Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Goなどで作る脆弱性対策ゲーム / go-bigbridge

Sponsored · Ship Features Fearlessly Turn features on and off without deploys. Used by thousands of Ruby developers.
Avatar for KONDO Uchio KONDO Uchio
June 14, 2018
Technology
1
920

Goなどで作る脆弱性対策ゲーム / go-bigbridge

@Fukuoka.go #11

https://fukuokago.connpass.com/event/87684/

Avatar for KONDO Uchio

KONDO Uchio

June 14, 2018
Tweet

More Decks by KONDO Uchio

See All by KONDO Uchio
大規模レガシーテストを 倒すための CI基盤の作り方 / #CICD2023
Avatar for KONDO Uchio udzura
5
2.5k
Ruby x BPF in Action / RubyKaigi 2022
Avatar for KONDO Uchio udzura
0
290
Narrative of Ruby & Rust
Avatar for KONDO Uchio udzura
0
260
開発者生産性指標の可視化 / pepabo-four-keys
Avatar for KONDO Uchio udzura
3
1.8k
Talk of RBS
Avatar for KONDO Uchio udzura
0
490
Re: みなさん最近どうですか? / FGN tech meetup in 2021
Avatar for KONDO Uchio udzura
0
840
Dockerとやわらかい仮想化 - ProSec-IT/SECKUN 2021 edition -
Avatar for KONDO Uchio udzura
2
800
Device access filtering in cgroup v2
Avatar for KONDO Uchio udzura
1
990
"Story of Rucy" on RubyKaigi takeout 2021
Avatar for KONDO Uchio udzura
0
900

Other Decks in Technology

See All in Technology
AI時代の「本当の」ハイブリッドクラウド — エージェントが実現した、あの頃の夢
Avatar for Masahiko Ebisuda ebibibi
0
150
Mitigating geopolitical risks with local-first software and atproto
Avatar for Martin Kleppmann ept
0
130
「通るまでRe-run」から卒業!落ちないテストを書く勘所
Avatar for asumikam asumikam
2
390
イベントで大活躍する電子ペーパー名札を作る(その2) 〜 M5PaperとM5PaperS3 〜 / IoTLT @ JLCPCB オープンハードカンファレンス
Avatar for you(@youtoy) you
PRO
0
120
生成AIで速度と品質を両立する、QAエンジニア・開発者連携のAI協調型テストプロセス
Avatar for butatamasoba / Shota Kusaba shota_kusaba
0
250
Claude Code のコード品質がばらつくので AI に品質保証させる仕組みを作った話 / A story about building a mechanism to have AI ensure quality, because the code quality from Claude Code was inconsistent
Avatar for nrs nrslib
13
8.7k
Zero Data Loss Autonomous Recovery Service サービス概要
Avatar for oracle4engineer oracle4engineer
PRO
2
13k
Go 1.26 Genericsにおける再帰的型制約 / Recursive Type Constraints in Go 1.26 Generics
Avatar for turbofish ryokotmng
0
140
頼れる Agentic AI を支える Datadog のオブザーバビリティ / Powering Reliable Agentic AI with Datadog Observability
Avatar for Kento Kimura aoto
PRO
0
230
アーキテクチャモダナイゼーションを実現する組織
Avatar for SatohJohn satohjohn
1
1.1k
システム標準化PMOから ガバメントクラウドCoEへ
Avatar for 高橋広和 techniczna
1
150
20260311 ビジネスSWG活動報告(デジタルアイデンティティ人材育成推進WG Ph2 活動報告会)
Avatar for OpenID Foundation Japan oidfj
0
350

Featured

See All Featured
Optimizing for Happiness
Avatar for Tom Preston-Werner mojombo
378
71k
Paper Plane (Part 1)
Avatar for Katie Cordina Lindsey katiecoart
PRO
0
5.7k
Discover your Explorer Soul
Avatar for Emna emna__ayadi
2
1.1k
Breaking role norms: Why Content Design is so much more than writing copy - Taylor Woolridge
Avatar for UX Y'all uxyall
0
210
Neural Spatial Audio Processing for Sound Field Analysis and Control
Avatar for NII S. Koyama's Lab skoyamalab
0
220
Stop Working from a Prison Cell
Avatar for Chris Michel hatefulcrawdad
274
21k
Measuring Dark Social's Impact On Conversion and Attribution
Avatar for Stephen Akadiri stephenakadiri
1
160
The Pragmatic Product Professional
Avatar for Laura Van Doore lauravandoore
37
7.2k
Learning to Love Humans: Emotional Interface Design
Avatar for Aarron Walter aarron
275
41k
Facilitating Awesome Meetings
Avatar for Lara Hogan lara
57
6.8k
A Modern Web Designer's Workflow
Avatar for Chris Coyier chriscoyier
698
190k
The Illustrated Children's Guide to Kubernetes
Avatar for Chris Short chrisshort
51
52k

Transcript

  1. 6DIJP,POEP 'VLVPLBHP (PͳͲͰ࡞Δ੬ऑੑରࡦήʔϜ

  2. (.0ϖύϘγχΞϓϦϯγύϧ ۙ౻͏͓ͪ!VE[VSB 044ϓϩμΫτ w NSVCZͷίϯςφϥϯλΠϜ)BDPOJXB w 3VCZͷ ZFU"OPUIFS 0QFO4UBDLDMJFOU:BP 3VCZ͸೥΄Ͳɺ(P͸೥͙Β͍ʁ

    ޷͖ͳϥΠϒϥϦIBTIJDPSQIDM ར༻ϒΩϓϥΠϜγϡʔλʔίϥϘ ηΩϡϦςΟ͸ษڧ࢝͠Ίͨ͹͔ΓͰ͢

  3. "MTPB3VCZJTU

  4. 13

  5. 'VLVPLBSC ! ԙϖύες

  6. 8FCΞϓϦέʔγϣϯͷ ੬ऑੑ

  7. 944

  8. $43'

  9. 42- *OKFDUJPO

  10. ߈ܸ͞Εͨ͜ͱ ͋Γ·͔͢ʁ

  11. ߈ܸΛ஌Γ͍ͨ ๷ޚ͍ͨ͠

  12. ࿅शʢʁʣ͠Α͏

  13. DG%78" w%BNO7VMOFSBCMF8FC"QQMJDBUJPO w͋͑ͯ੬ऑͳ࡞Γʹͨ͠΢ΣϒΞϓϦέʔγϣϯ w༷ʑͳ߈ܸΛ࣮ࡍʹߦ͏͜ͱͰɺ߈ܸଆͷؾ࣋ͪʹͳΓ
 ͦΕ͕։ൃʹ͓͍ͯ΋໾ʹཱͭ wΞϓϦέʔγϣϯͷ੬ऑ౓߹͍ΛઃఆͰ͖ͯศརʢʁʣ IUUQXXXEWXBDPVL

  14. ߈ܸΛͯ͠ΈΔͱ

  15. None

  16. ͜ΕΛࣗಈԽ͢Δͱ

  17. ๷ޚଆͷ ࿅शʹ΋࢖͑ΔͷͰ͸ʁ

  18. CJHCSJEHFϓϩδΣΫτʢԾʣ wೋͭͷίϯςφΛ࡞Δ߈ܸଆɺ๷ޚଆ w߈ܸଆ͸όΠφϦͰϒϥοΫϘοΫεͷϓϩάϥϜ w๷ޚଆ͸"QBDIF NPE@QIQͳ੬ऑͳΞϓϦέʔγϣϯ
 TTIͰௐࠪՄೳͳΑ͏ɺγεςϜίϯςφʹͳ͍ͬͯΔ

  19. CJHCSJEHF IUUQTDTLZVTIVVBDKQFOQJUQSP

  20. ߏ੒ Binary Apache MySQL App (PHP) SSHD Attacker Defender

  21. ๷ޚଆ͔ΒৄࡉΛɻ wTPWFSMBZͱ͍͏ɺ%PDLFS΍ίϯςφʹಛԽͨ͠γϯϓϧͳJOJUͷ࢓ ૊ΈΛ࢖ͬͯγεςϜίϯςφΛ࡞Δɻ wTTIE ϩάͷͨΊSTZTMPH ɺBQBDIFɺ.Z42-Λࣂ͍ͬͯΔ wPDUPQBTTͰTTIϩάΠϯपΓΛ؆୯ʹ IUUQTHJUIVCDPNKVTUDPOUBJOFSTTPWFSMBZ

  22. ߈ܸଆɻ wṖͷόΠφϦ͕͋Δ wઃఆʹ͸ɺ߈ܸઌͷΞυϨεͳͲͷ৘ใ͔͠౉ͤͳ͘ɺͲ͏͍͏߈ܸ Λ͍ͯ͠Δ͔͸Θ͔Βͳ͍ wىಈ͢Δͱɺର৅΁ͷ߈ܸͷ੒ޭࣦഊ͚͕ͩΘ͔Δ wˠ๷ޚଆͷϩάͳͲΛ֬ೝ͠ɺΞϓϦΛվमͯ͠

  23. ߈ܸϕϯνϚʔΫͷྲྀΕ w߈ܸଆͰόΠφϦىಈˠ๷ޚଆͰϩάͳͲΛ֬ೝ wˠ๷ޚଆͷઃఆΛมߋͨ͠ΓɺΞϓϦΛվम wˠ࠶౓߈ܸΛ͠ɺࣦഊͨ͠Β๷Ӵ੒ޭʂʂʂ̍

  24. ṖͷόΠφϦ

  25. ͦ͜ͰɺΛ࢖͏

  26. ࣮૷ͷྫ

  27. ໾ʹཱͭ΋ͷ wIFBE[PPTVSG wঢ়ଶΛอͭ͜ͱ͕Ͱ͖Δ΢ΣϒεΫϨΠύʔϥΠϒϥϦ IUUQTHJUIVCDPNIFBE[PPTVSG

  28. EFNP wʢतۀͰ࢖͏ͱ͍͏͜ͱͰɺৄࡉ͸·ͩφΠγϣʣ

  29. ࠓޙ΍Γ͍ͨ͜ͱ w߈ܸͷόϦΤʔγϣϯΛ૿΍͢ w؆୯ͳରࡦͰ͋ͬͨΒ߈ܸଆͰݟൈ͔Εͯ͢Γൈ͚Δ΍ͭͱ͔ w߈ܸόΠφϦΛ΋ͬͱ೉ಡԽ͢Δ w๷ޚଆɺ1)1Ҏ֎ͷݴޠϑϨʔϜϫʔΫΛ૿΍͢

  30. จࣈྻΛӅ͍ͨ͠ w(Pݴޠ੡ͷόΠφϦͰ΋ɺ΋ͪΖΜTUSJOHT  ͳͲͰ߈ܸख๏ʹؔ ܎͢Δจࣈྻ͸ݟ͑ͯ͠·͏ɻ wจࣈσʔλΛ·ͱΊͯ֎෦͔Βఏڙͭͭɺ҉߸Խ͞ΕͨܗͰόΠφϦ ؚΉΑ͏ͳπʔϧΛ࡞ΕΔͱྑͦ͞͏ʁ wʢ΋ͪΖΜɺҰൠతͳ࿩ͰόΠφϦ಺ͷจࣈྻΛ҉߸Խͯ͠΋
 ɹͦΜͳʹηΩϡϦςΟରࡦʹ͸ͳΒͳ͍ɻΫΠζͷ೉қ౓తͳ࿩Ͱʣ

  31. None

  32. PT&YJU