and maintain, with just enough detail to debug without compromising sensitive information.
- Tagging sensitive data and creating metadata can help prevent accidental disclosure and aid in digital forensics and incident response.
- Continuous improvement and psychological safety are crucial for teams to admit mistakes and learn from them.
- Customer focus should be prioritized in building custom-oriented, secure applications.
Conference: OWASP 20th Anniversary Event
Authors: Vickie Li
2021-09-24
tldr - powered by Generative AI
The presentation discusses the basics of conducting a security code review to find vulnerabilities in an application's source code.
- Manual code reviews are valuable for finding security issues caused by insecure coding practices
- Prioritizing analysis and using automated tools can speed up the process
- Combining automated tools with manual code analysis can ensure fewer bugs make it to production