#securesoftwaredevelopment — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #securesoftwaredevelopment, aggregated by home.social.
-
A last-minute executive order puts more force behind #CISA #softwaresupplychain and #cybersecurity requirements for federal suppliers.
"This is their saving throw, to use a Dungeons & Dragons term -- if you get a critical hit from the dragon, you can still roll a D20 [dice] to survive. This is their chance to roll a saving throw and do what we needed at the time we first said we needed it." ~ Joshua Corman
#securesoftwaredevelopment #cybersecurity #executiveorder #softwaresecurity #SSDF #CISA #NIST #compliance #governance
-
With web design skills like this, who wouldn't want to hire me :ablobcool: In all seriousness though, this was a simple little HTML-only page (I added CSS for flair :black_sparkles:) that I created for my Security for Software Developers course lab with the purpose of successfully attacking a locally hosted instance of a fake bank using Cross-Site Request Forgery, and "withdrawing" some amount from that users account if they happen to click my button while still logged into the fake bank on another tab. The other attack I made was using a page with a form that I made hidden, that would pass the parameters to the bank withdrawal page and submit the form automatically using a couple lines of JavaScript. #InfoSec #CSRF #WebDevelopment #SecureSoftwareDevelopment #NetBeans #InformationSecurity #SecDevOps