What I wish I knew about security - Allon Mureinik DevConf.CZ 2022
?
0 likes?63 views
Eighteen years into my career, I decided to pivot and move from infrastructure-related work to the world of application security. If there¡¯s one thing I¡¯ve learned in the three years of working in application security is that it¡¯s a funny business. Our entire business model is based on pointing out the mistakes of other programmers. In this talk, I want to shoot myself in the foot and share some concepts that could help eliminate a lot of those mistakes, and reduce my job to snuffing out the more interesting mistakes.
What I wish I knew about security - Allon Mureinik DevConf.CZ 2022
- 1. What I wish I knew about security when I started programming Allon Mureinik Senior Manager, Seeker Interactive Application Security Testing (IAST) Synopsys, Inc. allon.mureinik@synopsys.com / @mureinik / https://www.linkedin.com/in/mureinik/ DevConf.CZ 2022
- 2. ? 2021 Synopsys, Inc. 2 What I wish I knew about security when I started programming (Allon Mureinik, DevConf.CZ 2022, cc-by-sa-4.0) My Goodness, Why Didn't I Think of That? https://knowyourmeme.com/memes/my-goodness-why-didnt-i-think-of-that
- 3. ? 2021 Synopsys, Inc. 3 What I wish I knew about security when I started programming (Allon Mureinik, DevConf.CZ 2022, cc-by-sa-4.0) It¡¯s a matter of perception https://www.dreamworks.com/movies/megamind
- 4. ? 2021 Synopsys, Inc. 4 What I wish I knew about security when I started programming (Allon Mureinik, DevConf.CZ 2022, cc-by-sa-4.0) It¡¯s a matter of perception (cont.) https://www.hbo.com/game-of-thrones
- 5. ? 2021 Synopsys, Inc. 5 What I wish I knew about security when I started programming (Allon Mureinik, DevConf.CZ 2022, cc-by-sa-4.0) Shifting left https://www.thefastsaga.com/
- 6. ? 2021 Synopsys, Inc. 6 What I wish I knew about security when I started programming (Allon Mureinik, DevConf.CZ 2022, cc-by-sa-4.0) A balancing act https://www.marvel.com/movies/avengers-infinity-war
- 7. ? 2021 Synopsys, Inc. 7 What I wish I knew about security when I started programming (Allon Mureinik, DevConf.CZ 2022, cc-by-sa-4.0) Reality check https://thenounproject.com/term/check/1635221
- 8. ? 2021 Synopsys, Inc. 8 What I wish I knew about security when I started programming (Allon Mureinik, DevConf.CZ 2022, cc-by-sa-4.0) Who really uses the system? How will an unreasonable person abuse it? How will a reasonable person use it? https://thenounproject.com/term/theater/17128
- 9. ? 2021 Synopsys, Inc. 9 What I wish I knew about security when I started programming (Allon Mureinik, DevConf.CZ 2022, cc-by-sa-4.0) Don¡¯t trust your input https://thenounproject.com/term/trust/2714631
- 10. ? 2021 Synopsys, Inc. 10 What I wish I knew about security when I started programming (Allon Mureinik, DevConf.CZ 2022, cc-by-sa-4.0) Scale https://thenounproject.com/term/scales/1220825
- 11. ? 2021 Synopsys, Inc. 11 What I wish I knew about security when I started programming (Allon Mureinik, DevConf.CZ 2022, cc-by-sa-4.0) Your code is just the tip of the iceberg https://thenounproject.com/icon/iceberg-2258187/
- 12. ? 2021 Synopsys, Inc. 12 What I wish I knew about security when I started programming (Allon Mureinik, DevConf.CZ 2022, cc-by-sa-4.0) Boring is good https://thenounproject.com/term/yawn/3971467
- 13. ? 2021 Synopsys, Inc. 13 What I wish I knew about security when I started programming (Allon Mureinik, DevConf.CZ 2022, cc-by-sa-4.0) Can we tool it away? https://thenounproject.com/term/tools/943586
- 14. ? 2021 Synopsys, Inc. 14 What I wish I knew about security when I started programming (Allon Mureinik, DevConf.CZ 2022, cc-by-sa-4.0) Takeaways https://thenounproject.com/term/takeout/38140
- 15. ? 2021 Synopsys, Inc. 15 What I wish I knew about security when I started programming (Allon Mureinik, DevConf.CZ 2022, cc-by-sa-4.0) Questions? https://thenounproject.com/term/questions/1195076/