Infosec research and app security (Go Time #51)
- Author
- Changelog Media
- Published
- Wed 19 Jul 2017
- Episode Link
- https://changelog.com/gotime/51
Aaron Hnatiw joined the show to talk about being a security researcher, teaching application security with Go, and a deep dive on how engineers and developers can get started with infosec. Plus: white hat, black hat, red team, blue team…Aaron sorts it all out for us.
Changelog++ members support our work, get closer to the metal, and make the ads disappear. Join today!
Sponsors:
- Linode – Our cloud server of choice. Get one of the fastest, most efficient SSD cloud servers for only $5/mo. Use the code
changelog2017to get 4 months free! - Fastly – Our bandwidth partner. Fastly powers fast, secure, and scalable digital experiences. Move beyond your content delivery network to their powerful edge cloud platform.
Featuring:
- Aaron Hnatiw – GitHub, X
- Erik St. Martin – GitHub, X
- Carlisia Campos – GitHub, LinkedIn, Bluesky, X
- Brian Ketelsen – GitHub, X
Show Notes:
Aaron blessed us with a veritable slew of links to help Go developers level up their security game:
Race-The-Web (Also check out the accompanying practice site)
Go-fuzz (Check out their trophies section)
OWASP Top 10: (Counterpoint - Vulnerabilities beyond the OWASP Top 10)
SSRF as a Service: Mitigating a Design-Level Software Security Vulnerability
Interesting Go Projects and News
Fencing off Go Applied - A Practical Look at a Go Research Paper
Free Software Friday!
Each week on the show we give a shout out to an open source project or community (or maintainer) that’s made an impact in our day to day developer lives.
Erik - K8GUARD (The guardian angel for Kubernetes)
Carlisia - Goman
Brian - WSLtty
Aaron - Visual Studio Code (with the Go plugin, of course)
Something missing or broken? PRs welcome!
