From Security Weekly WikiJump to navigationJump to search
- A Tale of Escaping a Hardened Docker container should go into the expanding volume of barriers that aren't.
- No need to hack when it’s leaking shows again that secrets shouldn't go into code.
- Four More Bugs Patched in Microsoft’s Azure Sphere IoT Platform feature two ways to reach remote code execution by twisting a barrier of read-only memory into a writeable one, and gives another chance to peruse the nineteen cybersecurity best practices for Azure Sphere.
- Upgrading GitHub to Ruby 2.7 shows one way to create a path forward to move off deprecated language or framework versions.
- Did Your Last DevOps Strategy Fail? Try Again with feedback loops and collaboration.
- Redefining What CISO Success Looks Like looks a lot like starting with the threat models and risk scenarios created for your apps.
- Lessons from Uber: Be crystal clear on the law and your bug bounty policies so that your threat models and risk scenarios don't stray from appsec.