#security
YaTalks
28 min
DDoS-Π°ΡΠ°ΠΊΠ° MΔris ΠΈ ΠΊΠ°ΠΊ Π―Π½Π΄Π΅ΠΊΡ Π΅Ρ ΠΏΠ΅ΡΠ΅ΠΆΠΈΠ»
ΠΠΌΠΈΡΡΠΈΠΉ ΠΠΎΡΠΎΠ²
ΠΠ°ΠΆΠ΅ΡΡΡ, ΡΡΠΎ ΡΠΆΠ΅ Π²ΡΠ΅ ΡΠ»ΡΡΠ°Π»ΠΈ ΠΎ ΡΠ°ΠΌΠΎΠΉ ΠΌΠ°ΡΡΡΠ°Π±Π½ΠΎΠΉ DDoS-Π°ΡΠ°ΠΊΠ΅ Π² ΠΈΡΡΠΎΡΠΈΠΈ ΠΈΠ½ΡΠ΅ΡΠ½Π΅ΡΠ° β MΔris. ΠΡΠ΅Π½Ρ ΠΌΠ½ΠΎΠ³ΠΎΠ΅ Π² ΡΡΠΎΠΉ ΠΈΡΡΠΎΡΠΈΠΈ ΠΏΠΎΠΊΠ° Π΅ΡΡ ΠΏΡΠΎΡ ΠΎΠ΄ΠΈΡ Β«ΠΏΠΎΠ΄ Π³ΡΠΈΡΠΎΠΌ ΡΠ΅ΠΊΡΠ΅ΡΠ½ΠΎΒ». ΠΠΎ ΡΠ΅ΠΉΡΠ°Ρ ΠΌΡ Π³ΠΎΡΠΎΠ²Ρ ΠΏΠΎΠ΄Π΅Π»ΠΈΡΡΡΡ Π±ΠΎΠ»ΡΡΠΎΠΉ ΡΠ°Ρβ¦
TechTrain
67 min
ΠΠ²ΠΎΠ»ΡΡΠΈΡ ΡΠΏΠΎΡΠΎΠ±ΠΎΠ² ΡΠΎΡ ΡΠ°Π½Π΅Π½ΠΈΡ ΠΊΠΎΠ½ΡΠΈΠ΄Π΅Π½ΡΠΈΠ°Π»ΡΠ½ΠΎΠΉ ΠΈΠ½ΡΠΎΡΠΌΠ°ΡΠΈΠΈ Π² ΡΠ΅ΠΊΡΠ΅ΡΠ΅
ΠΠ»Π΅ΠΊΡΠ°Π½Π΄ΡΠ° ΠΠ°Π»ΠΈΠ½ΠΈΠ½Π°
ΠΠ°ΠΆΠ΄ΡΠΉ ΠΏΡΠΎΠ³ΡΠ°ΠΌΠΌΠΈΡΡ Π² ΡΠ²ΠΎΠ΅ΠΉ ΠΆΠΈΠ·Π½ΠΈ Π²ΡΡΡΠ΅ΡΠ°Π΅ΡΡΡ Ρ ΠΈΠ½ΡΠΎΡΠΌΠ°ΡΠΈΠ΅ΠΉ, ΠΊΠΎΡΠΎΡΡΡ Π½Π΅ΠΎΠ±Ρ ΠΎΠ΄ΠΈΠΌΠΎ Π΄Π΅ΡΠΆΠ°ΡΡ Π² ΡΠ΅ΠΊΡΠ΅ΡΠ΅: ΠΏΠ°ΡΠΎΠ»ΠΈ ΠΊ ΡΡΠ΅ΡΠΊΠ°ΠΌ, ΡΠ΅ΠΊΡΠ΅ΡΠ½ΡΠ΅ ΠΊΠ»ΡΡΠΈ Π΄ΠΎΡΡΡΠΏΠ°, CVV ΠΊΠΎΠ΄ ΠΎΡ ΠΊΠ°ΡΡΠΎΡΠΊΠΈ, Π² ΠΊΠΎΠ½ΡΠ΅ ΠΊΠΎΠ½ΡΠΎΠ². ΠΠ΄Π½Π°ΠΊΠΎ Π½Π΅ ΠΊΠ°ΠΆΠ΄ΡΠΉ ΡΡΠ°Π·β¦
MinskJS
20 min
ΠΠ΅Π·ΠΎΠΏΠ°ΡΠ½ΡΠΉ input. Π‘Π±ΠΎΡ Π΄Π°Π½Π½ΡΡ ΠΏΠ»Π°ΡΡΠΈΠΊΠΎΠ²ΠΎΠΉ ΠΊΠ°ΡΡΡ Π² iframe
ΠΠ΄ΡΠ°ΡΠ΄ Π’ΠΈΡΠΎΠ²
Β«ΠΠΎΠΊΠ»Π°Π΄ ΠΎΠ± ΠΎΡΡΠΈΡΠΎΠ²ΠΊΠ΅ ΡΠΎΡΠΌΡ Π² iframeΒ», β ΡΠΊΠ°ΠΆΠ΅ΡΠ΅ Π²Ρ. Π Π΄Π°, ΠΈ Π½Π΅Ρ. ΠΡΠ΄Π΅Ρ Π½Π΅ ΡΠΎΠ»ΡΠΊΠΎ ΡΠΎΡΠΌΠ°, Π΄Π° ΠΈ iframe Π±ΡΠ΄Π΅Ρ Π½Π΅ ΠΎΠ΄ΠΈΠ½, ΠΏΠΎΡΠΊΠΎΠ»ΡΠΊΡ ΠΎΡΡΠΈΡΠΎΠ²Π°ΡΡ ΡΠΎΡΠΌΡ β ΡΡΠΎ Π΄Π°Π»Π΅ΠΊΠΎ Π½Π΅ Π²ΡΡ. ΠΡ ΡΠ·Π½Π°Π΅ΡΠ΅, ΡΡΠΎ Π½ΡΠΆΠ½ΠΎ ΡΠ΄Π΅Π»Π°ΡΡ Π΄Π»Ρ Π±Π΅β¦
AWS re:Invent
59 min
Security best practices for the Amazon EC2 instance metadata service
Mark Ryland
The Amazon EC2 instance metadata service (IMDS) provides a rich set of relevant data to software on that instance. The IMDS ability to perform introspection about the runtime environment, as well as β¦
AWS re:Invent
50 min
Provable access control: Know who can access your AWS resources
Neha Rungta, Eric Brandwin
The AWS Automated Reasoning Group focuses on strengthening the security foundations of AWS and provides customers with tools to verify their own security posture. In this session, we discuss the evolβ¦
NDC DevOps
58 min
Top Secret Cloud Native Security Lessons
Ben Hall
Cloud native technologies such as Kubernetes, Docker, Istio and more are becoming the foundations of software development and infrastructure deployments. With these new technologies, a new set of lesβ¦
JSConf Budapest
23 min
StrangerDanger: Finding Security Vulnerabilities Before They Find You!
Liran Tal
Open source modules on the NPM ecosystem are undoubtedly awesome. However, they also represent an undeniable and massive risk. Youβre introducing someone elseβs code into your system, often with littβ¦
DotNext
49 min
Deserialization vulns: past, present, and future
ΠΠΈΡ Π°ΠΈΠ» Π©Π΅ΡΠ±Π°ΠΊΠΎΠ²
ΠΠΊΡΠΏΠ΅ΡΡ ΠΈΠ· ΠΌΠΈΡΠ° security Π²Π½ΠΎΠ²Ρ ΡΠ°ΡΡΠΊΠ°ΠΆΠ΅Ρ, ΠΊΠ°ΠΊ ΡΠ°ΠΌ ΠΎΠΏΠ°ΡΠ½ΠΎ ΠΈ ΡΡΠΎ Ρ ΡΡΠΈΠΌ Π΄Π΅Π»Π°ΡΡ. Π£ΡΠ·Π²ΠΈΠΌΠΎΡΡΠΈ Π² ΠΏΡΠΎΡΠ΅ΡΡΠ΅ Π΄Π΅ΡΠ΅ΡΠΈΠ°Π»ΠΈΠ·Π°ΡΠΈΠΈ Π½Π΅Π΄ΠΎΠ²Π΅ΡΠ΅Π½Π½ΡΡ Π΄Π°Π½Π½ΡΡ ΠΈΠ·Π²Π΅ΡΡΠ½Ρ Π±ΠΎΠ»Π΅Π΅ 10 Π»Π΅Ρ, Π²ΠΊΠ»ΡΡΠ΅Π½Ρ Π² OWASP Top 10 ΠΈ Π·Π° ΠΏΠΎΡΠ»Π΅Π΄Π½ΠΈΠ΅ Π½β¦