Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Security survival skills (for the adventurous d...
Search
Laura Bell
April 24, 2015
Technology
0
110
Security survival skills (for the adventurous developer)
Laura Bell
April 24, 2015
Tweet
Share
More Decks by Laura Bell
See All by Laura Bell
DIY security for the amateur superhero
ladynerd
0
270
Hackcon 11 - Protecting our people
ladynerd
0
240
Security in a container based world
ladynerd
0
150
Securing Microservice Architectures
ladynerd
2
360
Better Connected
ladynerd
0
71
Continuous Security
ladynerd
3
1.2k
Automated Human Vulnerability Scanning with AVA
ladynerd
3
2.7k
Blindsided by security
ladynerd
0
110
Practical tools for privacy audit
ladynerd
0
200
Other Decks in Technology
See All in Technology
「タコピーの原罪」から学ぶ間違った”支援” / the bad support of Takopii
piyonakajima
0
150
SCONE - 動画配信の帯域を最適化する新プロトコル
kazuho
1
400
組織全員で向き合うAI Readyなデータ利活用
gappy50
4
1.3k
20251029_Cursor Meetup Tokyo #02_MK_「あなたのAI、私のシェル」 - プロンプトインジェクションによるエージェントのハイジャック
mk0721
PRO
5
1.5k
猫でもわかるAmazon Q Developer CLI 解体新書
kentapapa
1
110
Oracle Database@Google Cloud:サービス概要のご紹介
oracle4engineer
PRO
0
380
スタートアップの現場で実践しているテストマネジメント #jasst_kyushu
makky_tyuyan
0
140
ソースを読む時の思考プロセスの例-MkDocs
sat
PRO
1
300
AWS DMS で SQL Server を移行してみた/aws-dms-sql-server-migration
emiki
0
250
AIの個性を理解し、指揮する
shoota
1
230
プロダクト開発と社内データ活用での、BI×AIの現在地 / Data_Findy
sansan_randd
1
540
AI連携の新常識! 話題のMCPをはじめて学ぶ!
makoakiba
0
140
Featured
See All Featured
How STYLIGHT went responsive
nonsquared
100
5.9k
KATA
mclloyd
PRO
32
15k
The Cult of Friendly URLs
andyhume
79
6.6k
Producing Creativity
orderedlist
PRO
347
40k
Building Applications with DynamoDB
mza
96
6.7k
Build The Right Thing And Hit Your Dates
maggiecrowley
38
2.9k
How GitHub (no longer) Works
holman
315
140k
Code Review Best Practice
trishagee
72
19k
Embracing the Ebb and Flow
colly
88
4.9k
10 Git Anti Patterns You Should be Aware of
lemiorhan
PRO
658
61k
実際に使うSQLの書き方 徹底解説 / pgcon21j-tutorial
soudai
PRO
190
55k
Building a Modern Day E-commerce SEO Strategy
aleyda
44
7.8k
Transcript
Security skills for the adventurous developer Laura Bell F O
U N D E R & L E A D C O N S U LTA N T S A F E S TAC K @ l a d y _ n e rd l a u r a @ s a fe s t a c k . i o
the world is a terrible place
the internet is a festering pool of toxic waste
None
somebody probably wants to do bad things to your computer
the security situation is beyond hope
None
we can build amazing things
None
None
None
doing this securely is hard
QQ
good adventures are supposed to be challenging
so stop waiting for someone to hand you these skills
on a plate
this is your adventure
let’s get started
prepare for the (inevitable) sequel protect your treasure build amazing
machines always have an escape route watch your back take the road well travelled prepare yourself plan your route (but keep it flexible)
prepare yourself
security starts with education
security is a team sport
plan your route (but keep it flexible)
design before implementation
examine all the options
security requires compromises
take the road well travelled
follow in someone else’s footsteps
know where to look for direction
expose yourself to scrutiny
build amazing machines
build amazing machines
security needs a robot army
immutable architectures help security
watch your back
know everything there is to know
use clever tools to build clever things
Watch for expensive distractions
more alarms and no surprises
security is the long game
watch for spies
always have an escape route
have a backup (plan)
be prepared to action it
store your backups securely
protect your treasure
know the value of what you have around you
vs. vs. value is relative
secure data starts with secure storage
so about those passwords?
secure systems need gatekeepers
prepare for the (inevitable) sequel
celebrate your successes
learn from your mistakes
prepare for the next adventure
the world is a terrible place
secure your own adventure
questions? Laura Bell F O U N D E R
& L E A D C O N S U LTA N T S A F E S TAC K @ l a d y _ n e rd l a u r a @ s a fe s t a c k . i o