Zoom 0-Day: How not to handle a vulnerability report
I'll discuss my communications with Zoom’s security team and the reasoning behind what led to my decision to resort to 0-Day disclosure.
0
Like
Unlike
Software Supply Chain from Code to Production and Back
Discussing the risks & countermeasures taken following the growing usage of open-source software, and the dependence of modern software on OS components.
AppSec is Dead. Long Live DevSecOps!
How can developers, using the right training and tools, upskill their security awareness and stand out among their peers.
Threat Modeling: Finding the Worst Vulnerabilities You’ll Never Write
How to use threat modeling to find vulnerabilities hidden in our systems by uncovering architectural flaws, exposing attack surfaces & identifying attack vectors.
Game On: How to Achieve the Highest Level of Code Security
How can we level up our secure coding strategies and what roles should security & development teams play when it comes to code security?
Threat Modeling, a Manifesto and Some Code
Learn about the concept of Threat Modeling, its objectives, and the part it plays in the SDLC.
API Security: When Failure looks like Success
Assumptions and strategies for bringing our APIs out of the shadows and protecting ourselves, our partners, and our customers.
