51: Infosec Research and App Security with Aaron Hnatiw

1:09:59
 
Share
 
Manage episode 183128929 series 1024148
By Discovered by Player FM and our community — copyright is owned by the publisher, not Player FM, and audio streamed directly from their servers.

Aaron Hnatiw joined the show to talk about being a security researcher, teaching application security with Go, and a deep dive on how engineers and developers can get started with infosec. Plus: white hat, black hat, red team, blue team...Aaron sorts it all out for us.

Sponsors

  • LinodeOur cloud server of choice. Get one of the fastest, most efficient SSD cloud servers for only $5/mo. Use the code changelog2017 to get 4 months free!
  • FastlyOur bandwidth partner. Fastly powers fast, secure, and scalable digital experiences. Move beyond your content delivery network to their powerful edge cloud platform.

Featuring

Notes and Links

Aaron blessed us with a veritable slew of links to help Go developers level up their security game:

Go Meta Linter

Go AST Scanner

SafeSQL

Race-The-Web (Also check out the accompanying practice site)

Go-fuzz (Check out their trophies section)

Gryffin

Webseclab

Gobuster

Input-field-finder

OWASP Top 10: (Counterpoint - Vulnerabilities beyond the OWASP Top 10)

SSRF as a Service: Mitigating a Design-Level Software Security Vulnerability


Interesting Go Projects and News

Fencing off Go Applied - A Practical Look at a Go Research Paper

Go 1.9 Release Notes

GoRef (v. similar to trace)


Free Software Friday!

Each week on the show we give a shout out to an open source project or community (or maintainer) that's made an impact in our day to day developer lives.

Erik - K8GUARD (The guardian angel for Kubernetes)

Carlisia - Goman

Brian - WSLtty

Aaron - Visual Studio Code (with the Go plugin, of course)

62 episodes available. A new episode about every 9 days averaging 65 mins duration .