Manage episode 291171880 series 2892732
1. PHP's Git server hacked to add backdoors to PHP source code
Supply chain attacks are bigger than vulns in open source; when the attack is deliberate, the stakes are higher.
2. Redefining Threat Modeling: Security team goes on vacation
We can all agree that threat modeling is non-negotiable; use Segment’s model as a reference for how to do threat modeling using a self-service approach.
3. Software Security at Rocketship Pace
SAST is table stakes, but your SAST solution must eliminate the frustrations that many developers feel with loud tools that provide limited value.
4. SSRF Attack Examples and Mitigations
Let’s get ahead of the OWASP Top Ten 2021 edition and start dealing with SSRF now!
5. Deprecating TLS 1.0 and TLS 1.1
Goodbye, old friends! We don’t and won’t miss you at all, TLS 1.0 and 1.1.