Security and Modern Software Deployment - AppSec EU 2015
Offered By: OWASP Foundation via YouTube
Course Description
Overview
Watch a conference talk from AppSecEU 2015 in Amsterdam where Rory Mccune discusses security challenges in modern software deployment. Explore topics like trust issues with dependencies, repository providers, and cloud services. Learn about potential attack vectors, including pushing malicious code versions and exploiting weak access controls. Examine strategies for improving repository security, such as digital signing and better curation. Gain insights into the risks of open-source libraries and the importance of auditing code. Discover practical tips for securing software deployment processes and mitigating vulnerabilities in the modern development ecosystem.
Syllabus
Intro
Stack Exchange
Software Deployment
Trust
Dependencies
Repository Provider
Cloud Provider
Its All Software
Colonel Bashing
Other options
Attackers viewpoint
Rule 34 of security
Short Con
Get The Code
Root Shell
Choosing A Target
Push A New Version
Access Control
Lack of curation
Lack of digital signing
Linux repositories
Darker files
Profit Chels
Metasploit
Audit The Code
Metasploit Packages
Trusted Repository
Better Repository Security
Update Framework
Long Con
Open Source Libraries
Start Your Own Package Repository
If I Was A Bad Guy
Fixing This
Problem
Module Count
Python
Conclusion
Questions
Taught by
OWASP Foundation
Related Courses
Cybersecurity and Its Ten DomainsUniversity System of Georgia via Coursera Bases de données relationnelles : Comprendre pour maîtriser
Inria (French Institute for Research in Computer Science and Automation) via France Université Numerique Desarrollo de Aplicaciones Web: Seguridad
University of New Mexico via Coursera Web Application Development: Security
University of New Mexico via Coursera Computing, Storage and Security with Google Cloud Platform
Google via Coursera