Every Thursday at 7pm EDT / 11 pm UTC.
All presentations will be streamed to Twitch and YouTube.
April 8th:
Exploiting Misconfigured JIRA Instances for $$ with Harsh Bothra
Jira is one of the widely used platform and often the custom implementation of JIRA service may be misconfigured, outdate or having a vulnerable version installed. In this talk, we will look at some of the How to identify a custom JIRA instance, Interesting CVEs of various vulnerable JIRA Versions, Mind Map around it and how to automate current and future misconfigurations.
April 15th:
Keep Your Code Safe During the Development Path Using Open Source Tools by Filipi Pires.
Practical demonstration of how a Developer can use a SAST tool for static analysis in code vulnerability, executing it in source code, byte code and/or binary and identifying security holes during the development process, analyzing many languages and codes.
The ecosystem will have the opportunity to know about an open source tool that orchestrates other security tools and identifies security flaws or vulnerabilities in projects and put all results in a database for analysis and generation of metrics, working this analysis with select the languages and/or tools to be used on the project based on the available stack.
These languages and tools are: Python, Ruby, Javascript/Typescript, GoLang, C#, Java, Kotlin, Kubernetes, Terraform, some Leaks, Leaks(optional search in git history), PHP, C, HTML, JSON, Shell Script and Elixir, it being done in source code, byte code or binary, finding “Leaks" checks the source code for possible leaks of credentials, private keys or hard coded passwords and analyze the project’s dependencies to check for vulnerabilities in third-party libraries. in third-party libraries.
CedoXx and Omar (Ωr) Santos will provide an update on the upcoming events like RSA Conference 2021, Mayhem, DEF CON, Texas Cyber Summit, and GrayHat.
Created with Mobirise website themes