[NEWS] Open Source Security Foundation Announces Education Courses and Participation Initiatives to Advance its Commitment to Securing the World’s Software Infrastructure #opensource #security #openssf openssf.org/press-release/…

The Web Security Academy by PortSwigger is such an excellent source for learning #websecurity. It's the first thing I recommend when I'm asked "How to start learning Web Security". Turns out they now have a learning path and a new OAuth2 authentication topic! portswigger.net/web-security/l…

This is a great opportunity to work on an awesome team! Marcin was my manager for more than 2 years and it was always a pleasure to work with him.

#realworldcrypto just started. I've been attending this conference since 2017 and it's always such a great experience. This year it's also live streamed on YouTube

I really like how the feedback loop here is closed after a #security issue has been found and fixed: r2c.dev/blog/2020/fixi… This is, IMO, how code analysis is best deployed in CI/CD pipelines. Enforcement of safe coding practices > vulnerability scans.

This thread made my day.

Our #vulnerability management team is growing!

My website has a new layout and the first blog is in. If you're looking at storing sensitive data in the browser, learn about the different options and the security guarantees they offer: evasar.io/secure-browser… #XSS #security #javascript

Hey, front end devs! Learn which browser storage options are secure, and which ones are vulnerable to XSS attacks in this @Auth0 blog post by Eva Sarafianou. It comes complete with demo apps showcasing local, session, and in-memory storage. auth0.com/blog/secure-br…

✨Meet Eva Sarafianou a Senior Product Security Engineer Auth0 in this clip Eva talks about how she got to where she is today. Eva will be speaking about Threat Modeling in the “Shift Security Left” era at ftwconf.com For the whole interview -> ftwconf.com/inspiring-stor…

Join me tomorrow at FTWConf where we'll celebrate the International Women's Day! I'll be speaking about Threat Modeling and how it can help shift security left. The talk is introductory level, no prior experience to Threat Modeling is needed. #ftwconf #threatmodeling

I passed the #aws Certified #Security - Specialty exam this week. Expect a blog about the studying and exam experience soon!

This post about secrets storage in the browser by Eva Sarafianou from Auth0 is top-notch 👌🏽 auth0.com/blog/secure-br…

My speaker's #FTWConf swag box arrived and it's full of goodies. Thank you Auth0 and Microsoft! As a reminder, my #threatmodeling talk recording is available at ftwconf.com/security/threa….

Since the Log4J vulnerability news broke, Auth0 has been reviewing our platform for potential exposure. And at this time, we see no direct impact on the Auth0 Identity Platform. We will continue to monitor and investigate the situation.

Join me on June 14th at DevSecCon24!

It's DevSecCon 24 tomorrow! @mattj_io is hosting the EMEA section with some amazing speakers, and the agenda is overall amazing with talks from Tanya Janca | Shehackspurple Matteo Rosi Steve Giguere Rotem Bar Joni Klippert Eva Sarafianou and so many others RSVP quick 👉 devseccon.com/events/devsecc…

.Eva Sarafianou at Auth0 shares the lessons she learned from scaling a product security program from startup to acquisition. "Security partnerships may have scaling issues, but investing in Security Champions is the key!" 🔑 #DSC24 🔗: bit.ly/3zyMKef