From Security Weekly Wiki
Jump to navigationJump to search
1,120 bytes added ,  06:09, 16 December 2019
===== Bugs, Breaches, and More! =====
* [ Binary Planting with the npm CLI] is another way to describe one of our favorite attacks -- path traversal.
===== If you build it, they will come =====
* [ GitLab Doles Out Half a Million Bucks to White Hats]
===== Learning & Tools =====
* [ Speculation & leakage: Timing side channels & multi-tenant computing] from AWS re:invent. A great talk from a the perspective of a threat model where such attacks are a critical part of the threat model.
* [ How can we integrate security into the DevOps pipelines?] By picking from many of the great resources in this article.
===== Food for Thought =====
* [ Go passwordless to strengthen security and reduce costs] -- and design your app to support these types of workflows, including account recovery.


Navigation menu