Security is hard, yet vital for any software these days. After all you don’t want to become the laughing stock on hacker news or cause your company to loose billions in shareholder value. This talk won’t turn you into a security specialist over night, but you will learn how to avoid common mistakes in your daily work as developer or administrator. I’m going to take you on a brief tour in secure software design, illustrate various attack vectors, and point you to helpful tools and resources. Topics include threat analysis, deployment, parsing, authentication, TLS/SSL, crypto, and user interaction, with some real life examples from my daily work.
The talk will be an extended version of my PyCon UK 2017 and DevConf.CZ 2018 info sec talk. Slides are recordings of my PyCon UK talk are available at https://speakerdeck.com/tiran/pycon-uk-2017-everyday-security-issues-and-how- to-avoid-them .
in __on Friday 20 April at 12:30 **See schedule**