sake securitydevsec-18042016

DEVELOPERS AS SECURITY TESTERS #SAKE18 #DEVSEC #SOLITATECH [email protected] Sanoma Knowledge Technology Exchange 18.4. 2016

Upload: solita-oy

Post on 10-Feb-2017

190 views

Category:

Technology

0 download

Report

Download

Embed Size (px):

TRANSCRIPT

DEVELOPERSASSECURITYTESTERS#SAKE18#DEVSEC#SOLITATECH

[email protected] Knowledge Technology Exchange 18.4. 2016

TODAY

› Me? • A software architect at Solita. • Security/hacking amateur.

› Today.. • Security testing during software development• Can developers do it?• Demo: How to do it in practice

Source: Hackerman, Kung Fury movie

Source: NSA recruitment video.

Source: securityintelligence.com

Source: Lizard Squad hacking group logo

LET’S FOCUS ON SOFTWARE

› Solita is mostly involved in the inner layer of the onion, implementing software solutions.

› Mostly browser based solutions.

› .. so that’s what we’ll discuss today.

Threat analysis Implementationand design

Automated tests Manual tests Operational security

SOLITA #DEVSEC LANDSCAPE

DEVELOPERS VS. EXPERTS

› Pros:• Enables continuous security testing.

• Developers will automate.• Minimal hand-over costs.

• Will find important non-security related bugs.

› Cons:• Not security specialists. Will miss some things.• May need investment (training, some tools)

LET’S DEMO! MANUAL TESTING BY DEVELOPERS› Let’s look at BURP Proxy as an example..

› Demo!

• The application is a customized “Surveypal”. Questions, answers, reports.• The demo setup is the usual development setup, only the proxy is special.

DEVELOPER -> HACKER

› Traits• Curiosity and creativity. What will happen, if.. ? • Perseverance

› Skills• Technical knowledge, deep/wide• Common vulnerabilities• Security testing

› Some developers are hobbyist hackers. (Apply at [email protected])

Art for Art's sake, or for Mankind's sake (Mohammed Ali)

INTRODUCTION to SAKEINTRODUCTION to SAKE What is sake? Sweet or dry? What does sake taste like and go well with? Hot or cold, how to serve sake? Sake is an alcoholic beverage made

SAKE ENTRY KIT - International Wine Challenge · SAKE ENTRY KIT For sake producers ... Kenichi Ohashi is a leading Japanese wine and sake distributor in Tokyo ... graduated on the

An introduction to sake · Introduction Welcome to the WSET Level 1 Award in Sake, a one-day sake course designed for those studying sake for the ﬁrst time. Sake is intimately linked

Whine, Sake & Cocktails

Sake and soju

SinceritySincerity for the Sake of Godfor the Sake of ...messageofthaqalayn.com/56 - sincerity 25-46.pdfSinceritySincerity for the Sake of Godfor the Sake of Godfor the Sake of God

11th Toyama Sake and Kamaboko Fair · 2018. 10. 18. · Kamaboko Fair Brewed with heart and skill, sake Sake from Toyama’s mountains and sea. Toyama sake, brewed with underground

Sake Collection - Mutual Distributing · 2018. 5. 18. · Sake Cocktails 47 Sake by Prefecture 48 Sakes by Classification & Style 51 Daiginjo Sake 51 Ginjo Sake 52 Tokubetsu Sake

A Comprehensive Guide to Japanese Sake - 独立行政 … Introduction 2 | A Comprehensive Guide to Japanese Sake 1.1 Characteristics of sake Sake is an alcoholic beverage brewed primarily

BENTO MENU A (15 St.) › To-Go-Mikomi.pdf · BENTO MENU A (15 St.) 2 x Sake Nigiri 6 x Sake Maki 2 x Sake Wasabi Maki 2 x Sake Avocado Maki 3 x Sake Sashimi Restaurant & „to go“

For Art's Sake

SAKE 101 - Bronco Wine Company · SAKE 101 A little hint to appreciate SAKE . What is SAKE? SAKE in General With a history of over 1,000 years, SAKE is very much a part of Japanese

SAKE-WORLD PRESENTS Sake Brewery Tour in Niigata › sake › english › pdf › Niigata_2014_A4.pdf · 2019-03-05 · Sake Brewery Tour in Niigata featuring a lecture by John Gauntner

Sake, cider & perry

Premium Sake from Japan Premium Sake from Japan

For paws sake

Drinks - Microsoft€¦ · Sake/Soju (25ml) Jinro 24 Soju 3.20 Akashi Shiraume Ginjo Umeshi Sake 3.50 Akashi - Tai Honjozo Sake 3.20 Akashi - Tai Daiginjo Sake 3.90 Vodka (25ml) Koskenkorva

Nombes Sake Menu

Equipment Start Up 18042016

SAKE - menu.restaurantshogun.com

Listin Diario 18042016

JAPANESE SAKE FAIRjapansake.or.jp/sake/fair/pdf/2016_fair_en.pdfperfectly well with sake, including pickles, tsukudanis (preserved food boiled in soy sauce). Sake seminars Seminars

Sake - GitHub Pagestonyfischetti.github.io/sake/sake-doc.pdf · This is the latest snapshot of the master branch of sake from its git repository, where it is developed. This is the

for goodness sake

COCKïAlLS Samurai Rock Sake, lime 230 cal 7.00 50/50 Sake ...€¦ · 7.00 50/50 Sake, Plum Wine 7.00 Mimosa Sparkling Wine, Orange 4.50 Nigori Lemon Nigori Unfiltered Sake, lemon,

Japanese Sake Nihonshu

ミュンヘンサケ...ミュンヘンサケ 750ml €10.99 SAKE 750ml €9.99 Yuzu Sake PB ÎLE FOUR l 300ml €14.99 15.99 BAMBOO GARDEN SAKE HIT sake watching in München 2014

catalogo SAKE 2019 - Uniontrade · 2019. 5. 6. · catalogo SAKE 2019. Tipo di sake Zona di produzione Tipo di riso Sake Meter Value o SMV (Nihonshu-do) ... Misura la percentuale

SAKE 101 - Bronco Wine Companyclassicwinesofcalifornia.com/.../Mizbasho_PPT_Sake-101.pdfSAKE 101 A little hint to appreciate SAKE What is SAKE? SAKE in General With a history of over

HOUSE SAKE NIGORI SAKE SPARKLING SIGNATURE …

For Pete's Sake

Silicone Fluid Sake

for exchange sake

outside 2020 Bev 3 - Kokeshi · Hakutsuru, Sake 720ml $9/$35 Moonstone, Asian Pear Sake 750ml $10/$39 Ikezo, Peach Sparkling Sake 180ml - /$11 Ozeki, Junmai One Cup Sake 180ml -