Все видео Новые видео Популярные видео Категории видео

Авто	Видео-блоги	ДТП, аварии	Для маленьких	Еда, напитки
Животные	Закон и право	Знаменитости	Игры	Искусство
Комедии	Красота, мода	Кулинария, рецепты	Люди	Мото
Музыка	Мультфильмы	Наука, технологии	Новости	Образование
Политика	Праздники	Приколы	Природа	Происшествия
Путешествия	Развлечения	Ржач	Семья	Сериалы
Спорт	Стиль жизни	ТВ передачи	Танцы	Технологии
Товары	Ужасы	Фильмы	Шоу-бизнес	Юмор

Account Security beyond 2FA with Neil Matatall

▬▬▬▬▬▬ EPISODE SPONSOR🔥 ▬▬▬▬▬▬
From Cloud security to DevSecOps. From Kubernetes to Threat Modeling. It's all your AppSec learning in one place. START A FREE TRIAL. AppSec Engineer Training Platform: https://bit.ly/ae_devslop
▬▬▬▬▬▬ 📝 ABSTRACT & BIO ▬▬▬▬▬▬
Account security shouldn’t stop at multi-factor authentication. A significant majority of people simply will not use it. Password hygiene is a task even security people struggle with. Credential stuffing attacks are a big problem for everyone. So why stop at MFA?

This talk will describe simple, repeatable things you apply almost anywhere to put an end to automated mass account takeovers at scale.

NEIL MATATALL
Neil Matatall is a developer that has spent most of his career in application security. He has experienced a wide variety of company cultures, tech stacks, and company sizes. He has participated, led, and managed engineering teams. His passion for coding helped him add an engineering aspect to security work. This includes being an early adopter of security automation, authoring library and framework code, enhancing authentication stacks, and more at GitHub and Twitter. Neil will soon work on the Authentication Authorization and Access Control team at ActBlue.
▬▬▬▬▬▬ 🔗 LINKS ▬▬▬▬▬▬
SLIDES: https://bit.ly/35dcTm0

➼https://github.blog/2018-07-31-new-improvements-and-best-practices-for-account-security-and-recoverability
➼https://www.theregister.com/2021/08/12/git_proxyshell_gigabyte/
➼Two factor enrollment data: https://docs.google.com/spreadsheets/d/1mN2TsBVNx2g2KX0yMDlRpLFHgeA9U-YWa9aWyaBdzxU/edit#gid=33824216
➼https://github.blog/changelog/2018-11-27-unrecognized-location-sign-in-notifications/
➼https://github.blog/changelog/2019-07-01-verified-devices/
➼https://developer.github.com/changes/2020-02-14-deprecating-password-auth/
➼https://github.blog/changelog/2020-12-04-oauth-2-0-device-authorization-flow-now-ga/
➼https://github.blog/2020-07-30-token-authentication-requirements-for-api-and-git-operations/
▬▬▬▬▬▬ 🎥 Producer ▬▬▬▬▬▬
Nancy Gariché ► https://www.linkedin.com/in/nancygariche
▬▬▬▬▬▬ 🎙️Hosts ▬▬▬▬▬▬
Nikki Becher ► https://twitter.com/thedeadrobots
Shinesa Cambric ► https://www.linkedin.com/in/shinesa-cambric-cissp-ccsp-cisa%C2%AE-0480685/
Sri Ponnada ► https://twitter.com/sriponnada
▬▬▬▬▬▬ 👋 Connect with Us ▬▬▬▬▬▬
TWITCH ► https://www.twitch.tv/owasp_devslop
INSTAGRAM ► https://www.instagram.com/owaspdevslop/
TWITTER ► https://twitter.com/owasp_devslop
DISCORD ► https://discord.gg/2KzCRcUyek
LINKEDIN ►https://www.linkedin.com/company/owasp-devslop/

Видео Account Security beyond 2FA with Neil Matatall канала OWASP DevSlop

Показать

Комментарии отсутствуют