Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Security First
Search
Adam Baldwin
September 15, 2013
Technology
0
75
Security First
JSConfEU 2013
Adam Baldwin
September 15, 2013
Tweet
Share
Other Decks in Technology
See All in Technology
なぜ今、コスト最適化(倹約)が必要なのか? ~AWSでのコスト最適化の進め方「目的編」~
htan
1
110
ZOZOにおけるAI活用の現在 ~開発組織全体での取り組みと試行錯誤~
zozotech
PRO
4
4.8k
MySQLのJSON機能の活用術
ikomachi226
0
150
会社紹介資料 / Sansan Company Profile
sansan33
PRO
15
400k
AzureでのIaC - Bicep? Terraform? それ早く言ってよ会議
torumakabe
1
230
IaaS/SaaS管理における SREの実践 - SRE Kaigi 2026
bbqallstars
4
1.6k
入社1ヶ月でデータパイプライン講座を作った話
waiwai2111
1
230
Bill One急成長の舞台裏 開発組織が直面した失敗と教訓
sansantech
PRO
1
280
GitLab Duo Agent Platform × AGENTS.md で実現するSpec-Driven Development / GitLab Duo Agent Platform × AGENTS.md
n11sh1
0
120
Tebiki Engineering Team Deck
tebiki
0
24k
(金融庁共催)第4回金融データ活用チャレンジ勉強会資料
takumimukaiyama
0
120
Agile Leadership Summit Keynote 2026
m_seki
1
350
Featured
See All Featured
Have SEOs Ruined the Internet? - User Awareness of SEO in 2025
akashhashmi
0
270
A Modern Web Designer's Workflow
chriscoyier
698
190k
Product Roadmaps are Hard
iamctodd
PRO
55
12k
Creating an realtime collaboration tool: Agile Flush - .NET Oxford
marcduiker
35
2.4k
Joys of Absence: A Defence of Solitary Play
codingconduct
1
290
Cheating the UX When There Is Nothing More to Optimize - PixelPioneers
stephaniewalter
287
14k
Tell your own story through comics
letsgokoyo
1
800
More Than Pixels: Becoming A User Experience Designer
marktimemedia
3
320
Performance Is Good for Brains [We Love Speed 2024]
tammyeverts
12
1.4k
Getting science done with accelerated Python computing platforms
jacobtomlinson
2
110
KATA
mclloyd
PRO
34
15k
Primal Persuasion: How to Engage the Brain for Learning That Lasts
tmiket
0
240
Transcript
Security First
None
None
Thanks First
Hi, I’m Adam
Hi, I’m Adam @adam_baldwin @liftsecurity @nodesecurity
Hi, I’m Adam @evilpacket
None
andbang.com
andbang.com
None
None
Node Security Project nodesecurity.io
Security First
We’re Fucked
Nothing is 100% Secure.
None
None
Defender Attacker
Defender Attacker
None
Attacker Defender
Software is Hard
Software is full of opinions
None
Mobile First
Mobile First Content First
Mobile First Content First Offline First
Mobile First Content First Offline First SECURITY
Software is full of constraints
Security is one of those
Who’s responsible for security?
Who’s responsible for security? You are.
Why?
None
NSA Spent $25 million on ‘software vulnerabilities’ in 2013
Stay off the menu.
Litigation is coming.
Litigation is coming.
Enough Doom & Gloom already!
Enough Doom & Gloom already!
Something has to change
Let’s build a Security First culture
None
Why do we avoid security?
- Ignorance - Procrastination - Not Exciting work - Not
Rewarded
Education Understand Vulnerabilities
The simple stuff still works.
None
Validation / Sanitization Crypto http://www.matasano.com/articles/crypto-challenges/ http://owasp.org
npm install all the things™
npm install coffeescript
so..ahhh. what else?
Process It’s not immutable
Community Bridge all the worlds http://blog.andyet.com/2013/09/11/shame-and-security
security.md
Homework. - Learn about 1 vuln - Audit some code
- Teach a Friend
confwork? Talk to each other about security...
</PRESENTATION> @adam_baldwin | @LiftSecurity