We Hack Purple is a Community for IT Professionals to learn how to secure software.
#appsec #devsecops
π€Need help choosing #AppSec priorities? Not sure where to start?
π‘Join Tanya Janca and Eric Sheridan of Tromzo on June. 22nd to learn about effective AppSec prioritization!
Save your spot before it is too late:
https://www.linkedin.com/events/7067184655124312064/about/?invite=false&sAtp=&sTrk=&sV=&showRequesters=false&showShareByPost=false
π€ Are you ready to learn about Mobile App Security Testing (MAST)?
π If so, Join Ryan Lloyd of Guardsquare on May 30th to dive into this topic!
πRSVP in the community: https://community.wehackpurple.com/events/mobile-app-security-testing-for-developers
πRSVP with our newsletter: https://newsletter.wehackpurple.com/mobile-app-testing-for-developers
πTOMORROW!
π Are you taking Practical TLS with Ed Harmoush?
π€© Join We Hack Purple's upcoming live stream at 2:00 pm PT to have all your burning course questions answered!
RSVP in the community: https://community.wehackpurple.com/events/practical-tls-student-qa-session?instance_index=20230518T210000Z
RSVP with our newsletter: https://newsletter.wehackpurple.com/practical-tls
π€© For episode 75 of the #WHPPodcast, host Tanya Janca was joined by special guest Enno of Semgrep to discuss all things static analysis!
π€ Ready to learn something new? Click here: https://youtu.be/orCFaT9uOO8
Thank you to our amazing sponsors, Day of Shecurity!
Everyone wants to create a positive security culture, but where do you start? π€
Hear from Ray Espinoza of Inspectiv as he dives into this topic in episode 74 of the #WHPPodcast with host #Shehackspurple!
Thank you to our amazing sponsors, dayofshecurity!
π€© It is time for another #WHPCommunity event!
πͺ Join Ed Harmoush on Thursday, May 4th, at 9:00 am PT, for an exclusive live stream on exploring SSL, TLS, and Web Security!
RSVP in the community: https://community.wehackpurple.com/events/exploring-ssl-tls-and-web-security
RSVP via our newsletter: https://newsletter.wehackpurple.com/exploring-ssl-tls-websecurity
For episode 71 of the #WHPPodcast #Shehackspurple was joined by special guest Ariel Shin to discuss the following:
π Threat modelling
π Influence
π Persuasion
π Other communication skills needed to be an effective #AppSec person
Check it out: https://youtu.be/DnmZKYbwKi8
π New blog post alert!
Secrets are what computers use to authenticate to other computers. A secret can be a password, an API secret, a certificate, a hash, a connection string, etc.
Learn about Preventing Secrets in Code from #Shehackspurple: https://shehackspurple.ca/2023/04/10/preventing-secrets-in-code/
π It is officially time for another #WHP blog post!
π‘Learn about Lack of Resources & Rate Limiting as part of the OWASP API Security Top Ten, 2019 version, from #Shehackspurple
π This post is part 4 of a 10-part series; stay tuned for more!
https://wehackpurple.com/api42019-lack-of-resources-amp-rate-limiting/
Ready to learn how you can do secrets management better with OWASP WrongSecrets?
Join Jeroen Willemsen and Ben De Haan this Friday, March 31st, for an interactive live stream!
RSVP in the community: https://community.wehackpurple.com/events/dont-make-the-same-mistakes-we-did-how-you-can-do-secrets-management-better-with-owasp-wrongsecrets
RSVP with our newsletter: https://newsletter.wehackpurple.com/owasp-wrongsecrets
πͺ The WHP Academy is gearing up for a new course!
π€© Get an introduction to Intelligence and Technical report writing frameworks, best practices, and accepted standards from Joe Gray!
π Want access to our early-bird promotion? Sign up below!
https://newsletter.wehackpurple.com/iirw-early-bird
Exciting news!
#Shehackspurple will be speaking at the 3rd annual Purple Hats Conference on April 6th! Check it out - it's free, virtual, and full of cybersecurity technical topics, leadership ideas and best practices.
Register: www.purplehats.org
π New blog post alert!
Did you miss yesterday's issue of the #WHPNewsletter?
If so, click the link below to check out our new blog post on broken user authentication!
Ready to learn something new? Read now: https://wehackpurple.com/api22019-broken-user-authentication/
For episode 67 of the WHP Podcast, host #Shehackspurple was joined by Jeremy Ventura of ThreatX!
During the episode, the two discussed how to help underrepresented groups get into #cybersecurity and more!
Check it out: https://youtu.be/OEE25NuTjXI
Sponsored by The Diana Initiative! π
πNext week!
Join Shay Levi of Noname Security in the #WHPCommunity on Thursday, March 23rd at 9:00 am PT to explore the complete Noname API Security platform! πͺ
RSVP in the community: https://community.wehackpurple.com/events/explore-the-complete-noname-api-security-platform?instance_index=20230323T160000Z
RSVP through our newsletter: https://newsletter.wehackpurple.com/noname-security-demo
The Diana Initiative is pleased to announce that @wehackpurple is a Rainbow level #sponsor of the #TDI2023 in-person Las Vegas event on August 7, 2023.
Our generous sponsors allow us to continue our commitment to helping all those #underrepresented in Information #Security.
Thank you https://wehackpurple.com/
To become a sponsor, #volunteer, and register for the event visit: https://lnkd.in/ebcd3Jr
Exciting news!
WiCyS has just opened its mentor and mentee program for the year. Prepare for advancement at all levels of your cybersecurity career by applying today!
Applications close on March 22nd; apply before it is too late:
https://www.wicys.org/initiatives/mentorship/?fbclid=IwAR0nUBKGp1F4YC45BKoUMzLSnV7FZ3bpxONjr-Rb7W38Is5un4e429WNhPE
I just interviewed the amazing @ScottHelme for the @wehackpurple podcast, and I used his securityheaders.com website to scan #CRA 's login page for "My Account", and it got an F.
I'm hoping my insistence in pointing these things out will lead to better security for Canadian Taxpayer's Data.
Learn how shadow and rogue APIs are discovered and scanned for misconfigurations and vulnerabilities by joining special guest Shay Levi at our upcoming #WHPCommunity event! πͺ
RSVP in the community: https://community.wehackpurple.com/events/explore-the-complete-noname-api-security-platform?instance_index=20230323T160000Z
RSVP through our newsletter: https://newsletter.wehackpurple.com/noname-security-demo
We are only a few short weeks away from the privacy & data governance congress in Ottawa! πͺ
#Shehackspurple will be live at this fantastic event to deliver her talk, Thereβs No Privacy Without Security.
Get your tickets: https://pacc-ccap.ca/events-2/congress2023/?fbclid=IwAR2yETzCdnCaRGbg-alB20yTItcZKd0YTAWQDYmDu4sYProhJPiIi14aLtM
