During this episode we will go over common security breaches where the weakest service/software were exploited, why all components of a system should get their share of security evaluation, and why secure software design and coding are important for developers on all stacks.

Hosted by: Mohamed Ez-zarghili
Guests: Hammadi Agharass Souhail Mssassi

Play episode on:

Share episode:

Notes:

0:00:00 - Intro and welcoming.

0:07:00 - Exciting security news: Log4j zero-day exploit meltdown.

0:13:00 - Java Naming and Directory Interface (JNDI).

0:16:00 - A brief introduction of security from your perspective?

0:22:00 - What are the software/system aspects that are more critically in need for security?

0:32:00 - The weakest links for system security: Physical security.

0:42:00 - The weakest links for system security: Network security.

0:49:00 - The weakest links for system security: Employees.

0:59:00 - Stuxnet, where employees contribute to getting malware to the org.

1:02:00 - Social engineering attack: FB & Google fraud attack.

1:04:00 - Small satellite apps: FBI website hack, ~100k email sent from a legit fbi.org email address.

1:35:00 - Secure coding principles for developers

1:45:00 - Securing small systems (usually considered irrelevant systems)

1:54:00 - How to secure frontend?

2:00:00 - How to make sure employees/developers machines are secure?

2:09:00 - How to manage secrets

2:28:00 - Wrap up and Goodbye

Edit on GitHub – PRs welcome
Illustration

Anything you want us to talk about?

If you have any topics, questions, guests to invite, concepts, books, or technologies you want us to explore, don’t hesitate updating our episodes planning :D

Check planning