Cross-site Scripting, DevOps, OAuth 2.0, GitLab Packages, and more


Manage episode 295232264 series 2892732
By Security Journey. Discovered by Player FM and our community — copyright is owned by the publisher, not Player FM, and audio is streamed directly from their servers. Hit the Subscribe button to track updates in Player FM, or paste the feed URL into other podcast apps.

1. Cross-site scripting (XSS) cheat sheet​
Learn XSS at a depth that you can explain it to anyone, and understand the diversity of attack that exists across the set of XSS vectors.​
2. Why DevOps Will Cease to Exist
Just like DevOps is integrated into every developer’s job, so is security.​
3. OAuth 2.0 Threat Model Pentesting Checklist

OAuth 2.0 is used everywhere, and many developers and security people aren’t aware of the depth of threat that exists.
4. A deep dive into how we investigate and secure GitLab packages
Solving the software supply chain security issues requires a coordinated and organizationally wide approach.
5. Modern Static Analysis: how the best tools empower creativity
If you haven’t evaluated semgrep as a tool for inclusion in your application security program, it’s time.

22 episodes