Another fantastic keynote at #OWASP global appsec conference this morning by @SheHacksPurple 
I, and half the conference attendees, want to be Tanya when we grow up.
I, and half the conference attendees, want to be Tanya when we grow up.
Ellie
- 346 Followers
- 259 Following
- 12 Posts
"Stack Overflow driven development" 😂
Today is a good day to add canary tokens to your infrastructure!
Did you know you can get free #CanaryTokens from @ThinkstCanary to alert on suspicious activity?
On https://canarytokens.org/generate, you can generate a whole range of “canaries”, or assets that look like one thing but will actually email you as soon as someone or something interacts with them.
A canary can be a pdf file called “password.pdf”, left on server, a computer or attached to an email.
A canary can be AWS keys, left in a config file or committed in a private git repo.
A canary can listen for SQL commands or command being run.
A canary can be an email address, included in customer or employee lists.
They are traps you place, so you know something’s been compromised and your team can start investigating immediately *.
Check out the documentation for more examples and use cases: https://docs.canarytokens.org/guide/
Set up your free #HoneyPots this month! #NewYearResolutions
* These are free so there are some limitations, but still super neat to have.
Nice to spot some good news on a Monday morning.
"US Farmers win right to repair John Deere equipment"
Important PSA from @pluralistic:
"New Yorkers! The state legislature has passed landmark Right To Repair legislation, but Governor Hochul hasn't signed it and it might die. This would be a travesty. If you're in New York, visit https://eff.org/rtr to help tell the Governor that we can't afford to wait (and tell your friends in New York, too!)."
The European Commission is looking for feedback on its proposed Cyber Resilience Act. It aims to introduce cybersecurity rules for manufacturers and vendors of digital products and ancillary services.
You can read the current regulation proposal (87 pages long), along with other comments that have already been submitted throughout the different stages of the process. All the comments will be summaries and presented to the European Parliament to feed the legislative debate.
This is a chance for the cyber security community and subject matter experts to help shape regulations. Anyone can get involved. In the previous round of feedback, a majority (~30%) were from EU citizens, about ~23% were from private businesses and ~2% from non-EU citizens. The rest came from business associations, NGO, academia and other industry or public groups.
The deadline for submitting feedback is 23 January 2023. Read more and participate here: https://ec.europa.eu/info/law/better-regulation/have-your-say/initiatives/13410-Cyber-resilience-act-new-cybersecurity-rules-for-digital-products-and-ancillary-services_en
#EUPolicy #CyberResilienceAct #InfoSec #CallForFeedback #GetInvolved #PublicPolicy #EuropeanCommission #CyberSecurity #EuropeanUnion
Lunch breaks are for going to the public library to pick up new books for the cold and rainy weekend.
#publiclibrary #stadtbibliothek #stuttgart #bookstodon #Bookwyrm
#feditips You can see the #local feed of another instance by going to their `/public` page, if you are not logged into that instance.
For example https://mastodon.art/public or https://infosec.exchange/public.
This is saving me from having a dozen mastodon account 
HOLY GUACAMOLE 
See you all at Black Hat Europe 2022 in London next month. 
#BHEU #BHEU2022
HUGE thanks to #WiCyS for making this happen 
Happy friday everyone!
Looking forward to tomorrow's #devsecops #germany #meetup "Defeating Ransomware Attacks With Security Chaos Engineering".
It's virtual, so do join if you can at 12pm CEST 
https://www.meetup.com/devseccon-germany/events/289063480/