Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Security First
Search
Sponsored
·
Your Podcast. Everywhere. Effortlessly.
Share. Educate. Inspire. Entertain. You do you. We'll handle the rest.
→
Adam Baldwin
September 15, 2013
Technology
0
75
Security First
JSConfEU 2013
Adam Baldwin
September 15, 2013
Tweet
Share
Other Decks in Technology
See All in Technology
インフラエンジニア必見!Kubernetesを用いたクラウドネイティブ設計ポイント大全
daitak
0
330
Context Engineeringが企業で不可欠になる理由
hirosatogamo
PRO
3
460
モダンUIでフルサーバーレスなAIエージェントをAmplifyとCDKでサクッとデプロイしよう
minorun365
4
170
名刺メーカーDevグループ 紹介資料
sansan33
PRO
0
1k
10Xにおける品質保証活動の全体像と改善 #no_more_wait_for_test
nihonbuson
PRO
2
220
IaaS/SaaS管理における SREの実践 - SRE Kaigi 2026
bbqallstars
4
1.7k
ClickHouseはどのように大規模データを活用したAIエージェントを全社展開しているのか
mikimatsumoto
0
200
データの整合性を保ちたいだけなんだ
shoheimitani
8
3k
制約が導く迷わない設計 〜 信頼性と運用性を両立するマイナンバー管理システムの実践 〜
bwkw
3
890
Embedded SREの終わりを設計する 「なんとなく」から計画的な自立支援へ
sansantech
PRO
3
2.2k
All About Sansan – for New Global Engineers
sansan33
PRO
1
1.3k
【5分でわかる】セーフィー エンジニア向け会社紹介
safie_recruit
0
42k
Featured
See All Featured
Agile that works and the tools we love
rasmusluckow
331
21k
Efficient Content Optimization with Google Search Console & Apps Script
katarinadahlin
PRO
0
310
Technical Leadership for Architectural Decision Making
baasie
1
240
Refactoring Trust on Your Teams (GOTO; Chicago 2020)
rmw
35
3.3k
Building Flexible Design Systems
yeseniaperezcruz
330
40k
How Software Deployment tools have changed in the past 20 years
geshan
0
32k
Digital Projects Gone Horribly Wrong (And the UX Pros Who Still Save the Day) - Dean Schuster
uxyall
0
320
Rails Girls Zürich Keynote
gr2m
96
14k
How to Think Like a Performance Engineer
csswizardry
28
2.4k
4 Signs Your Business is Dying
shpigford
187
22k
Ruling the World: When Life Gets Gamed
codingconduct
0
140
Practical Tips for Bootstrapping Information Extraction Pipelines
honnibal
25
1.7k
Transcript
Security First
None
None
Thanks First
Hi, I’m Adam
Hi, I’m Adam @adam_baldwin @liftsecurity @nodesecurity
Hi, I’m Adam @evilpacket
None
andbang.com
andbang.com
None
None
Node Security Project nodesecurity.io
Security First
We’re Fucked
Nothing is 100% Secure.
None
None
Defender Attacker
Defender Attacker
None
Attacker Defender
Software is Hard
Software is full of opinions
None
Mobile First
Mobile First Content First
Mobile First Content First Offline First
Mobile First Content First Offline First SECURITY
Software is full of constraints
Security is one of those
Who’s responsible for security?
Who’s responsible for security? You are.
Why?
None
NSA Spent $25 million on ‘software vulnerabilities’ in 2013
Stay off the menu.
Litigation is coming.
Litigation is coming.
Enough Doom & Gloom already!
Enough Doom & Gloom already!
Something has to change
Let’s build a Security First culture
None
Why do we avoid security?
- Ignorance - Procrastination - Not Exciting work - Not
Rewarded
Education Understand Vulnerabilities
The simple stuff still works.
None
Validation / Sanitization Crypto http://www.matasano.com/articles/crypto-challenges/ http://owasp.org
npm install all the things™
npm install coffeescript
so..ahhh. what else?
Process It’s not immutable
Community Bridge all the worlds http://blog.andyet.com/2013/09/11/shame-and-security
security.md
Homework. - Learn about 1 vuln - Audit some code
- Teach a Friend
confwork? Talk to each other about security...
</PRESENTATION> @adam_baldwin | @LiftSecurity
daitak
hirosatogamo
minorun365
sansan33
nihonbuson
bbqallstars
mikimatsumoto
shoheimitani
bwkw
sansantech
safie_recruit
rasmusluckow
katarinadahlin
baasie
rmw
yeseniaperezcruz
geshan
uxyall
gr2m
csswizardry
shpigford
codingconduct
honnibal
