Dates
Conferences
Tags
Sort by:
Most recent
Conference: OWASP 20th Anniversary Event
Authors: Vandana Verma, Steve Coochin
2021-09-25
tldr - powered by Generative AI
The presentation discusses the importance of secure development environments in the face of supply chain security incidents and vulnerabilities in open source code and containers.
- Open source code makes up a significant portion of an organization's codebase, and new packages are constantly being developed, leading to vulnerabilities and breaches.
- Containerization is important for keeping code and infrastructure clean, but vulnerabilities can still surface in containers.
- Developers' integrated development environments, such as Visual Studio Code, are also vulnerable to attacks.
- Secure development environments are crucial for protecting end users and require a shift left approach to security.
- The presentation includes a demonstration of a vulnerability in the Instant Markdown plugin for Visual Studio Code.
Conference: OWASP 20th Anniversary Event
Authors: Edwin Kwan
2021-09-24
The number of security incidents and data breaches are increasing. It feels like not a week goes by without hearing of another breach or compromise. Are we getting worse at doing security? In this talk I'll provide my opinion on this, from an application security perspective, by taking a look at how software development has changed over the years. As we move towards Cloud Native workloads, staying secure is harder; and it's not always your developers' fault.