Posts by Tag

tldr_sec

[tl;dr sec] #6 - Post Hacker Summer Camp

3 minute read

Neat talks from Hacker Summer Camp on email -> phone number, DNS rebinding, automated C++ reverse engineering, and publicly exposed AWS EBS volumes.

Back to Top ↑

2019

The Art of Vulnerability Management

10 minute read

Alexandra Nassar of Medallia describes how to create a positive vulnerability management culture and process that works for engineers and the security team.

DevSecCon Tel Aviv 2019 Roundup

5 minute read

Practical steps to start managing your secrets properly, continuous threat modeling, container security stats and best practices, and my thoughts on the futu...

Data Driven Bug Bounty

11 minute read

Arkadiy Tetelman describes how to effectively launch a bug bounty program and how tracking vulnerability metrics can make an AppSec team more impactful.

Back to Top ↑

industry

The Art of Vulnerability Management

10 minute read

Alexandra Nassar of Medallia describes how to create a positive vulnerability management culture and process that works for engineers and the security team.

Data Driven Bug Bounty

11 minute read

Arkadiy Tetelman describes how to effectively launch a bug bounty program and how tracking vulnerability metrics can make an AppSec team more impactful.

SCORE Bot: Shift Left, at Scale!

10 minute read

Vidhu Jayabalan and Laksh Raghavan present SCORE-Bot, PayPal’s light-weight, continuous code scanning tool that hooks into their CI/CD pipeline.

Back to Top ↑

devsecops

DevSecCon Tel Aviv 2019 Roundup

5 minute read

Practical steps to start managing your secrets properly, continuous threat modeling, container security stats and best practices, and my thoughts on the futu...

SCORE Bot: Shift Left, at Scale!

10 minute read

Vidhu Jayabalan and Laksh Raghavan present SCORE-Bot, PayPal’s light-weight, continuous code scanning tool that hooks into their CI/CD pipeline.

Back to Top ↑

summary

The Art of Vulnerability Management

10 minute read

Alexandra Nassar of Medallia describes how to create a positive vulnerability management culture and process that works for engineers and the security team.

Data Driven Bug Bounty

11 minute read

Arkadiy Tetelman describes how to effectively launch a bug bounty program and how tracking vulnerability metrics can make an AppSec team more impactful.

SCORE Bot: Shift Left, at Scale!

10 minute read

Vidhu Jayabalan and Laksh Raghavan present SCORE-Bot, PayPal’s light-weight, continuous code scanning tool that hooks into their CI/CD pipeline.

Back to Top ↑

aws

[tl;dr sec] #6 - Post Hacker Summer Camp

3 minute read

Neat talks from Hacker Summer Camp on email -> phone number, DNS rebinding, automated C++ reverse engineering, and publicly exposed AWS EBS volumes.

Back to Top ↑

static_analysis

[tl;dr sec] #6 - Post Hacker Summer Camp

3 minute read

Neat talks from Hacker Summer Camp on email -> phone number, DNS rebinding, automated C++ reverse engineering, and publicly exposed AWS EBS volumes.

SCORE Bot: Shift Left, at Scale!

10 minute read

Vidhu Jayabalan and Laksh Raghavan present SCORE-Bot, PayPal’s light-weight, continuous code scanning tool that hooks into their CI/CD pipeline.

Back to Top ↑

security_culture

Back to Top ↑

con_appsec_cali

Back to Top ↑

fuzzing

Back to Top ↑

cloud_security

Back to Top ↑

threat_modeling

DevSecCon Tel Aviv 2019 Roundup

5 minute read

Practical steps to start managing your secrets properly, continuous threat modeling, container security stats and best practices, and my thoughts on the futu...

Back to Top ↑

osint

[tl;dr sec] #6 - Post Hacker Summer Camp

3 minute read

Neat talks from Hacker Summer Camp on email -> phone number, DNS rebinding, automated C++ reverse engineering, and publicly exposed AWS EBS volumes.

Back to Top ↑

web_app_security

Back to Top ↑

web_security

Back to Top ↑

program_analysis

[tl;dr sec] #6 - Post Hacker Summer Camp

3 minute read

Neat talks from Hacker Summer Camp on email -> phone number, DNS rebinding, automated C++ reverse engineering, and publicly exposed AWS EBS volumes.

Back to Top ↑

sdlc

Back to Top ↑

privacy

[tl;dr sec] #6 - Post Hacker Summer Camp

3 minute read

Neat talks from Hacker Summer Camp on email -> phone number, DNS rebinding, automated C++ reverse engineering, and publicly exposed AWS EBS volumes.

Back to Top ↑

blue_team

The Art of Vulnerability Management

10 minute read

Alexandra Nassar of Medallia describes how to create a positive vulnerability management culture and process that works for engineers and the security team.

Back to Top ↑

bug_bounty

Data Driven Bug Bounty

11 minute read

Arkadiy Tetelman describes how to effectively launch a bug bounty program and how tracking vulnerability metrics can make an AppSec team more impactful.

Back to Top ↑

con_devseccon

DevSecCon Tel Aviv 2019 Roundup

5 minute read

Practical steps to start managing your secrets properly, continuous threat modeling, container security stats and best practices, and my thoughts on the futu...

Back to Top ↑

asset_inventory

Back to Top ↑

kubernetes

Back to Top ↑

our_research

Back to Top ↑

con_bsides_sf

Back to Top ↑

con_appsec_usa

SCORE Bot: Shift Left, at Scale!

10 minute read

Vidhu Jayabalan and Laksh Raghavan present SCORE-Bot, PayPal’s light-weight, continuous code scanning tool that hooks into their CI/CD pipeline.

Back to Top ↑

2018

SCORE Bot: Shift Left, at Scale!

10 minute read

Vidhu Jayabalan and Laksh Raghavan present SCORE-Bot, PayPal’s light-weight, continuous code scanning tool that hooks into their CI/CD pipeline.

Back to Top ↑

con_bsidessf

Data Driven Bug Bounty

11 minute read

Arkadiy Tetelman describes how to effectively launch a bug bounty program and how tracking vulnerability metrics can make an AppSec team more impactful.

Back to Top ↑

security_metrics

Data Driven Bug Bounty

11 minute read

Arkadiy Tetelman describes how to effectively launch a bug bounty program and how tracking vulnerability metrics can make an AppSec team more impactful.

Back to Top ↑

con_blackhat_usa

Back to Top ↑

2017

Back to Top ↑

keynote

Back to Top ↑

reverse_engineering

[tl;dr sec] #6 - Post Hacker Summer Camp

3 minute read

Neat talks from Hacker Summer Camp on email -> phone number, DNS rebinding, automated C++ reverse engineering, and publicly exposed AWS EBS volumes.

Back to Top ↑

dns_rebinding

[tl;dr sec] #6 - Post Hacker Summer Camp

3 minute read

Neat talks from Hacker Summer Camp on email -> phone number, DNS rebinding, automated C++ reverse engineering, and publicly exposed AWS EBS volumes.

Back to Top ↑

responsible_disclosure

[tl;dr sec] #6 - Post Hacker Summer Camp

3 minute read

Neat talks from Hacker Summer Camp on email -> phone number, DNS rebinding, automated C++ reverse engineering, and publicly exposed AWS EBS volumes.

Back to Top ↑

ai

Back to Top ↑

xss

Back to Top ↑

compliance

Back to Top ↑

censorship

Back to Top ↑

firefox

Back to Top ↑

con_shellcon

Back to Top ↑

detection_response

Back to Top ↑

con_global_appsec_amsterdam

Back to Top ↑

secrets_management

DevSecCon Tel Aviv 2019 Roundup

5 minute read

Practical steps to start managing your secrets properly, continuous threat modeling, container security stats and best practices, and my thoughts on the futu...

Back to Top ↑

c

Back to Top ↑

pen_testing

Back to Top ↑

machine_learning

Back to Top ↑

metrics

The Art of Vulnerability Management

10 minute read

Alexandra Nassar of Medallia describes how to create a positive vulnerability management culture and process that works for engineers and the security team.

Back to Top ↑

vuln_management

The Art of Vulnerability Management

10 minute read

Alexandra Nassar of Medallia describes how to create a positive vulnerability management culture and process that works for engineers and the security team.

Back to Top ↑

con_appsec_ali

The Art of Vulnerability Management

10 minute read

Alexandra Nassar of Medallia describes how to create a positive vulnerability management culture and process that works for engineers and the security team.

Back to Top ↑

podcast

Back to Top ↑

absolute_appsec

Back to Top ↑

supply_chain_security

Back to Top ↑

humor

Back to Top ↑

twitter

Back to Top ↑

economics

Back to Top ↑

ransomware

Back to Top ↑

con_blackhat

Back to Top ↑

google

Back to Top ↑

beyond_corp

Back to Top ↑

terraform

Back to Top ↑

startup_security

Back to Top ↑

culture

Back to Top ↑

graphql

Back to Top ↑

deserialization

Back to Top ↑

containers

Back to Top ↑

politics

Back to Top ↑

azure

Back to Top ↑

automatic_exploit_generation

Back to Top ↑

red_team

Back to Top ↑

career

Back to Top ↑

writing

Back to Top ↑

side_channels

Back to Top ↑