- tl;dr sec
- Archive
- Page 23
Archive
SummarySummary
![Behind the Scenes: Securing In-House Execution of Unsafe Third-Party Executables](https://media.beehiiv.com/cdn-cgi/image/format=auto,width=800,height=421,fit=scale-down,onerror=redirect/uploads/asset/file/eb4854da-a72a-4de8-8089-8884cb286d0b/appsec_cali_title_slide.jpg)
Behind the Scenes: Securing In-House Execution of Unsafe Third-Party Executables
Many companies rely on third-party native executables for functionality like image and video processing. However, many of these tools are written in C or C++ and were not designed with security in mind. When a malicious user uploads a specially crafted file, it can lead to arbitrary command execution via a buffer overflow or command injection, arbitrary file read or write, and other bad outcomes.
![Clint Gibler](https://beehiiv-images-production.s3.amazonaws.com/uploads/user/profile_picture/f5c126ea-2e8d-4103-9fa8-f2ccaba23368/clint_gibler.jpg)
Clint Gibler
SummarySummary
![Browser fingerprints for a more secure web](https://media.beehiiv.com/cdn-cgi/image/format=auto,width=800,height=421,fit=scale-down,onerror=redirect/uploads/asset/file/7a09f7f0-4b83-43a1-92d5-0b9f23287e38/appsec_cali_title_slide.jpg)
Browser fingerprints for a more secure web
This talk describes how Salesforce uses browser fingerprinting to protect users from having their accounts compromised. Their goal is to detect sessions being stolen, including by malware running on the same device as the victim (and thus has the same IP address).
![Clint Gibler](https://beehiiv-images-production.s3.amazonaws.com/uploads/user/profile_picture/f5c126ea-2e8d-4103-9fa8-f2ccaba23368/clint_gibler.jpg)
Clint Gibler
SummarySummary
![Building Cloud-Native Security for Apps and APIs with NGINX](https://media.beehiiv.com/cdn-cgi/image/format=auto,width=800,height=421,fit=scale-down,onerror=redirect/uploads/asset/file/82ac615e-9060-4815-bf03-2f58dc40f6c6/appsec_cali_title_slide.jpg)
SummarySummary
![Contact Center Authentication](https://media.beehiiv.com/cdn-cgi/image/format=auto,width=800,height=421,fit=scale-down,onerror=redirect/uploads/asset/file/7a09f7f0-4b83-43a1-92d5-0b9f23287e38/appsec_cali_title_slide.jpg)
SummarySummary
![Detecting Credential Compromise in AWS](https://media.beehiiv.com/cdn-cgi/image/format=auto,width=800,height=421,fit=scale-down,onerror=redirect/uploads/asset/file/f22c1eb9-cedf-4722-bdaa-cb00637237b6/appsec_cali_title_slide.jpg)
SummarySummary
![Game On! Adding Privacy to Threat Modeling](https://media.beehiiv.com/cdn-cgi/image/format=auto,width=800,height=421,fit=scale-down,onerror=redirect/uploads/asset/file/77683196-1a15-4cbc-a488-4315f0a33f96/appsec_cali_title_slide.jpg)