SlideShare a Scribd company logo

It's the people, stupid.

Jan Schaumann
Jan Schaumann

A talk given at Velocity New York 2016. Transcript and additional links will be posted to https://www.netmeister.org/blog/its-the-people.html

Technology
1 of 70
Download to read offline
It’s  the  people,  stupid.   @jschauma  Jan  Schaumann  
@jschauma  Velocity  NY  2016  
@jschauma  Velocity  NY  2016  
@jschauma  Velocity  NY  2016  
@jschauma  Velocity  NY  2016  
@jschauma  Velocity  NY  2016  
@jschauma  Velocity  NY  2016  
ServerUserless  Systems   @jschauma  Velocity  NY  2016  
Useless  Systems   @jschauma  Velocity  NY  2016  
@jschauma  Velocity  NY  2016  
Change  vs.  more  of  the  same.   The  people,  stupid.   Don’t  forget  malware.   @jschauma  Velocity  NY  2016  
Developers   @jschauma   •  That  can’t  happen.   •  That  doesn’t  happen  on   my  machine.   •  That  shouldn’t  happen.   •  Why  does  that  happen?   •  Oh,  I  see.   •  How  did  that  ever  work?  
Developers   SRE   @jschauma   •  That  never  worked.   •  Must  be  the  network.  
Developers   SysAdmins   @jschauma   •  It’s  not  the  network.   •  Probably  a  bug  in  the  OS.   •  Oh,  ok.  DNS.   •  Don’t  monkey  around  with  /etc/hosts.   SRE  
Developers   SysAdmins   BOFH   @jschauma   •  An  African  or  European  swallow?   •  You  don’t  know  what  you’re  doing.   SRE  
Developers   SysAdmins   BOFH   Infosec   @jschauma   •  That’s  not  how  you  do  this.   •  Nobody  knows  what  they’re  doing.   SRE  
Developers   SysAdmins   BOFH   Infosec   New  Yorkers   @jschauma   •  What?  I  don’t  care,  keep  walking.  Don’t  talk  to  me.   •  Seriously,  don’t  stop  in  the  middle  of  the  street.              I  will  cut  you.   SRE  
Developers   SysAdmins   BOFH   Infosec   New  Yorkers   New  York  Infosec  SysAdmin   @jschauma   SRE  
@jschauma  Velocity  NY  2016  
@jschauma  Velocity  NY  2016  
@jschauma  Velocity  NY  2016  
@jschauma  Velocity  NY  2016  
@jschauma  
@jschauma  Velocity  NY  2016  
@jschauma  
@jschauma  Velocity  NY  2016  
@jschauma  Velocity  NY  2016  
@jschauma  
@jschauma  Velocity  NY  2016  
@jschauma  Velocity  NY  2016  
@jschauma  Velocity  NY  2016   How  not  to  be  seen  
@jschauma   Changing  other  people’s  habits  is  a   wicked  problem.   Velocity  NY  2016  
@jschauma   Prod   Corp   Long-­‐lived  SSH  ConnecCons   Velocity  NY  2016  
@jschauma   Firewall  /  ACLs  /   idled(8)  …   Velocity  NY  2016  
@jschauma   Reverse  SSH  tunnel   Privkeys  on  prod   cron(8)  iniCated  callbacks   …   Velocity  NY  2016  
@jschauma  Velocity  NY  2016  
@jschauma  Velocity  NY  2016  
@jschauma  hLps://is.gd/80zCWX  Velocity  NY  2016  
@jschauma   Why  we  take  our  shoes  off  at  the  airport.   Velocity  NY  2016  
@jschauma   NSA-­‐proofing  TLS   cipher  spec  LiSle  Bobby  Tables   Secrets  on  GitHub   XSS   #Infosec:  Silicon  Valley’s  TSA   Velocity  NY  2016  
Security  is  not  a  value.   @jschauma  Velocity  NY  2016  
Nobody  cares  about  security.   @jschauma  Velocity  NY  2016  
Nobody  cares  about  security.   That  is  neither  incompetence  nor   malice,  it’s  pragmaSsm.   @jschauma  Velocity  NY  2016  
@jschauma   People  driven  defense   EffecCve  defense   “sophisCcated”   “military  grade  encrypCon”   “NSA-­‐proof”   “even  more  cyber”   “cyber”   Vendor  Crap  “Security  Appliances”  
@jschauma  Velocity  NY  2016  
@jschauma   Ceci n’est pas un hacker. Velocity  NY  2016  
@jschauma  Velocity  NY  2016  
@jschauma  Velocity  NY  2016  
@jschauma  Velocity  NY  2016  
@jschauma  Velocity  NY  2016  
@jschauma  Velocity  NY  2016  
@jschauma  Velocity  NY  2016  
Safety,  not  (just)  security.   @jschauma  Velocity  NY  2016  
A  system  is  secure  if  it  protects  the   user  when  used  correctly.     A  system  is  safe  if  it  protects  the  user   even  when  used  incorrectly.   @jschauma  Velocity  NY  2016  
@jschauma  Velocity  NY  2016  
@jschauma   If  your  reacSon  is  “well,  not  like  that”,   you  have  a  poka-­‐yoke  problem.     Fix  that.   Velocity  NY  2016  
@jschauma   The  most  convenient  /  intuiSve   way  to  use  your  applicaSon  must  be   the  safest  way  to  use  your  applicaSon.   Velocity  NY  2016  
@jschauma   Users  will  not  change  default  sengs.   Velocity  NY  2016  
@jschauma   Users  will  not  change  default  sengs.   (Unless  a  less  secure  opSon  is  available.)   Velocity  NY  2016  
@jschauma   Failure  must  not  lead  the  user  to   change  their  default  sengs.   Velocity  NY  2016  
@jschauma   Failure  must  not  lead  the  user  to   change  their  default  sengs.     Safety  overrides  must  be  temporary.   Velocity  NY  2016  
@jschauma   Your  applicaSons,  services,  standards,   etc.,  must  age  gracefully.   Velocity  NY  2016  
Poka-­‐yoke  so^ware  &  systems   •  safe  defaults   •  safe  failure  mode   •  automated,  regular,  unaLended  updates   •  puts  usability  ahead  of  ‘security’   •  encourages  desired  behavior   •  builds  /  strengthens  safe  habits   •  follows  the  users’  desire  path   Velocity  NY  2016  
@jschauma  Velocity  NY  2016  
@jschauma  Velocity  NY  2016  
Change  vs.  more  of  the  same   •  avoid  the  downward  spiral  of  cynicism   •  your  users,  developers,  engineers,  …  are  not  stupid;  they’re   trying  to  get  their  job  done   •  focus  on  realisSc  threats,  not  high-­‐profile  security  theater   •  understand  that  your  aLackers  are  moSvated,  dedicated,   human  adversaries   The  people,  stupid.   •  security  is  not  an  end-­‐goal   •  build  safe  applicaSons  &  services   •  understand  your  users’  desire  paths   •  Poka-­‐yoke  Go!   @jschauma  Velocity  NY  2016  
“Fundamentally,   the  problem  isn’t   about  security.  It’s   about  people.”   @jschauma   -­‐  Bill  Clinton  (not  quite)   Thanks!  
Image  ALribuSons   •  Monty  Python,  Paul  Townsend  hLps://flic.kr/p/nVFKH5   •  Serverless,  PolarFlex  Rack  Blanking   hLp://polargy.com/air-­‐flow-­‐accessories/42u-­‐blanking-­‐ panels.php   •  Downward  spiral,  Davo  Sime   hLps://thenounproject.com/term/downward-­‐spiral/ 589704/  hLps://creaSvecommons.org/licenses/by/3.0/us/   •  Mouse,  MarSn  Driver,   hLp://wallpapersafari.com/w/UzqRxW   •  Silly  Walk  Street  Sign,  Kayla  Reed,   hLp://www.avclub.com/arScle/crosswalk-­‐norway-­‐makes-­‐ ciSzens-­‐do-­‐monty-­‐python-­‐si-­‐203164     @jschauma  

Recommended

Crazy Like A Fox - #Infosec Ideas That Just Might Work
Crazy Like A Fox - #Infosec Ideas That Just Might WorkCrazy Like A Fox - #Infosec Ideas That Just Might Work
Crazy Like A Fox - #Infosec Ideas That Just Might Work
Jan Schaumann
 
Know Your Enemy - An Introduction to Threat Modeling
Know Your Enemy - An Introduction to Threat ModelingKnow Your Enemy - An Introduction to Threat Modeling
Know Your Enemy - An Introduction to Threat Modeling
Jan Schaumann
 
OpSec101
OpSec101OpSec101
OpSec101
Jan Schaumann
 
Everything is Awful (And You're Not Helping)
Everything is Awful (And You're Not Helping)Everything is Awful (And You're Not Helping)
Everything is Awful (And You're Not Helping)
Jan Schaumann
 
Primum non nocere - Ethical Obligations in Internet Operations
Primum non nocere - Ethical Obligations in Internet OperationsPrimum non nocere - Ethical Obligations in Internet Operations
Primum non nocere - Ethical Obligations in Internet Operations
Jan Schaumann
 
Semper Ubi Sub Ubi - Things They Don't Teach You In School
Semper Ubi Sub Ubi - Things They Don't Teach You In SchoolSemper Ubi Sub Ubi - Things They Don't Teach You In School
Semper Ubi Sub Ubi - Things They Don't Teach You In School
Jan Schaumann
 
Defense at Scale
Defense at ScaleDefense at Scale
Defense at Scale
Jan Schaumann
 
Cloud Native Security: Rotate, Repair, Repave
Cloud Native Security: Rotate, Repair, RepaveCloud Native Security: Rotate, Repair, Repave
Cloud Native Security: Rotate, Repair, Repave
VMware Tanzu
 

Recommended

Crazy Like A Fox - #Infosec Ideas That Just Might Work
Crazy Like A Fox - #Infosec Ideas That Just Might WorkCrazy Like A Fox - #Infosec Ideas That Just Might Work
Crazy Like A Fox - #Infosec Ideas That Just Might Work
Jan Schaumann
 
Know Your Enemy - An Introduction to Threat Modeling
Know Your Enemy - An Introduction to Threat ModelingKnow Your Enemy - An Introduction to Threat Modeling
Know Your Enemy - An Introduction to Threat Modeling
Jan Schaumann
 
OpSec101
OpSec101OpSec101
OpSec101
Jan Schaumann
 
Everything is Awful (And You're Not Helping)
Everything is Awful (And You're Not Helping)Everything is Awful (And You're Not Helping)
Everything is Awful (And You're Not Helping)
Jan Schaumann
 
Primum non nocere - Ethical Obligations in Internet Operations
Primum non nocere - Ethical Obligations in Internet OperationsPrimum non nocere - Ethical Obligations in Internet Operations
Primum non nocere - Ethical Obligations in Internet Operations
Jan Schaumann
 
Semper Ubi Sub Ubi - Things They Don't Teach You In School
Semper Ubi Sub Ubi - Things They Don't Teach You In SchoolSemper Ubi Sub Ubi - Things They Don't Teach You In School
Semper Ubi Sub Ubi - Things They Don't Teach You In School
Jan Schaumann
 
Defense at Scale
Defense at ScaleDefense at Scale
Defense at Scale
Jan Schaumann
 
Cloud Native Security: Rotate, Repair, Repave
Cloud Native Security: Rotate, Repair, RepaveCloud Native Security: Rotate, Repair, Repave
Cloud Native Security: Rotate, Repair, Repave
VMware Tanzu
 
Menoovr
Menoovr Menoovr
Menoovr
menoovr
 
Where in the publishing world are libraries?
Where in the publishing world are libraries?Where in the publishing world are libraries?
Where in the publishing world are libraries?
Katie Dunneback
 
State of the Internet Operating System: Web2 expo10
State of the Internet Operating System: Web2 expo10State of the Internet Operating System: Web2 expo10
State of the Internet Operating System: Web2 expo10
Tim O'Reilly
 
Where 2.0 Perch Product Launch Presentation
Where 2.0 Perch Product Launch PresentationWhere 2.0 Perch Product Launch Presentation
Where 2.0 Perch Product Launch Presentation
perryevans
 
webfonts & @font-face :: in brief
webfonts & @font-face :: in briefwebfonts & @font-face :: in brief
webfonts & @font-face :: in brief
Paul Irish
 
Epub in the wild
Epub in the wildEpub in the wild
Epub in the wild
liz_castro
 
Strata Conference 2014 NYC with Twitter
Strata Conference 2014 NYC with TwitterStrata Conference 2014 NYC with Twitter
Strata Conference 2014 NYC with Twitter
Taewook Eom
 
Using WordPress for Digital Workflows and More
Using WordPress for Digital Workflows and MoreUsing WordPress for Digital Workflows and More
Using WordPress for Digital Workflows and More
Kirk Biglione
 
Better Bash - Unit and Integration Testing
Better Bash - Unit and Integration TestingBetter Bash - Unit and Integration Testing
Better Bash - Unit and Integration Testing
C.J. Jameson
 
jQuery Mobile: For Fun and Profit
jQuery Mobile: For Fun and ProfitjQuery Mobile: For Fun and Profit
jQuery Mobile: For Fun and Profit
Daniel Cousineau
 
(Short version) Building a Mobile, Social, Location-Based Game in 5 Weeks
(Short version) Building a Mobile, Social, Location-Based Game in 5 Weeks(Short version) Building a Mobile, Social, Location-Based Game in 5 Weeks
(Short version) Building a Mobile, Social, Location-Based Game in 5 Weeks
Jennie Lees
 
Kobo: What Do eBook Customers Really, Really Want? (Tools of Change 2011)
Kobo: What Do eBook Customers Really, Really Want? (Tools of Change 2011)Kobo: What Do eBook Customers Really, Really Want? (Tools of Change 2011)
Kobo: What Do eBook Customers Really, Really Want? (Tools of Change 2011)
MTamblyn
 
Mobilising the world's Natural History - Open Data + Citizen Science
Mobilising the world's Natural History - Open Data + Citizen ScienceMobilising the world's Natural History - Open Data + Citizen Science
Mobilising the world's Natural History - Open Data + Citizen Science
Margaret Gold
 
Social Gold: The Design of FarmVille and Other Social Games (Web2Expo 2010)
Social Gold: The Design of FarmVille and Other Social Games (Web2Expo 2010)Social Gold: The Design of FarmVille and Other Social Games (Web2Expo 2010)
Social Gold: The Design of FarmVille and Other Social Games (Web2Expo 2010)
Amitt Mahajan
 
Smaller, Flatter, Smarter
Smaller, Flatter, SmarterSmaller, Flatter, Smarter
Smaller, Flatter, Smarter
Web 2.0 Expo
 
Data Science and Smart Systems: Creating the Digital Brain
Data Science and Smart Systems: Creating the Digital Brain Data Science and Smart Systems: Creating the Digital Brain
Data Science and Smart Systems: Creating the Digital Brain
VMware Tanzu
 
Web 2.0 Expo Speech: Open Leadership
Web 2.0 Expo Speech: Open LeadershipWeb 2.0 Expo Speech: Open Leadership
Web 2.0 Expo Speech: Open Leadership
Charlene Li
 
Hadoop's Impact on the Future of Data Management | Amr Awadallah
Hadoop's Impact on the Future of Data Management | Amr AwadallahHadoop's Impact on the Future of Data Management | Amr Awadallah
Hadoop's Impact on the Future of Data Management | Amr Awadallah
Cloudera, Inc.
 
Tyranny of the SLA
Tyranny of the SLATyranny of the SLA
Tyranny of the SLA
J. Paul Reed
 
Locked Out in London (and tweeting about it) - version with my notes
Locked Out in London (and tweeting about it) - version with my notesLocked Out in London (and tweeting about it) - version with my notes
Locked Out in London (and tweeting about it) - version with my notes
Sylvain Carle
 
Securing Rails
Securing RailsSecuring Rails
Securing Rails
Alex Payne
 
Test & Tea : ITSEC testing, manual vs automated
Test & Tea : ITSEC testing, manual vs automatedTest & Tea : ITSEC testing, manual vs automated
Test & Tea : ITSEC testing, manual vs automated
Zoltan Balazs
 

More Related Content

Viewers also liked

Menoovr
Menoovr Menoovr
Menoovr
menoovr
 
Smaller, Flatter, Smarter
Smaller, Flatter, SmarterSmaller, Flatter, Smarter
Smaller, Flatter, Smarter
Web 2.0 Expo
 
Data Science and Smart Systems: Creating the Digital Brain
Data Science and Smart Systems: Creating the Digital Brain Data Science and Smart Systems: Creating the Digital Brain
Data Science and Smart Systems: Creating the Digital Brain
VMware Tanzu
 

Viewers also liked (20)

Menoovr
Menoovr Menoovr
Menoovr
 
Where in the publishing world are libraries?
Where in the publishing world are libraries?Where in the publishing world are libraries?
Where in the publishing world are libraries?
 
State of the Internet Operating System: Web2 expo10
State of the Internet Operating System: Web2 expo10State of the Internet Operating System: Web2 expo10
State of the Internet Operating System: Web2 expo10
 
Where 2.0 Perch Product Launch Presentation
Where 2.0 Perch Product Launch PresentationWhere 2.0 Perch Product Launch Presentation
Where 2.0 Perch Product Launch Presentation
 
webfonts & @font-face :: in brief
webfonts & @font-face :: in briefwebfonts & @font-face :: in brief
webfonts & @font-face :: in brief
 
Epub in the wild
Epub in the wildEpub in the wild
Epub in the wild
 
Strata Conference 2014 NYC with Twitter
Strata Conference 2014 NYC with TwitterStrata Conference 2014 NYC with Twitter
Strata Conference 2014 NYC with Twitter
 
Using WordPress for Digital Workflows and More
Using WordPress for Digital Workflows and MoreUsing WordPress for Digital Workflows and More
Using WordPress for Digital Workflows and More
 
Better Bash - Unit and Integration Testing
Better Bash - Unit and Integration TestingBetter Bash - Unit and Integration Testing
Better Bash - Unit and Integration Testing
 
jQuery Mobile: For Fun and Profit
jQuery Mobile: For Fun and ProfitjQuery Mobile: For Fun and Profit
jQuery Mobile: For Fun and Profit
 
(Short version) Building a Mobile, Social, Location-Based Game in 5 Weeks
(Short version) Building a Mobile, Social, Location-Based Game in 5 Weeks(Short version) Building a Mobile, Social, Location-Based Game in 5 Weeks
(Short version) Building a Mobile, Social, Location-Based Game in 5 Weeks
 
Kobo: What Do eBook Customers Really, Really Want? (Tools of Change 2011)
Kobo: What Do eBook Customers Really, Really Want? (Tools of Change 2011)Kobo: What Do eBook Customers Really, Really Want? (Tools of Change 2011)
Kobo: What Do eBook Customers Really, Really Want? (Tools of Change 2011)
 
Mobilising the world's Natural History - Open Data + Citizen Science
Mobilising the world's Natural History - Open Data + Citizen ScienceMobilising the world's Natural History - Open Data + Citizen Science
Mobilising the world's Natural History - Open Data + Citizen Science
 
Social Gold: The Design of FarmVille and Other Social Games (Web2Expo 2010)
Social Gold: The Design of FarmVille and Other Social Games (Web2Expo 2010)Social Gold: The Design of FarmVille and Other Social Games (Web2Expo 2010)
Social Gold: The Design of FarmVille and Other Social Games (Web2Expo 2010)
 
Smaller, Flatter, Smarter
Smaller, Flatter, SmarterSmaller, Flatter, Smarter
Smaller, Flatter, Smarter
 
Data Science and Smart Systems: Creating the Digital Brain
Data Science and Smart Systems: Creating the Digital Brain Data Science and Smart Systems: Creating the Digital Brain
Data Science and Smart Systems: Creating the Digital Brain
 
Web 2.0 Expo Speech: Open Leadership
Web 2.0 Expo Speech: Open LeadershipWeb 2.0 Expo Speech: Open Leadership
Web 2.0 Expo Speech: Open Leadership
 
Hadoop's Impact on the Future of Data Management | Amr Awadallah
Hadoop's Impact on the Future of Data Management | Amr AwadallahHadoop's Impact on the Future of Data Management | Amr Awadallah
Hadoop's Impact on the Future of Data Management | Amr Awadallah
 
Tyranny of the SLA
Tyranny of the SLATyranny of the SLA
Tyranny of the SLA
 
Locked Out in London (and tweeting about it) - version with my notes
Locked Out in London (and tweeting about it) - version with my notesLocked Out in London (and tweeting about it) - version with my notes
Locked Out in London (and tweeting about it) - version with my notes
 

Similar to It's the people, stupid.

Evaluating Web App, Mobile App, and API Security - Matt Cohen
Evaluating Web App, Mobile App, and API Security - Matt CohenEvaluating Web App, Mobile App, and API Security - Matt Cohen
Evaluating Web App, Mobile App, and API Security - Matt Cohen
Inman News
 
Continues Deployment - Tech Talk week
Continues Deployment - Tech Talk weekContinues Deployment - Tech Talk week
Continues Deployment - Tech Talk week
rantav
 
Teaching Elephants to Dance (Federal Audience): A Developer's Journey to Digi...
Teaching Elephants to Dance (Federal Audience): A Developer's Journey to Digi...Teaching Elephants to Dance (Federal Audience): A Developer's Journey to Digi...
Teaching Elephants to Dance (Federal Audience): A Developer's Journey to Digi...
Burr Sutter
 
The present and future of Serverless observability (Serverless Computing London)
The present and future of Serverless observability (Serverless Computing London)The present and future of Serverless observability (Serverless Computing London)
The present and future of Serverless observability (Serverless Computing London)
Yan Cui
 
2013 06-27-securecoding-en - jug pch
2013 06-27-securecoding-en - jug pch2013 06-27-securecoding-en - jug pch
2013 06-27-securecoding-en - jug pch
Sébastien GIORIA
 
[CB19] Spyware, Ransomware and Worms. How to prevent the next SAP tragedy by ...
[CB19] Spyware, Ransomware and Worms. How to prevent the next SAP tragedy by ...[CB19] Spyware, Ransomware and Worms. How to prevent the next SAP tragedy by ...
[CB19] Spyware, Ransomware and Worms. How to prevent the next SAP tragedy by ...
CODE BLUE
 

Similar to It's the people, stupid. (20)

Securing Rails
Securing RailsSecuring Rails
Securing Rails
 
Test & Tea : ITSEC testing, manual vs automated
Test & Tea : ITSEC testing, manual vs automatedTest & Tea : ITSEC testing, manual vs automated
Test & Tea : ITSEC testing, manual vs automated
 
Penetration testing as an internal audit activity
Penetration testing as an internal audit activityPenetration testing as an internal audit activity
Penetration testing as an internal audit activity
 
Evaluating Web App, Mobile App, and API Security - Matt Cohen
Evaluating Web App, Mobile App, and API Security - Matt CohenEvaluating Web App, Mobile App, and API Security - Matt Cohen
Evaluating Web App, Mobile App, and API Security - Matt Cohen
 
Moved to https://slidr.io/azzazzel/web-application-performance-tuning-beyond-xmx
Moved to https://slidr.io/azzazzel/web-application-performance-tuning-beyond-xmxMoved to https://slidr.io/azzazzel/web-application-performance-tuning-beyond-xmx
Moved to https://slidr.io/azzazzel/web-application-performance-tuning-beyond-xmx
 
Continues Deployment - Tech Talk week
Continues Deployment - Tech Talk weekContinues Deployment - Tech Talk week
Continues Deployment - Tech Talk week
 
Feedback Loops
Feedback LoopsFeedback Loops
Feedback Loops
 
Hadoop application architectures - Fraud detection tutorial
Hadoop application architectures - Fraud detection tutorialHadoop application architectures - Fraud detection tutorial
Hadoop application architectures - Fraud detection tutorial
 
PCI OWASP Course Storyboard
PCI OWASP Course StoryboardPCI OWASP Course Storyboard
PCI OWASP Course Storyboard
 
Teaching Elephants to Dance (Federal Audience): A Developer's Journey to Digi...
Teaching Elephants to Dance (Federal Audience): A Developer's Journey to Digi...Teaching Elephants to Dance (Federal Audience): A Developer's Journey to Digi...
Teaching Elephants to Dance (Federal Audience): A Developer's Journey to Digi...
 
It new2015
It new2015It new2015
It new2015
 
The present and future of Serverless observability (Serverless Computing London)
The present and future of Serverless observability (Serverless Computing London)The present and future of Serverless observability (Serverless Computing London)
The present and future of Serverless observability (Serverless Computing London)
 
Secure Coding for Java - An Introduction
Secure Coding for Java - An IntroductionSecure Coding for Java - An Introduction
Secure Coding for Java - An Introduction
 
Secure Coding for Java - An introduction
Secure Coding for Java - An introductionSecure Coding for Java - An introduction
Secure Coding for Java - An introduction
 
2013 06-27-securecoding-en - jug pch
2013 06-27-securecoding-en - jug pch2013 06-27-securecoding-en - jug pch
2013 06-27-securecoding-en - jug pch
 
QCon Sao Paulo Keynote - Microservices, an Unexpected Journey
QCon Sao Paulo Keynote - Microservices, an Unexpected JourneyQCon Sao Paulo Keynote - Microservices, an Unexpected Journey
QCon Sao Paulo Keynote - Microservices, an Unexpected Journey
 
New Era of Software with modern Application Security v1.0
New Era of Software with modern Application Security v1.0New Era of Software with modern Application Security v1.0
New Era of Software with modern Application Security v1.0
 
Identity and Access Management - RSA 2017 Security Foundations Seminar
Identity and Access Management - RSA 2017 Security Foundations SeminarIdentity and Access Management - RSA 2017 Security Foundations Seminar
Identity and Access Management - RSA 2017 Security Foundations Seminar
 
Progressing JavaScript and Apps the Web way…
Progressing JavaScript and Apps the Web way… Progressing JavaScript and Apps the Web way…
Progressing JavaScript and Apps the Web way…
 
[CB19] Spyware, Ransomware and Worms. How to prevent the next SAP tragedy by ...
[CB19] Spyware, Ransomware and Worms. How to prevent the next SAP tragedy by ...[CB19] Spyware, Ransomware and Worms. How to prevent the next SAP tragedy by ...
[CB19] Spyware, Ransomware and Worms. How to prevent the next SAP tragedy by ...
 

More from Jan Schaumann

More from Jan Schaumann (11)

The Razors Edge - Cutting your TLS Baggage
The Razors Edge - Cutting your TLS BaggageThe Razors Edge - Cutting your TLS Baggage
The Razors Edge - Cutting your TLS Baggage
 
Protecting Data in Untrusted Locations
Protecting Data in Untrusted LocationsProtecting Data in Untrusted Locations
Protecting Data in Untrusted Locations
 
Headless Host Scanning
Headless Host ScanningHeadless Host Scanning
Headless Host Scanning
 
Safely Drinking from the Data Waterhose
Safely Drinking from the Data WaterhoseSafely Drinking from the Data Waterhose
Safely Drinking from the Data Waterhose
 
PGP for Smarties
PGP for SmartiesPGP for Smarties
PGP for Smarties
 
Fancy pants
Fancy pantsFancy pants
Fancy pants
 
Ipv6 basics
Ipv6 basicsIpv6 basics
Ipv6 basics
 
L3DSR - Overcoming Layer 2 Limitations of Direct Server Return Load Balancing
L3DSR - Overcoming Layer 2 Limitations of Direct Server Return Load BalancingL3DSR - Overcoming Layer 2 Limitations of Direct Server Return Load Balancing
L3DSR - Overcoming Layer 2 Limitations of Direct Server Return Load Balancing
 
Building better tools
Building better toolsBuilding better tools
Building better tools
 
Useless use of *
Useless use of *Useless use of *
Useless use of *
 
DST @ Yahoo!
DST @ Yahoo!DST @ Yahoo!
DST @ Yahoo!
 

Recently uploaded

Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
vu2urc
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
Enterprise Knowledge
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
Earley Information Science
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
Enterprise Knowledge
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Igalia
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Igalia
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
Delhi Call girls
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 

Recently uploaded (20)

How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 

It's the people, stupid.