Working on my first @firstname.lastname@example.org Top 10 email for Laravel Security in Depth, covering 'A01:2021 - Broken Access Control' and how it relates to @email@example.com. It's a topic I'm always talking about in my talks and security audits, so I've got a lot to say!
Importantly the two pieces of personally identifiable information (financial info and password) that can be changed were not accessed. 🤨
Pity the ones you can't easily change were accessed... 🤦
This felt like it was straight out of JA Bayona's 'A Monster Calls'.
I love when TV and movies use animation to tell a story or fairytale, and the imagery here is gorgeous.
It's settled @GregSkerman@twitter.com, the Balrog has wings! 🥰
It's coming. You asked for it.
It's that time! @firstname.lastname@example.org and I are back with a 2 hour discussion on #TheRingsOfPower Ep 4
Listen to Anna fail to beat the Adar simp allegations, as I lament Celebrimbor's sidelining, and lots more fun inbetween!
Episode 24 - Breakdown of Episode 4 http://sites.libsyn.com/428064/episode-24-breakdown-of-episode-4-with-anna
This is a must have for any dev team! Whether you're a manager or not, security principles are a skill we all need!
Check it out!
Comfycon challenges @AISA_National@twitter.com. If we can assemble a quality, 100% female or non binary conference, for the weekend after the 18th November, that's the weekend after PerthSec, you make a donation to @email@example.com to the Project Friedman initiative for female first time speakers.
Request: Stop replacing podcasts with "Spotify Audio" or YouTube videos.
I want to use my own podcast app to listen, not a walled garden or a media site that forgets what I was listening to and where I was up to!
Request: shorter podcasts.
📢 Hey, Tech Leads & Engineering Managers (and anyone else who manages devs)!
We're starting on the OWASP Top 10 next week in Laravel Security in Depth, sign up your team and I'll train them on essential @firstname.lastname@example.org security skills.🔥
Team signup @ https://larasec.substack.com/subscribe?group=true
I feel like it doesn’t NEED to be said, but with The Two Towers having its’ 20th this year, we are STILL in the middle of celebrating #LOTR20.
The Lord of the Rings is truly timeless and inspired filmmaking.
You are summoned to the #WotWatchParty #Discord server - present yourselves! Choose spoiler & non-spoiler channels, share future episode ideas, interact with our panel, & maybe even get selected to be a guest on the show!
Starting next week: Laravel Security and the OWASP Top 10.🔥
Join me as we dive into the @email@example.com Top 10, covering a different risk each week and how they relate to @firstname.lastname@example.org security. This series is not to be missed!
Surely you can detect malicious use too... It would follow a specific pattern and you could build some risk scores and throw up warnings.
In Depth #11: Insecure Direct Object Reference (IDOR)
In the eleventh In Depth we explored IDOR vulnerabilities through a series of fun interactive challenges, and learned about protecting routes and hiding information! 😈
Audits the security of Laravel apps 🕵️
Hacks stuff on stage for fun 😈
Teaches Laravel Security at http://larasec.substack.com 🎇
Huge Tolkien fan 📖
A Mastodon instance for info/cyber security-minded people.