Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Kelsey Gilmore-Innis - Seriously Strong Securit...
Search
PyCon 2016
June 01, 2016
Programming
6
930
Kelsey Gilmore-Innis - Seriously Strong Security on a Shoestring
PyCon 2016
June 01, 2016
Tweet
Share
More Decks by PyCon 2016
See All by PyCon 2016
Manuel Ebert - Putting 1 million new words into the dictionary
pycon2016
6
920
Brett Slatkin - Refactoring Python: Why and how to restructure your code
pycon2016
17
5.6k
Mike Graham - The Life Cycle of a Python Class
pycon2016
7
8.8k
Nathaniel Manista, Augie Fackler - Code Unto Others
pycon2016
0
510
Alex Gaynor - The cobbler's children have no shoes, or building better tools for ourselves
pycon2016
0
770
Adrienne Lowe - Bake the Cookies, Wear the Dress: Connecting with Confident Authenticity
pycon2016
0
350
Jake Vanderplas - Statistics for Hackers
pycon2016
17
4.9k
Daniele Procida - Documentation-driven development - lessons from the Django Project
pycon2016
3
850
Shannon Quinn - Python for Public Health: Building Statistical Models of Ciliary Motion
pycon2016
0
540
Other Decks in Programming
See All in Programming
『自分のデータだけ見せたい!』を叶える──Laravel × Casbin で複雑権限をスッキリ解きほぐす 25 分
akitotsukahara
2
660
A full stack side project webapp all in Kotlin (KotlinConf 2025)
dankim
0
150
SQLアンチパターン第2版 データベースプログラミングで陥りがちな失敗とその対策 / Intro to SQL Antipatterns 2nd
twada
PRO
16
2.3k
AI時代の『改訂新版 良いコード/悪いコードで学ぶ設計入門』 / ai-good-code-bad-code
minodriven
24
9.6k
「App Intent」よくわからんけどすごい!
rinngo0302
1
110
たった 1 枚の PHP ファイルで実装する MCP サーバ / MCP Server with Vanilla PHP
okashoi
1
300
MCPを使ってイベントソーシングのAIコーディングを効率化する / Streamlining Event Sourcing AI Coding with MCP
tomohisa
0
170
20250708_JAWS_opscdk
takuyay0ne
2
130
Quand Symfony, ApiPlatform, OpenAI et LangChain s'allient pour exploiter vos PDF : de la théorie à la production…
ahmedbhs123
0
220
チームのテスト力を総合的に鍛えて品質、スピード、レジリエンスを共立させる/Testing approach that improves quality, speed, and resilience
goyoki
5
1.1k
Flutterで備える!Accessibility Nutrition Labels完全ガイド
yuukiw00w
0
170
dbt民主化とLLMによる開発ブースト ~ AI Readyな分析サイクルを目指して ~
yoshyum
3
1.1k
Featured
See All Featured
実際に使うSQLの書き方 徹底解説 / pgcon21j-tutorial
soudai
PRO
181
54k
Put a Button on it: Removing Barriers to Going Fast.
kastner
60
3.9k
Java REST API Framework Comparison - PWX 2021
mraible
31
8.7k
The Language of Interfaces
destraynor
158
25k
Principles of Awesome APIs and How to Build Them.
keavy
126
17k
10 Git Anti Patterns You Should be Aware of
lemiorhan
PRO
656
60k
The Success of Rails: Ensuring Growth for the Next 100 Years
eileencodes
45
7.5k
Improving Core Web Vitals using Speculation Rules API
sergeychernyshev
18
990
The Illustrated Children's Guide to Kubernetes
chrisshort
48
50k
Why You Should Never Use an ORM
jnunemaker
PRO
58
9.5k
The Cult of Friendly URLs
andyhume
79
6.5k
Automating Front-end Workflow
addyosmani
1370
200k
Transcript
SERIOUSLY STRONG SECURITY ON A SHOESTRING content warning: sexual assault
SERIOUSLY STRONG SECURITY ON A SHOESTRING Kelsey Gilmore-Innis @_K_E_L_S_E_Y nerd.kelseyinnis.com
Callisto www.projectcallisto.org
IT DOESN’T TAKE AN ARMY
YOU CAN’T SECURE DATA ON THE INTERNET
YOU CAN SECURE DATA ON THE INTERNET
START FROM SOLID FOUNDATIONS
KNOW YOUR STRENGTHS
KNOW YOUR STRENGTHS •CLOUD HOSTING •PLATFORM AS A SERVICE •CONTENT
DISTRIBUTION NETWORKS
KNOW YOUR THREATS
SECURITY REQUIRES EMPATHY
YOUR BIGGEST THREAT IS IN THIS ROOM
YOUR SECOND BIGGEST THREAT IS WHO YOU’RE TRYING TO PROTECT
TELL ME YOUR CAT’S NAME AND I CAN ACCESS YOUR
WHOLE WORLD • ZXCVBN • CMU’s USABLE PRIVACY & SECURITY LAB • RATE LIMITING
“COMPUTER” CAN MEAN MANY THINGS
BOUNDARIES ARE HARD
DON’T GET CUTE
BE LAZY BUT NOT COMPLACENT
PAY SOMEONE SMARTER
THANKS! www.projectcallisto.org nerd.kelseyinnis.com