Apr 29, 2020
Layer8conference is virtual (https://layer8conference.com/layer-8-is-online-this-year/)
https://csrc.nist.gov/publications/detail/sp/800-171/rev-1/final
CMMC:https://info.summit7systems.com/blog/cmmc
Apr 21, 2020
Github actions - https://github.com/features/actions
How are these written?
It looks like a marketplace format? How do they maintain code quality?
What does it take setup the actions?
It looks like IFTTT for DevOps?
What kind of integrations does it allow for? Will it handle logins or API calls for you?
Is it moderated...
Apr 21, 2020
Brakesec contributor @Pwnysec on Twitter has created a new video
highlighting the importance of testing for XSS in your environment,
also:
Discusses the different types of XSS you can find (stored,
reflected, and DOM)
Tools you can employ to find and detect XSS
Method and ways to prevent it from happening
If you're...
Apr 14, 2020
Tanya's AppSec Course
https://www.shehackspurple.dev/server-side-request-forgery-ssrf-defenses
https://www.shehackspurple.dev
Server-side request forgery - https://portswigger.net/web-security/ssrf
What are differences between Stored XSS and SSRF?
This requires a MITM type of issue?
Doesn’t stored XSS get stored...
Apr 7, 2020
April Mardock - CISO - Seattle Public Schools
Jared Folkins - IT Engineer - Bend La Pine Schools
Nathan McNulty - Information Security Architect - Beaverton School District
OpSecEdu - https://www.opsecedu.com/
Slack
https://www.a4l.org/default.aspx
BEC -