Missed one of my past conference talks? Let’s fix that.
I’m sharing my favorites—packed with real-world advice, lessons, and a few laughs.
“Secret Hunting” - Finding secrets code! #notgood https://twp.ai/4io9Jt
Missed one of my past conference talks? Let’s fix that.
I’m sharing my favorites—packed with real-world advice, lessons, and a few laughs.
“DevSecOps Worst Practices” https://twp.ai/4ioAXg
@cR0w @mttaggart @ckure @librewolf Crap. I missed that. Hmm. Are there alternatives with more reliable financial and #AppSec support?
@cR0w @mttaggart @ckure Sounds like a good reason for a bunch of security nerds to donate financially and contribute security code review to @librewolf. The importance of unenshittified or disenshittified web browsers only grows over time.
Happy Friday! The weekend is getting closer and you don't know what to do yet? Or have lots of plans already? How about registering for the Open Security Conference?
Why? This is the place for everyone interested in cybersecurity to come together and learn from each other, from wherever we are right now, with whatever we need right now. The #osco is an open space focused on people, co-created by people.
October 2 - 5 in Rückersbach, close to Frankfurt am Main in Germany. See you there!
https://opensecurityconference.org/
#osco #osco25 #CyberSecurity #Security #InfoSec #AppSec #ProductSecurity #OTsecurity #OpenSpace [lisi]
Missed one of my past conference talks? Let’s fix that.
I’m sharing my favorites—packed with real-world advice, lessons, and a few laughs.
“Adding SAST to CI/CD, Without Losing Any Friends” https://twp.ai/4ioCg2
If you’re working in #AppSec or #DevSecOps and want to streamline your operations, let’s talk — I’d love to introduce you!
4/4
Are you interested in a different kind of security conference?
Then take a look at the Open Security Conference (@OSCo). #osco25 takes place from October 2 to 5 in Rückersbach (Germany near Frankfurt) and registration is still open at https://opensecurityconference.org/.
(this is an English version of the original German thread https://infosec.exchange/@realn2s/114936419689473030)
Why?
The Open Security Conference aims to be diverse and inclusive. This also includes different levels of knowledge and experience.
It is therefore not only for security experts or for people who have (already) worked in the security sector for a long time,
but also for people who are interested in security or want to get into the field.
The #OpenSpace format not only enables expert presentations,
but also non-expert topics or questions as session topics. Sessions are not resticted to presentations, they can be interactive, collaborative, workshops or basically anything else.
Since topics do not have to be submitted months in advance,
but the agenda is created jointly by the participants, hot topics can also be covered.
The conference is non-commercial, i.e. the total costs are shared between the participants (including the organizers).
The costs include accommodation and meals in the conference hotel.
And yes, there are also sponsors who cover part of the costs.
But not everything is different.
There are great keynotes e.g. by @bkastl ("History repeating itself") and Mireia Cano ("Building an AppSec Program from Scratch").
If anyone is up for doing a #security review of Breakmancer's protocol (#cryptography, networking, handshake logic) I'd be *very* appreciative!
These are the most recent protocol docs: https://docs.rs/breakmancer/0.9.0/breakmancer/protocol/index.html
It's nothing super complicated, just an exchange of X-Wing keys and a KDF, with out-of-band key verification—but *anything* can be gotten wrong. :-)
Missed one of my past conference talks? Let’s fix that.
I’m sharing my favorites—packed with real-world advice, lessons, and a few laughs.
"Maturing Your Application Security Program" https://twp.ai/4iny6p